Grant Permission base on Scheme ?
Is there any way to grant permission base on scheme ??
e.g.
I want to allow user to select all table in another scheme. Beside grant permission for each table one by one, is there any way to do this ??
There is no single privilege grant for this-- you'll have to grant privileges on individual objects. Of course, you can script these grants using a few lines of PL/SQL, i.e.
DECLARE
sqlStmt VARCHAR2(1000);
BEGIN
FOR x IN (SELECT * FROM user_tables)
LOOP
sqlStmt := 'GRANT SELECT ON ' || x.table_name ||
' TO <<another user>>';
EXECUTE IMMEDIATE sqlStmt;
END LOOP;
END;Justin
Distributed Database Consulting, Inc.
http://www.ddbcinc.com/askDDBC
Similar Messages
-
Grant permission to all objects of a schema to apps user(Oracle 10g)
Dear Fiiends,
I would like to grant permission on all objects of a particular schema to apps user(Oracle 10g).How do I do it?
(ex)grant all on <schemaname>.<objectname> to apps with grant option.
This is the permission i want to give but i can't do it for all objects one by one so how do i do it in a single command.
Regards,
ArunYou can't do it in a single command. You have to give object-by-object privileges (you could grant something like SELECT ANY TABLE, but that applies to every schema in the database and is generally a rather bad idea). You can, however, use a bit of dynamic SQL to do the job, i.e.
FOR x IN (SELECT * FROM user_tables)
LOOP
EXECUTE IMMEDIATE 'GRANT ALL ON schema_name.' || x.table_name || ' TO apps WITH GRANT OPTION';
END LOOP;You can do the same with other object types, hit DBA_TABLES rather than USER_TABLES if you don't want to run this as the object owner, etc.
Justin -
Hi,
One of my team member has created a schema "CUSTOMER". I have access to SYSTEM user and unable to see that schema "CUSTOMER" under catalog objects. I am unable to grant access to other schema members using SYSTEM user or my own user because the schema is originally created by other team member.
I get an error "Could not grant privilege 'SELECT' on 'CUSTOMER'. You are not authorized to perform the required actions"
Can someone tell me how to grant access.
Regards.
AnjanHi Anjan,
Granting the access to a schema to other users is possible only from the dbuser using which the schema was created.
In your case, you should login to the system with the user which created the schema "CUSTOMER" and from that user you should be able to grant access to "CUSTOMER" schema to SYSTEM user and your USER.
Regards,
Rashmi -
Grant permission through dynamic parameters entered by user through web app
This is my code.
f1=request.getParameter("URL");
out.println("parameter f1 ===>"+f1);//user name
f2=request.getParameter("URL1");
out.println("parameter f2 ===>"+f2);//table name
f3=request.getParameter("URL2");
out.println("parameter f3 ===>"+f3);//privilege name
sql="GRANT f3 to \"" + f1 + "\""+"on \""+f2+"\"";
st= con.createStatement();
st.execute(sql);
out.println("grant succeeded");
it is giving error that invalid SQL query.please help in writing this code.Any other method for giving dynamic SQL query for granting permission.Welcome to the forum!
>
Any other method for giving dynamic SQL query for granting permission.
>
You should NOT be using dynamic SQL for issuing grants. Security is something that should be taken seriously and grants should ONLY be given to users that need the permission. The necessary grants should be created and reviewed BEFORE they are executed.
Best practices are to create scripts containing your DDL and place those scripts in a version control system.
The scripts can then be executed in sql*plus, sql developer or another tool and the results reviewed to ensure that they executed properly.
If dynamic SQL is needed you:
1. create a sql statement manually and test it to make sure it works properly
2. create the code to assemble similar statements and VIEW the output DDL to make sure that it is valid
3. add exception handling and security handling to the code so that is can only be used for the intended operations and is not subject to SQL injection.
4. manually execute the DDL produced by the code to make sure there are no syntax errors.
Clearly you did not even test your SQL before trying to write code to produce it or you would have known your syntax is invalid.
>
sql="GRANT f3 to \"" + f1 + "\""+"on \""f2"\"";
>
>
it is giving error that invalid SQL query.
