Object privilege question

Similar Messages

• System and Object privileges question

  hello everyone.
  I was really making it a priority to really understand both system and object privileges for users. I have setup a couple of 'sandboxes' at home and have done lots of testing. So far, it has gone very well in helping me understand all the security involved with Oralce (which, IMHO, is flat out awesome!).
  Anyway, a couple of quick questions.
  As a normal user, what view can I use to see what permissions I have in general? what about permissions on other schemas?
  I know I can do a:
  select * from session_privs
  which lists my session privileges.
  What other views (are they views/data dictionary?) that I can use to see what I have? Since this is a normal user, they don't have access to any of the DBA_ views.
  I'll start here for now, but being able to see everything this user has, would be fantastic.
  Cheers,
  TCG

  Sorry. should have elaborated more.
  In SQLPLUS, (logged in while logged into my Linux OS), I am working to try and get sqlplus to display the results of my query so it is easy to read. Right now, it just displays using the first 1/4 or 1/3 of the monitor screen to the left. Make sense? So it does not stretch the results out to utilize the full screen. it is hard to break down and read the results because they are "stacked" on top of each other.
  Would be nice if I could adjust sqlplus so the results are easier to read.
  HTH.
  Jason

• Importing object privileges

  I have this question about schema based export/import. 10.2.0.4 db.
  With old export/import utility if I
  -- export user A
  -- export user B
  -- import user A in another db. Since user B does not exist I correctly get some errors for object privileges user B has on objects owned by user A
  -- import user B. Those privileges are now imported. Old import utility imports object privs that user B owns on user A's objects
  With expdp/impdp utility if I
  -- export user A
  -- export user B
  -- import user A in another db. Since user B does not exist I correctly get some errors for object privileges user B has on objects owned by user A
  -- import user B. Those object privileges are NOT imported. Impdp does not import object privs that user B owns on user A's objects.
  Is there anything I am missing???
  Thanks in advance

  Hi Alle,
  if i have understood your question correctly then you want to import the grants of user A to user B.
  it is possible only if you have the EXP_FULL_DATABASE or IMP_FULL_DATABASE role is attached to your profile.
  If you have no EXP_FULL_DATABASE role, you can only export your own schema. If you have EXP_FULL_DATABASE role, you can export several schemas in one go. Optionally, you can include the system privilege grants as well.
  Thanks.

• Object Privilege

  Dear All,
  I'm having one problem in my database. I'm having two database one is testdb1 and another is proddb1 running in two different server. I've done the followings-
  1. I've created a dblink from testdb1 to proddb1 database using two different schema (test1 to prod1).
  2. Now through dblink test1 schema of testdb database can access all objects available in prod1 schema of proddb1 database.
  Now I want to give object privileges on some selected objects of prod1 schema to test1 schema. How to do it?
  Can any Guru provide me this solution?

  Hi,
  Come you said that you have created a DataBase link...asking to provide commands... !!
  Any How..
  Follow the Steps:-
  1 > Create a Required User in Prod (assign the default tablespaces etc.,).
  2 > Grant the Necessary Privilges
  3 > Grant the Object Privilges as per your Requirements, as you said that you want to Restrict to some Objects only.
  4 > Test it with that Create User Whether you can Access the Objects with Respective Privi's are working fine or not
  5 > Then Create a DataBase Link From Test DB to Prod with that Created User.
  Bingo.. !!
  Now, Test the User Over DB Link... Any thing else Requried..
  Now, I don't have DB on My System to show the Demo... :-(
  Reference for Creating User and DB Links .. !!
  http://www.dba-oracle.com/concepts/create_users.htm
  http://download.oracle.com/docs/cd/B19306_01/server.102/b14231/ds_admin.htm#sthref4108
  - Pavan Kumar N

• Granting object privileges to remote users.

  Hello,
  Here's the situation:
  I have 2 databases located on 2 different servers both running Win2k3. In the first database the main schema is M1 and it has to read objects on the another schema M2, located on the second database.
  I created a database link on the first database, to point to the second database
  create database link connect2M2db connect to M2 identified by M2 using 'connect2M2db'Now I would like to grant object privileges(insert,update,delete) to M1 on M2' objects. Can anyone tell me how to do that?
  Thanks in advance.

