Grant tables/views to other user

Similar Messages

• Any way to create a form that allows users to create profiles that can be viewed by other users?

  I'm working on a social media site, and I would like to give users the ability to create simple profiles that can be viewed by other users. Is there any way I can do this in Muse CC? Any good resource websites with code I can embed?

  Muse form widgets can only email the form submission data to a specified email address for non-BC hosting at this time. For BC with webCommerce plan and above, this should be possible with the help of webApps however, that is an advanced topic and would require some knowledge of CMS and HTML to implement <http://helpx.adobe.com/business-catalyst/partner/web-apps.html>.
  Also this will not be possible with Muse on its own as Muse outputs static pages only and what you are looking for requires backend technology to work (that BC offers).
  Thanks,
  Vinayak

• SQL Developer and Blocking View of Other Users' Objects

  I am using SQL Developer in a classroom environment. My student users can “see” Other Users objects. They cannot modify, but none the less can see the structure and data.
  I only want the users to be able to see their own objects. Is there a privilege that needs to be revoked? (In using SQL Plus command line, this was not a problem.)
  Thanks.
  -Karen

  Karen,
  From sysdba account (sys/system). Run following and verify for that particular user grant is revoked. May be exit from sql developer and log back in or refresh view.
  YOu can also potenially revoke all the privs from all non admin uses i.e.r even connect/resource roles and grant them back.
  revoke select any table from yourschemaname;
  revoke connect from schemaname;
  revoke create session from  schemaname;
  revoke resource from schemaname;
  Then just grant privs as need basis
  grant connect to schemanme;
  grant resource to schemaname;
  grant create session to schemaname;
  ..Regards
  Edited by: OrionNet on Jan 23, 2009 2:01 PM

• I cannot see other user's tables via the OTHER USERS link

  I'm using SQL Developer version 1.5.0.53 Build MAIN-53.38.
  I log into the database as a user who has SELECT access to tables in other schemas via a ROLE.
  In the SQL window, I can select from those other tables as I expect.
  But, when I go down to the bottom of the screen and expand the Other Users link and then go down to one of the schemas that my account can select from,
  no tables appear.
  I've tried a couple of things so far to no avail.
  1. I first granted SELECT ANY TABLE to my account. I then killed my SQL Developer session and started a fresh session. I'm seeing the same results.
  2. I saw a post in here that said I needed to grant SELECT on the ALL_USERS view. So I removed the SELECT ANY TABLE privilege and granted the SELECT on
  ALL_USERS to my account. Once again, I killed the SQL Developer session and re-logged in. Same results.
  Is this a bug?
  Thanks,
  John

  well, it turns out I'm not as dumb as I though. My end user could still not select from other user's Materialized Views. Some more research showed that granting either SELECT ANY TABLE or SELECT_CATALOG_ROLE fixed the problem for him. I'm sure that a more restrictive grant on one of the DBA_ tables would also work (probably DBA_MVIEWS) but I've not tried that.

• Permissions issues on views referencing other users [solved]

  Hi,
  I've hit a (for me) unexplainable problem;
  Situation:
  - Table T in schema A
  - View V in schema B, referencing the table T from schema A (B has SELECT/REFERENCES privileges on table T)
  - User C gets ORA-01031 when trying to SELECT from view V (C has SELECT/REFERENCES privileges on V and T)
  In my eyes, user C has more privileges than needed to get the results from view V. Nevertheless, Oracle thinks he has insufficient privileges.
  Anyone catches what I'm missing or bumped into the same issue?
  Thanks for any comments,
  K
  (10.2.0.2 Linux 64bit Enterprise)