>
Of course it is. That code might try to produce the equivalent of:
GRANT select to "scott" on "hr.employees";There are SEVERAL errors in that code.
1. You are enclosing the SCHEMA in double-quotes. That means the actual user name will be treated as case-sensitive. So if someone provides 'scott' it will be considered lower-case. There is NO user "scott" in Oracle unless you created that user yourself and used double-qoutes to preserve the case.
ALL of the schemas created by Oracle, and most users, are UPPER case. So your code will not find any name if the user supplies a LOWER case or mixed-case value.
2. You are enclosing the target schema and object name in double quotes. There are two things wrong. The same case issue applies again. And the string "hr.employees" will be treated as ONE value. The proper way to quote such a value is:
"HR"."EMPLOYEES"3. You have the DDL components in the wrong order, hence it is invalid. The ON clause comes BEFORE the target schema.
GRANT select to on hr.employees to scott;See the SQL Language doc for the GRANT statement
http://docs.oracle.com/cd/B28359_01/server.111/b28286/statements_9013.htm
All of the issues you have demonstrate why you should NOT be using dynamic SQL to do DDL. You don't understand the syntax so you can't write code to implement that syntax.
The syntax is much more complex than the siimple code you are trying to use.
Grant statements often need to include "SCHEMA.OBJECT" syntax and your code makes no provision for that.
DDL needs to be tightly controlled and doing it in code can create huge, gaping security holes.
Abandon your method and use prepared scripts for the DDL commands you need to execute. -
Hi All,
We are installing AIA FP 11.1.1.7 on SOA Suite 11.1.1.7(no patch has been applied, after SOA Suite ODI 11.1.1.7 is installed on it) this is for AIA Comms 11.4 PIP. Below error can be seen in oracle inventory logs while installing AIA FP11.1.1.7 -
BUILD FAILED
/u02/app/Oracle/Middleware/AIAHOME/Infrastructure/Install/AID/AIAExecuteDriver.xml:223: The following error occurred while executing this line:
/u02/app/Oracle/Middleware/AIAHOME/Infrastructure/Install/AID/AIAExecuteDriver.xml:65: The following error occurred while executing this line:
/u02/app/Oracle/Middleware/AIAHOME/aia_instances/DEVAIA/tmp/AIDExecuteDP_temp_2130290318.xml:12: The following error occurred while executing this line:
/u02/app/Oracle/Middleware/AIAHOME/Infrastructure/Install/AID/lib/AIDConfigurationLibraryTasks.xml:298: java.sql.SQLSyntaxErrorException: ORA-01031: insufficient privileges
Also before this i can see,
[exec] Command FAILED, Reason: JPS-04201: Cannot grant permission(s). Grant already exists for grantee [GranteeEntry: codeSource=file:${soa.oracle.home}/soa/modules/oracle.soa.ext_11.1.1/classes/oracle/apps/aia/core/util/- principals=[]].
[exec]
[exec] WARNING!!! Grant already exists for grantee.
[exec] No stack trace available.
[exec] Disconnected from weblogic server: AdminServer
[delete] Deleting: /u02/app/Oracle/Middleware/AIAHOME/aia_instances/DEVAIA/tmp/keyFile
[delete] Deleting: /u02/app/Oracle/Middleware/AIAHOME/aia_instances/DEVAIA/tmp/propFile
Also,
In processFieldStringXREF Admin Password
In processFieldStringJMSDB Temporary Tablespcae
In processFieldStringInvalid Database Schema name - Is this an error
In processFieldStringAIA Lifecycle Port
In processFieldStringAIADB SYS. USER
In processFieldStringInvalid Database Schema name
In processFieldStringJMSDB Default Tablespcae
In processFieldStringXREF SYS. USER
do anyone had idea on it, we are installing on Solaris SPARC machine.
Thanks and Warm Regards,
RR -
Grant Permission on Recordtype
I have a recordtype RIB_XCostChgHrDtl_REC in 1 schema. In another schema I require to use it.
