Select privilege on APEX metadata tables

Similar Messages

• How to give select privilege on a single table

  Hi,
  I need to create a user who can access only one table of a particular schema. Now, while I'm creating one user with "create session" privilege only, that user can select any table in that database.
  create user ANJAN_USR identified by ANJAN default tablespace USERS temporary tablespace TEMP;
  grant create session to ANJAN_USR;
  grant SELECT ON SCOTT.EMP to ANJAN_USR;
  Now connecting to ANJAN_USR, I can select SCOTT.EMP and all other tables as well.
  How can I prevent the user from select data of other tables?
  I'm using Oracle 10.2.0.1.0.
  Thanks,
  Anjan

  I couldn't reproduce. Though I am not using 10g but I believe this shouldn't be an issue in that also.
  Connected to:
  Oracle Database 11g Enterprise Edition Release 11.1.0.6.0 - Production
  With the Partitioning, OLAP, Data Mining and Real Application Testing options
  SQL> create user testuser identified by test;
  User created.
  SQL> grant create session to testuser;
  Grant succeeded.
  SQL> conn testuser/test
  Connected.
  SQL> select * from scott.emp;
  select * from scott.emp
  ERROR at line 1:
  ORA-00942: table or view does not exist
  SQL> conn / as sysdba
  Connected.
  SQL> grant select on scott.emp to testuser;
  Grant succeeded.
  SQL> conn testuser/test
  Connected.
  SQL> select * from scott.emp;
       EMPNO ENAME      JOB              MGR HIREDATE         SAL       COMM
      DEPTNO
        7369 SMITH      CLERK           7902 17-DEC-80        800
          20
        7499 ALLEN      SALESMAN        7698 20-FEB-81       1600        300
          30
        7521 WARD       SALESMAN        7698 22-FEB-81       1250        500
          30
       EMPNO ENAME      JOB              MGR HIREDATE         SAL       COMM
      DEPTNO
        7566 JONES      MANAGER         7839 02-APR-81       2975
          20
        7654 MARTIN     SALESMAN        7698 28-SEP-81       1250       1400
          30
        7698 BLAKE      MANAGER         7839 01-MAY-81       2850
          30
       EMPNO ENAME      JOB              MGR HIREDATE         SAL       COMM
      DEPTNO
        7782 CLARK      MANAGER         7839 09-JUN-81       2450
          10
        7788 SCOTT      ANALYST         7566 19-APR-87       3000
          20
        7839 KING       PRESIDENT            17-NOV-81       5000
          10
       EMPNO ENAME      JOB              MGR HIREDATE         SAL       COMM
      DEPTNO
        7844 TURNER     SALESMAN        7698 08-SEP-81       1500          0
          30
        7876 ADAMS      CLERK           7788 23-MAY-87       1100
          20
        7900 JAMES      CLERK           7698 03-DEC-81        950
          30
       EMPNO ENAME      JOB              MGR HIREDATE         SAL       COMM
      DEPTNO
        7902 FORD       ANALYST         7566 03-DEC-81       3000
          20
        7934 MILLER     CLERK           7782 23-JAN-82       1300
          10
  14 rows selected.
  SQL> c/emp/dept
    1* select * from scott.dept
  SQL> /
  select * from scott.dept
  ERROR at line 1:
  ORA-00942: table or view does not exist
  SQL>Please show us the cut/paste from the command prompt as it was done .
  HTH
  Aman....

• GRANT syntax : Grant SELECT privileges on tables to a User on a Remote DB

  Hi
  I am having two databases: DEV1 and DEV2. DEV1 is my source database and DEV2 is target database. There is a table in Schema A on Dev1. I have created a PUBLIC DBLINK "TESTDBLINK" in Schema B on DEV2 that connects to Schema A on DEV1.
  Database Schema Table Machine
  DEV1 A EMP 192.168.210.10
  Database Schema Database Lik Machine
  DEV2 B TESTDBLINK 192.168.210.11
  How to grant SELECT privileges on Schema A Table EMP ( DEV1 ) to Schema B on DEV2 ? What is the syntax ?
  e.g. Log in as Schema A on DEV 1
  SQL> GRANT SELECT ON EMP TO *???????*
  Thanks for your inputs
  Harry

  You don't have to grant that table in schema A to schema B.
  Inside schema B, you can just issue a select statement like this:
  select *
  from table@db-link-to-AOracle will connect to the remote instance, using the credentials of schema A, and since A owns that table, Oracle can already access the table.