  A wouldn't give access WITH GRANT OPTION to B if B wasn't trusted to
  propagate to other users, but what if he isn't?
  I'm not saying WITH GRANT OPTION is bad, it's actually very useful in
  probably 99% of the cases. I just don't know why it's enforced to be used.I'm not understanding what you're not understanding.
  When A grants SELECT on a table to B what they are granting is permission for B and B only to see that data. If B wants a third user C to view A's data there are two options:
  (1) B asks A to explictly grant SELECT to C
  (2) B asks A to grant them SELECT WITH GRANT OPTION
  It doesn't matter whether B wants C to have direct access to A's table or to mediate it through a view of their own, B cannot grant privilege's on A's data to anybody else unless A approves it.
  The advantage of granting SELECT WITH GRANT OPTION to B is that A doesn't have to bother issuing lots of grants to people B wants to share with. The downside is that B has to be trusted. If B turns out to be untrustworthy then REVOKE SELECT FROM B must withdraw access not only from B but from every other user who was granted by B.
  Note that even if A has grant SELECT to C, if A revokes SELECT WITH GRANT OPTION from B than C will not be able to use B's view on A's table either though C can directly select the data from A's table....
  SQL> conn a/a
  Connected.
  SQL> grant select on t to b with grant option
    2  /
  Grant succeeded.
  SQL> grant select on t to c
    2  /
  Grant succeeded.
  SQL> conn b/b
  Connected.
  SQL> grant select on v to c
    2  /
  Grant succeeded.
  SQL> conn c/c
  Connected.
  SQL> select * from b.v
    2  /
          C1 C
           3 C
  SQL> conn a/a
  Connected.
  SQL> revoke select on t from b
    2  /
  Revoke succeeded.
  SQL> conn c/c
  Connected.
  SQL> select * from b.v
    2  /
  select * from b.v
  ERROR at line 1:
  ORA-04063: view "B.V" has errors
  SQL> conn a/a
  Connected.
  SQL> grant select on t to b
    2  /
  Grant succeeded.
  SQL> conn c/c
  Connected.
  SQL> select * from b.v
    2  /
  select * from b.v
  ERROR at line 1:
  ORA-01031: insufficient privileges
  SQL> select * from a.t
    2  /
          C1 C
           1 A
           2 B
           3 C
  SQL> So the architecture is quite watertight. Perhaps the problem is that this is not how it's working in your production system. But I would be very surprised if your production system was broken in the way you describe. More likely is that there is some missing part of the jigsaw. But without a complete dump of your system's granted privileges it is hard for us to say what's wrong.
  Cheers, APC
  Blog : http://radiofreetooting.blogspot.com/

• Granting table privileges on another users tables

  Can anyone tell me what privilege needs to be granted to a user to be able to grant insert/update/select/delete/execute on another users tables/packages?
  I had thought that 'grant any privilege' was the one to have... and - the user I am trying to use to grant the privileges on the other users schema has this however - I'm still getting : ORA-01031: insufficient privileges when trying to run the grants.
  Any ideas what I'm doing wrong here?

  Ok... well...
  The 'with grant' option doesn't appear to be the issue.
  The user attempting to perform the grants:
  i.e. GRANT SELECT ON user_2.table_1 TO view_role
  has the 'grant any object privilege' and - that seems to be enough. When I run the statement above as a simply as typed - it works fine.
  However - what I'm actually doing is concatenating that together in a string and running (from a package created by/as user_1) and doing an execute immediate...
  i.e.
  l_sql := 'GRANT ' || l_rec.privilege || ' ON ' || l_rec.owner || '.' || l_rec.table_name || ' TO ' || p_role;
  EXECUTE IMMEDIATE l_sql;
  And - it's this that's giving me the insufficient privileges...
  I do not have invokers rights set on the package - so that shouldn't be an issue. And - I can't find any documented restriction on doing this (and - in fact - it works fine if I create the package as user_2 and run it as user_2 - the owner of the objects).
  I'm at a loss.

• How to view / edit other users subscriptions to reports via report admin user ?

  Is there a built-in GUI means or power tool to access a list of all the users' subscriptions to reports in SQL 2012 ?
  It seems that report admin can only view his own subscriptions, same as any other user via "my subscriptions", but no found option for report admin user to view or manage susbcriptions of other users.
  How would u recommend to view the list of all the subscriptions to reports in SSRS, and as necessary to
  also manage them ?
  p.s. Is there a GUI for this in SQL 2014 ?
  Thanks

  Hi moital,
  According to your description, you want to access a list which contains all users subscriptions and edit them. Right?
  In Reporting Services, we have a table named "Subscription" in the ReportServer database. It includes all the information of each subscription. Please go to SQL Server Management Studio and try the query below in ReportServer database:
  select c.UserName,b.SubscriptionID,a.ItemID ReportID,a.Path,a.Name ReportName
  from Subscriptions b inner join Catalog a on a.ItemID=b.Report_OID inner join Users c on b.OwnerID=c.UserID
  It will return us each subscription with corresponding ReportName, UserName and Path:
  Then we can go to the Report based on the path if we need to edit the subscription. We don't have build-in GUI for any version SQL, but this can be a good method to get the list of subscriptions.
  If you have any question, please feel free to ask.
  Best Regards,
  Simon Hou
    