For granting permission I have used the following :
SQL> grant all on RIB_XCostChgHrDtl_REC to obiee;
grant all on RIB_XCostChgHrDtl_REC to obiee
ERROR at line 1:
ORA-01775: looping chain of synonyms
SQL> grant execute on RIB_XCostChgHrDtl_REC to obiee;
grant execute on RIB_XCostChgHrDtl_REC to obiee
ERROR at line 1:
ORA-01775: looping chain of synonyms
What can be the possible solution to this problem?I did this query
SQL> create public synonym RIB_XCostChgHrDtl_REC for RIB_XCostChgHrDtl_REC;
create public synonym RIB_XCostChgHrDtl_REC for RIB_XCostChgHrDtl_REC
ERROR at line 1:
ORA-00955: name is already used by an existing object
SQL> drop synonym RIB_XCostChgHrDtl_REC;
drop synonym RIB_XCostChgHrDtl_REC
ERROR at line 1:
ORA-01434: private synonym to be dropped does not exist
so some other prob is there.. -
Unexpected error while granting permission in site permission !
Hello,
While granting permission to user in site permission it throws unexpected error in IE while in chrome it works perfect !
Any idea ?
Thank you in advance !
Dipti ChhatrapatiHi Dipti,
I agreed with Scott, please check the log file to find more information based on the correlation ID.
More information about checking log based on correlation ID, please refer to the link:
http://mroffice365.com/2011/09/using-correlation-id-to-find-out-sharepoint-problem/
In addition, whether you used the same account when using the IE and Chrome.
Which version did you use for IE? Please try to use IE 10 32-bit, compare the result.
Make sure that account you used in IE have manage permission on the site.
Please add the site into IE Trusted Site, compare the result.
Best Regards,
Wendy
Forum Support
Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
[email protected]
Wendy Li
TechNet Community Support -
How add grant permission in java.policy
hi master
sir serch in my system
C:\Program Files\j2sdk_nb\j2sdk1.4.2\jre\lib\security
C:\Program Files\j2sdk_nb\_jvm\lib\security
C:\Program Files\Java\j2re1.4.1_03\lib\security
C:\Program Files\Java\jre1.5.0_10\lib\security
sir i have many java.policy file which one is default java.policy file
how i add the code
permission java.util.PropertyPermission "java.version", "read";
permission java.util.PropertyPermission "java.vendor", "read";
permission java.util.PropertyPermission "java.vendor.url", "read";
permission java.util.PropertyPermission "java.class.version", "read";
permission java.util.PropertyPermission "os.name", "read";
permission java.util.PropertyPermission "os.version", "read";
permission java.util.PropertyPermission "os.arch", "read";
permission java.util.PropertyPermission "file.separator", "read";
permission java.util.PropertyPermission "path.separator", "read";
permission java.util.PropertyPermission "line.separator", "read";
permission java.util.PropertyPermission "java.specification.version", "read";
permission java.util.PropertyPermission "java.specification.vendor", "read";
permission java.util.PropertyPermission "java.specification.name", "read";
permission java.util.PropertyPermission "java.vm.specification.version", "read";
permission java.util.PropertyPermission "java.vm.specification.vendor", "read";
permission java.util.PropertyPermission "java.vm.specification.name", "read";
permission java.util.PropertyPermission "java.vm.version", "read";
permission java.util.PropertyPermission "java.vm.vendor", "read";
permission java.util.PropertyPermission "java.vm.name", "read";
and this code
grant codeBase "C:\Program Files\j2sdk_nb\j2sdk1.4.2\jre\lib\security
permission java.security.AllPermission;
give me idea how i add my code in java.policy file of using the oracle database in applete
thank
aamirin the control panel see what runtime is used by ur applet, mostly the lastest one u installed.