  I didn't put the whole thing, (my bad) but your reply was helpful. As I said before, I have 2 dbs, on 2 differents servers. I created the dblink on the first server. I also created synonyms on the first server using the following syntax:
  "create or replace synonym syn_name for user2.table" which from the link you provided me, is wrong as I didn't append the dblink name.
  After that, I would like to grant object privileges to user1, by executing the command from server2. For doing that, is the following syntax correct: "grant select on table_name to user1". My issue is that user1 does not exist on server2. Should I rather use the following: "grant select on table_name@dblink to user1"?

• How to view object privileges of a user in Oracle10g?

  I try to view the object privileges of a user through the table user_object_privs but it didn't work. I didn't get the correct name of the table or there were some problem with my Oracle. Please help me. Thanks a lot.

  Thanks, that link helped me out. I was looking for this:
  SELECT OWNER, TABLE_NAME, GRANTEE, PRIVILEGE FROM DBA_TAB_PRIVS WHERE GRANTEE='<put name here>';

• Roles/System privileges/Object privileges

  Oracle 10g. we created a role and assigned this role to the user. We also assigned some system privileges and Object privileges directly to the same user. Now the company's new policy is that the user's permissions have to be assigned only via role. system privileges and Object privileges cannot be assigned directly to the user. So I have to alter the role. The steps are:
  1. grant system privileges and Object privileges to role. (this will be executed as a script)
  These privileges were directly assigned to the user.
  2. revoke all privileges which were directly assigned to the user.
  Do I miss anything?
  Please advise.
  Thanks
  S.

  Object privileges cannot be assigned directly to the user.Privileges acquired via ROLE do not apply within PL/SQL procedures.
  You may face some coding challenges in the future due to this policy.

• Alter Object Privilege onm Oracle 9i

  Is there a command that I can run that will update all Object Privilege's to SELECT for a role
  At the moment this role has
  GRANT EXECUTE ON .ACTIVE_SALES_PART_API TO SALES_ENQ
  GRANT EXECUTE ON .BASE_PART_CHARACTERISTIC_API TO SALES_ENQ
  GRANT EXECUTE ON .CHARACTERISTIC_API TO SALES_ENQ
  GRANT EXECUTE ON .CHARACTERISTIC_TEMPLATE_API TO SALES_ENQ
  GRANT EXECUTE ON .COMPANY_FINANCE_API TO SALES_ENQ
  GRANT EXECUTE ON .CONFIG_CHARACTERISTIC_API TO SALES_ENQ
  GRANT EXECUTE ON .CONFIG_OPTION_VALUE_API TO SALES_ENQ
  GRANT EXECUTE ON .CONFIG_PART_SPEC_REV_API TO SALES_ENQ
  GRANT EXECUTE ON .CUSTOMER_AGREEMENT_API TO SALES_ENQ
  GRANT EXECUTE ON .CUSTOMER_INFO_ADDRESS_API TO SALES_ENQ
  GRANT EXECUTE ON .CUSTOMER_INFO_API TO SALES_ENQ
  GRANT EXECUTE ON .CUSTOMER_INFO_MSG_SETUP_API TO SALES_ENQ
  GRANT EXECUTE ON .CUSTOMER_ORDER_PRICING_API TO SALES_ENQ
  GRANT EXECUTE ON .CUST_ORD_CUSTOMER_API TO SALES_ENQ
  GRANT EXECUTE ON .CUST_ORD_PRINT_CONTROL_API TO SALES_ENQ
  GRANT EXECUTE ON .DOCUMENT_TEXT_API TO SALES_ENQ
  GRANT EXECUTE ON .INVENTORY_PART_API TO SALES_ENQ
  GRANT EXECUTE ON .INVENTORY_PART_PLANNING_API TO SALES_ENQ
  GRANT EXECUTE ON .INVOICE_PROPERTY_CODE_API TO SALES_ENQ
  GRANT EXECUTE ON .ISO_COUNTRY_API TO SALES_ENQ
  GRANT EXECUTE ON .ISO_CURRENCY_API TO SALES_ENQ
  Message was edited by:
  HoLy_PiLgRiM

  I like the use of dynamic sql in sqlplus for example
  select 'grant select on'||TABLE_NAME||' to SALES_ENQ;' from user_tables;
  This type of thing generates output that can then be run or spooled and run.
  If you spool you need to set head off set feedback off set echo of set linesize (longer than select output....) set pagesize 0.....
  Hope this helps.