• To publish an output of a report to be viewed by other users

  We want to run Create Accounting program automatically at night under a special user lets say "SUPPORT".
  We want 5 users from Finance to be able to view the output of this program. They do not have access to the same responsibility from which that report was run by SUPPORT user.
  Is there any feature in R12 that you can use to publish output of a particular report to be viewed by other people? Does Role Based Access Control let you achieve this?
  Thanks.
  Edited by: user9027345 on 6-Jun-2011 6:32 AM

  Pl see these MOS Docs on how this can be achieved
  Concurrent Processing - Settings for Profile Option "Concurrent Report Access Level" (Doc ID 736547.1)
  R12 View Concurrent Requests FAQ (Doc ID 1261985.1)
  R12: Role Based Access Control (RBAC) Unable to View Output for Requests Submitted by other Users (Doc ID 862812.1)
  This topic has been discussed previously in other threads - http://forums.oracle.com/forums/search.jspa?threadID=&q=concurrent+AND+report+AND+access+AND+level&objID=c3&dateRange=thisyear&userID=&numResults=15
  HTH
  Srini

• Grant connect allows viewing of other users

  Situation:
  In SQL*Plus: Create a user, grant connect to the user. Connect as the new user and try to query dba_users. ORA-00942 error occurs (which is good).
  In Raptor, connect as the new user. Expand the users tree and now you, the new user, can see every user in the database (among other data dictionary items). That's not good, right? This occurs in the latest release (0919).

  Do you suggest that through raptor you can get access to dba objects with only connect granted? Impossible :) Try this in raptor and sql+
  select * from all_users;
  select * from dba_users;

• Grant system views to app user

  Hi all,
  11.2.0.1
  Tha batch process at night encounters lock problem hence their report generations affected and delayed.
  I give the operators this command, so that they will kill or stop the process holding the lock:
  SELECT TO_CHAR(sysdate,'DD-MON-YYYY HH24:MI:SS')||' User '||s1.username||'@'|| s1.machine||' ( SID= '|| s1.sid||
          ' ) with the statement: '||sqlt2.sql_text||' is blocking the SQL statement on '||s2.username||'@'||s2.machine||
          ' ( SID='||s2.sid||' ) blocked SQL -> '||sqlt1.sql_text AS blocking_status
     FROM Gv$lock l1,Gv$session s1,Gv$lock l2,Gv$session s2,Gv$sql sqlt1,Gv$sql sqlt2
    WHERE s1.sid =l1.sid
      AND s2.sid =l2.sid
      AND sqlt1.sql_id= s2.sql_id
      AND sqlt2.sql_id= s1.prev_sql_id
      AND l1.BLOCK =1
      AND l2.request > 0
      AND l1.id1 = l2.id1
      AND l2.id2 = l2.id2;
  But this needs system views and can not run to the app user id.
  In connection to the ruling of security audit or without breaching it , do I need to grant select to all the system views being accessed by this script to the app user, then create synonyms to it 1 by 1?
  Or is there a one time grant for all system views? So I do not need to type one  by one plus creating the synonyms so that I may not miss any?
  Thanks,
  petra k.

  f55237a7-2c38-4db3-a7a3-1d77256f0730 wrote:
  Hi all,
  11.2.0.1
  Tha batch process at night encounters lock problem hence their report generations halted.
  I give the operators this command, so that they will kill or stop the process holding the lock:
  SELECT TO_CHAR(sysdate,'DD-MON-YYYY HH24:MI:SS')||' User '||s1.username||'@'|| s1.machine||' ( SID= '|| s1.sid||
          ' ) with the statement: '||sqlt2.sql_text||' is blocking the SQL statement on '||s2.username||'@'||s2.machine||
          ' ( SID='||s2.sid||' ) blocked SQL -> '||sqlt1.sql_text AS blocking_status
     FROM Gv$lock l1,Gv$session s1,Gv$lock l2,Gv$session s2,Gv$sql sqlt1,Gv$sql sqlt2
    WHERE s1.sid =l1.sid
      AND s2.sid =l2.sid
      AND sqlt1.sql_id= s2.sql_id
      AND sqlt2.sql_id= s1.prev_sql_id
      AND l1.BLOCK =1
      AND l2.request > 0
      AND l1.id1 = l2.id1
      AND l2.id2 = l2.id2;
  But this needs system views and can not run to the app user id.
  In view of the security audit or without breaching it , do I need to grant select to all the system views being accessed by this script to the app user, then create synoyms to it 1 by 1?
  Or is there a one time grant for all system views? So I do not need to type one  by one so that I may not miss any?
  Thanks,
  petra k.
  while posted approach will eventually work, it is like making three left turns around the block;
  instead of making a single right term.
  Place the desired SQL into a procedure (FIND_LOCKER) owned by highly privileged schema; then do as below
  GRANT EXECUTE ON FIND_LOCKER TO OPERATOR_USER;