C:\Program Files\Java\jre1.5.0_10\lib\security
in this folder grant permission for the codebase where ur database is located. -
How to grant permission to user to access Lync 2013 OcsPowerShell
I'm writing script for our first line for creating Lync users. I need give access to connect to https://lyncpool.domain.local/OcsPowerShell via powershell. Only users in CSAdministrator group have permission to connect, but this group have to much
privileges. I created custom group with custom permissions and I need grant permission to this group to access OcsPowerShell.Try giving them CsUserAdministrator RBAC membership. They should be able to run the following cmdlets to manage the users only:
Disable-CsUser
Enable-CsUser
Get-CsAdUser
Get-CsUser
Get-CsUserClusterInfo
Move-CsUser
Move-CsLegacyUser
Set-CsUser
Grant-CsClientPolicy
Grant-CsClientVersionPolicy
Grant-CsConferencingPolicy
Grant-CsDialPlan
Grant-CsExternalAccessPolicy
Grant-CsHostedVoicemailPolicy
Grant-CsLocationPolicy
Grant-CsPinPolicy
Grant-CsVoicePolicy
Get-CsArchivingPolicy
Get-CsClientPolicy
Get-CsClientVersionPolicy
Get-CsConferencingPolicy
Get-CsExternalAccessPolicy
Get-CsHostedVoicemailPolicy
Get-CsLocationPolicy
Get-CsPinPolicy
Get-CsVoicePolicy
Get-CsClientPinInfo
Unlock-CsClientPin
Lock-CsClientPin
Set-CsClientPin
Get-CsClientVersionConfiguration
Get-CsDialPlan
Get-CsSite
Get-CsComputer
Get-CsNetworkInterface
Get-CsPool
Get-CsService
Get-CsSipDomain
Revoke-CsClientCertificate
If this helped you please click "Vote As Helpful" if it answered your question please click "Mark As Answer" | Blog
www.lynced.com.au | Twitter
@imlynced -
Grant Permission In Access Database
Hello All
How to set Grant Permission in Access Database, I get an error here
what's wrong in my SQL syntax?
Best Regard
Xan ToHello Matthias Kläy
I Have try your code and I get an error
this my code
Imports System.Data.OleDb
Imports System.Data
Imports ADOX.ObjectTypeEnum
Imports ADOX.ActionEnum
Imports ADOX.RightsEnum
Public Class Form1
Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
Dim cat As ADOX.Catalog
Dim grp As New ADOX.Group
Dim Builder As New OleDb.OleDbConnectionStringBuilder
Try
With Builder
.Provider = "Microsoft.ACE.OLEDB.12.0"
.DataSource = "C:\Users\Xan To\Desktop\Test.mdb"
End With
'Using cn As New OleDb.OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;Data Source=C:\Users\Xan To\Desktop\Test.mdb; Jet OLEDB:System Database=system.mdw;")
Using cn As New OleDb.OleDbConnection
With cn
.ConnectionString = Builder.ConnectionString
End With
Using cmd As New OleDb.OleDbCommand
With cmd
.Connection = cn
.CommandText = "GRANT SELECT ON TABLE MSysObjects TO PUBLIC"
End With
cn.Open()
'cmd.ExecuteNonQuery()
cat = New ADOX.Catalog
cat.ActiveConnection = cn
grp.Name = "Public"
cat.Groups.Append(grp)
grp.SetPermissions("MSysObjects", adPermObjTable, adAccessGrant, adRightRead)
End Using
End Using
Catch ex As Exception
MessageBox.Show(ex.ToString)
End Try
End Sub
End Class -
Set Grant Permission to table in Access Database
Hello All,
How to set grant permission in Access 2003 Database. I am using Microsoft ACE OLEDB 12.0 Connection String, Using System.Data.OleDb Component and want to set Grant DELETE, INSERT, PROCEDURE, SELECT, UPDATE ON MSysObjects TO Admin
Best Regard
Xan ToHello Kevin And Paul
I have tried what you all say, but I get an error like this
this my code:
Private Sub Form1_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
Dim Builder As New OleDb.OleDbConnectionStringBuilder
Try
With Builder
.Provider = "Microsoft.ACE.OLEDB.12.0"
.DataSource = "C:\Users\Xan To\Desktop\Test.mdb"
End With
'Using cn As New OleDb.OleDbConnection("Provider=Microsoft.Jet.OLEDB.4.0;Data Source=C:\Users\Xan To\Desktop\Test.mdb; Jet OLEDB:System Database=system.mdw;")
Using cn As New OleDb.OleDbConnection
With cn
.ConnectionString = Builder.ConnectionString
End With
Using cmd As New OleDb.OleDbCommand
With cmd
.Connection = cn
.CommandText = "GRANT SELECT ON TABLE MSysObjects TO Admin"
End With
cn.Open()
cmd.ExecuteNonQuery()
End Using
End Using
Catch ex As Exception
MessageBox.Show(ex.ToString)
End Try
End Sub -
How do I grant permission in privacy setting?