• Docs about RowSet, and Object RowSet questions?

  Docs about RowSet, and Object RowSet questions?
  I can find RowSet forum, so I ask here!
  Can you give me URLs where I can find more about RowSet and URLs for any RowSet implementation?
  Does Borlans, Oracle, IBM, etc., have RowSet implementation?
  I find out about Sun's RowSet implementation, but I can't find Object Rowset in this implementation?
  Is it possible to develop Object RowSet and is it useful?
  I know about O/R tools like Hibernate, but Object RowSet can be useful?
  Run SQL query and get Objects, or maybe even run Object query (like EJB or Hibernate or JDO have) and get Objects.
  No XML mapping mess and simmilar, like with EJB or Hibernate or JDO?

  You can try
  http://java.sun.com/developer/Books/JDBCTutorial/chapter5.html
  This is a tutorail for RowSet

• Catalog object privilege validation failed for user.

  Hi,
  I'm getting following error after adding the HTML tags in dashboard 11g.
  How to set the privileges?..Kindly let me know.Thank you.
  Error Massage:
  Catalog object privilege validation failed for user to path /users/User1/_portal/page 1.
  You do not currently have sufficient privileges to save a report or dashboard page that contains HTML markup. Dashboard contains custom HTML tags as part of static text.

  Hi User,
  Go to Settings -> Administrators -> Manage Privileges -> 'Answers'
  Here you can view - "Save Content with HTML Markup" next to it you will see 'Presentation Server Administrators'
  Click it and Change for 'Everyone'
  And, Save changes. Restart BI Services now you can add the contents and it will not popup any error messages.
  Thank you.
  Award Points and Close the Post as Answered to help others with same issue :)

• Export object privileges to another user

  dear,
  i want to export thr object privilege to another user on oracle 10g. how can do it? i try to export the user/scheam than immport to another user but still no work..
  Regards

  I guess he want user B to have same object privileges as user A
  If this is the case, it depends on what object privileges user A has.
  You can find that out from user_tab_privs after logon as user A.
  If the GRANTABLE = 'NO' you have to logon as each schema holder to grant the privs.

• Grant Object Privileges Page

  I am running version 3.0.6.6.5 on Solaris 2.6 and using Netscape Navigator 4.51.
  On the Grant Object Privileges Page for a database object, the "Add to List" button is in an odd spot (crosses over a border) and does not work unless you click it on the left 1/3 of the button. This is not a problem when using IE 5.
  Is this a known bug?
  Fran Bailey
  EDS - Meredith Account

  i logged in as User1 and wrote:
  desc dbms_lock
  and nothing happened, then i disconnected and connected to db1 as User1 and retry and it was all the same (didn't assign the privilege). then i shut down sql plus and started it again as sys and when ran EXECUTE ON DBMS_LOCK the message is shown:
  SP2-0103: Nothing in SQL buffer to run
  then i logged in as User1 and repeat the EXECUTE ON DBMS_LOCK command, the same error message is thrown. same happened when tried with desc dbms_lock.
  am i doing something wrong or what?

• Data Modeler - Importing Object Privileges

  Is there a way to import object privileges to DM (from database or Oracle Designer) or do I just have to add them manually to the model?

  It should be possible to import them from database but I see it doesn't work - I created bug for that. You can define them in physical model - be aware that these privileges are generated after create statement for object.
  No problems with import of system privileges.
  Philip

• Comparing the object privileges

  hi,
  i have used export and import across different databases using fromuser and touser clause. i can see 50 object privileges are missing after import. could not find the correct using the log file.
  by firing the below query i am getting lot of results like more then 500 rows..
  select grantee,privilege,owner,table_name from dba_tab_privs where grantee ='SCHEMANAME';
  is there any way i can find the missing object privileges?

  user13051945 wrote:
  i can see 50 object privileges are missing after import
  is there any way i can find the missing object privileges?
  Aren't you contradicting yourself here?
  Why, if you can see 50 are missing, can you not find them?
  How do you see it?

• Which view I can query to get the granted objects privilege to a user?

  Hi all,
  which view I can query to get the granted objects privilege to a user?
  for example:
  grant execute on accounting.get_name to scott;
  Which view has above object granted information?
  Thanks

  SQL> select * FROM all_tab_privs where grantor = upper('accounting');
  no rows selected