• From one user, how to get tables names of other user.

  hi all,
  now i connected to Oracle with one user let us assume 'pavan/pavan'. and i need to get the table names that are in user: pavan and in user: gupta (gupta/gupta).
  one way is,
  from Java, first get connection to pavan user, execute the query and store the results and disconnect to it and againg connect to user 'gupta', execute the query and add these results to first results.
  but this is very expensive and time consuming also.
  is there any query to get this one. or need to create 'Database Link' and access through that link.
  regards
  pavan.

  First you have to grant permission (like SELECT,UPDATE,DELETE....etc..) to PAVAN on objects that are belongs to GUPTA. Then you can make use the GUPTA user objects.
  Suppose you connected to PAVAN and you want see the data in table A which exist in GUPTA user.
  Connect GUPTA user first and execute following statement
  GRANT SELECT,UPDATE,DELETE ON A TO PAVAN;
  After executing the above query connect to PAVAN user and execute following statement.
  SELECT * FROM GUPTA.A;

• Grant select sequence to other users

  Hi all,
  Assume: I have a user "A" who have table name "test" and sequence name "test_seq". How can the user "B" able to select on the sequence "test_seq" of user A, by this command below:
  connect B/password
  SELECT test_seq.nextval from dual;
  Thanks,

  A must run:
  GRANT SELECT ON test_seq TO b;B must run:
  CREATE SYNONYM test_seq FOR a.test_seq;Message was edited by:
  Pierre Forstmann

• Unable to View the Other User's Developed Interfaces

  Hi All,
  One of my colleague has developed 3 interfaces with his ID in Repository.
  He is able to view and test all those scenarios.
  but if i login with my ID means , iam unable to see those Scenarios at all in IR
  Before this iam able to view if he developed any scenarios with his ID also..
  But now only this problem has come,What could be the problem.
  Regards

  Hi Prateek,
  He activated all the development & tested successfully those interfaces..
  All the users are having the Equal Roles only. there is no specific roles to any user.
  We all have Admin roles
  Before this iam able to see all the interfaces irrespective of any user's ID development.
  Thsi is the problem occured Now only
  Regards
  Edited by: Suman gupta on Nov 7, 2008 11:29 AM

• Create table - invisible to other users

  Hi,
  i'm using Oracle XE 10g, and I have a following problem:
  when I log in as "user1" and create a table (create table test ...) then I don't see this table when logged as "user2"... Both users have same access rights. What is wrong? I am beginner in Oracle, I've used MySQL before, and this works without problems...
  thanks
  Jiri Matejka

  USER2 needs select rights on the test table owned by USER1. In order for USER2 to be able access the table owned by USER1 the USER1 name needs to be added to the table name, example USER1.TEST. A synonym can be created to remove that need.

• UL type lock on a table blocking all other users

  Hi,
  We have a referential integrity constraint on a version enabled table, that refers to a non-version enabled table (highly active table..lots of inserts/updates). An insert into the version enabled table is causing a UL type lock and the non-versioned table is locked (literally the table is inaccessible) and we see blocking locks. How can I avoid this situation? Is there any OWM settings that will help me resolve this issue? I am using workspace manager version 10.2.0.4.2.
  Thanks.

  Hi,
  An insert into a child table requires a lock on the parent table which will block updates and deletes into its parent table(s) until the lock is released. This is done to maintain the validity of the constraint. Otherwise, it would be possible to have child rows without parents, which we obviously need to prevent from happening.
  If possible, you could commit/rollback the transaction involving the child table more frequently, so that the locks are released and dmls can proceed on the parent table.
  You can also take a look at the following thread.
  RIC in OWM - ORA-20171 deadlock detected ...
  It is specifically referring to deadlock situations, but it also explains our locking behavior for RIC tables.
  Regards,
  Ben