Ever since updating to iOS7, any apps that require permission in my privacy setting are not actually showing up under the privacy setting. For example, if I want to use Instagram, it won't access my photo albums. It says to grant permission under settings>privacy>photos. When I do that, there are no apps listed requesting permission to access my photos. Any ideas/suggestions? Thanks in advance!
I had a similar issue and to solve it I simply erased the app and redownloaded it and when it initally asks for permission in a pop up be sure to say yes.
I am sure there is a more technical solution for this issue but I have not been able to find one. Let me know how this works for you
Regards,
Jake -
I am writing an applet which needed to read and write files with user's local machine, so i need to grant the permissions.
It seem the only way to grant the permissions for applets is needed user have some manually setup before running the applet. (Either modify the security policy
file or and add trust cert. ).
but i see some applets in the web and grant permission by a pop-up dialog
and user only need to answer "yes" or "no". how can they do this? is this supported by Java Plug-in? and How can i do it ??Without policy file in your own class you can do this (i think NS only):
(import netscape.security.PrivilegeManager;)
try {
PrivilegeManager.enablePrivilege("UniversalLinkAccess");
System.out.println("\tUniversalLinkAccess Success!");
PrivilegeManager.enablePrivilege("UniversalPropertyWrite");
System.out.println("\tUniversalPropertyWrite Success!");
PrivilegeManager.enablePrivilege("UniversalPropertyRead");
System.out.println("\tUniversalPropertyRead Success!");
} catch (netscape.security.ForbiddenTargetException e) {
System.out.println(
"\tFailed! Permission to read system properties denied by user.");
} catch (Exception e) {
System.out.println("\tFailed! Unknown exception while enabling privilege.");
e.printStackTrace(System.out);
} -
Grant Permission in BPEL Domain
I,
i need the execute the command to grant permission in domain BPEL:
java -Xbootclasspath/a:/home/oc4j/bpel/lib/orabpel-boot.jar -jar jazn.jar -shell -grantperm jazn.com -role BPMsoaAdminDomainAdmin com.collaxa.security.DomainPermission soaAdmin all
but i execute said that not found the 'chass java.lang.NoClassDefFoundError: com.evermind.security.UserManager', and i find this class in security-api.jar, but in't find this jar to download.
Thanks,
MestiDont see BPMsoaAdminDomainAdmin role in jazn. Anyhow u can create the user and assign the role from EM also along with the command line utility.
ApplicationServer > OC4J > SecurityProviders >InstanceLevelSecurity
Thanks -
How to revoke and grant permission in java using Security Manager ??
I like to revoke and grant permission through java code..can anybody give me a sample code.
Discussion is here:
http://forum.java.sun.com/thread.jspa?threadID=731363
Maybe you are looking for
-
Hello! So i'm not super computer savvy so bear with me. I just bought an external hard drive for my ibook and I believe I transferred everything to the external from my laptop. But, I'm having trouble finding all of my photographs on the external har
-
Upgrade from macbook to macbook Pro: How to move UNIX programs?
I am thinking of upgrading from my intel macbook to a C2D macbook Pro. I know that I can use the migration assistant to move all my User files and Applications over to the new machine. But, is there a way to move all my installed UNIX programs, such
-
Socket Schema Translation Error when trying to use Socket Adapter in BPEL
Hi, I am trying to use Socket Adapter in BPEL. I made 2 SOA Projects SOA Application Project 1: Socket Server (Inbound Synchronous Request/Reply). The option for 'Native Format translation is not required(Schema is Opaque)' is unchecked .i.e. XSD is
-
Architecture: obtain information about the loading of my infocube ?
Hi, I want to make a Java application which loads information about my infocube like last successull loading, number error records for the last loading, the possibility to display these error records from the PSA ... is it possible with WD ? Any idea
-
hello !! I want some help to make a flash gallery the gallery is in this site: http://www.silversteinproperties.com/ I make buttons for the thumbnails.. but I need the code, can you give me help, some tutorial or something?? Thanks a lot Bruno