• How to grant privileges on all the tables in a schema

  Hi All,
  Can you tell me how to grant privileges on all the tables of a schema A
  to schema B.
  For Example:
  There are 200 tables in schema A, I wanted to grant select privilege on all the tables of a scheme A to schema B.
  Thanks in advance.

  note that USER is the user that will have the select priviledge
  the procedure includes views as well
  CREATE OR REPLACE PROCEDURE GRANT_ACCESS_ON_USER IS
  CURSOR c1 is select table_name from user_tables;
  CURSOR c2 is select view_name from user_views;
  tablename user_tables.TABLE_NAME%TYPE;
  viewname user_views.VIEW_NAME%TYPE;
  BEGIN
  tmpVar := 0;
  OPEN c1;
  loop
       fetch c1 into tablename;
       EXIT WHEN c1%NOTFOUND;
       EXECUTE IMMEDIATE 'GRANT SELECT on '||tablename ||' to USER';
  end loop ;
  close c1;
  OPEN c2;
  loop
       fetch c2 into viewname;
       EXIT WHEN c2%NOTFOUND;
       EXECUTE IMMEDIATE 'GRANT SELECT on '||viewname ||' to USER';
  end loop ;
  close c2;
  EXCEPTION
  WHEN NO_DATA_FOUND THEN
  NULL;
  WHEN OTHERS THEN
  -- Consider logging the error and then re-raise
  RAISE;
  END;
  /

• Grant select privilege to specific columns on a table to user in Oracle 9i

  Can anyone tell me how to grant select privilege to a user for specific columns in a table?
  I have tried the following statement
  GRANT SELECT (EMP_ID) ON EMP TO USER1
  But it's not working and I am getting this error "Missing ON Keyword".
  Please anyone tell me how to grant select privilege for specific columns.
  Edited by: 899045 on Nov 24, 2011 7:03 AM

  899045 wrote:
  Can anyone tell me how to grant select privilege to a user for specific columns in a table?
  I have tried the following statement
  GRANT SELECT (EMP_ID) ON EMP TO USER1
  But it's not working and I am getting this error "Missing ON Keyword".
  Please anyone tell me how to grant select privilege for specific columns.
  Edited by: 899045 on Nov 24, 2011 7:03 AMFrom the 9.2 SQL Reference manual, found at tahiti.oracle.com (http://docs.oracle.com/cd/B10501_01/server.920/a96540/statements_912a.htm#2062456)
  *"You can specify columns only when granting the INSERT, REFERENCES, or UPDATE privilege. "*

• Accessing logical columns using metadata table

  Hi,
  I have a requirement to store data coming from multiple sources in various format into single table as the number of tables required is not determinable at development phase. Hence I have defined 2 tables,
  1. Metadata table storing the information about logical columns in the incoming data.
  2. Raw generic table where the actual data would be stored.
  While accessible the logical data first I need to access the metadata table to fetch the column details and then access the raw table to provide actual data in those columns. Even though this option is available the code might not remain readable as need to use actual raw table column names in the code.
  I have thought of view based access but again number of views required is not known at development time. Is there any option/feature available which would be able to provide logical view for the raw data?
  thank you in advance.

  Hi
  Firstly, this sounds rather messy and is not something I would consider doing - but I shall give you the benefit of the doubt that all other options have been exhausted.
  A way I can think of is that you could define your metadata a bit like the oracle data dictionary, then you could use something like APEX where you can use dynamic SQL to show a report on the data. Imagine something like this
  DECLARE
  l_sql VARCHAR2(32000);
  BEGIN
  l_sql : = 'SELECT ';
  FOR i IN
  (SELECT column_name
  FROM my_table_data
  WHERE table_name = :TARGET_TABLE)
  LOOP
  IF i = 1
  THEN l_sql := l_sql||i.column_name;
  ELSE l_sql := l_sql||', '||i.column_name;
  END IF;
  END LOOP;
  l_sql := l_sql||' FROM '||:TARGET_TABLE;
  RETURN l_sql;
  END;Obviously you can make stick in predicates etc. if you need to but that would be a starting point?
  Not very pretty though...
  Cheers
  Ben
  http://www.munkyben.wordpress.com
  Don't forget to mark replies helpful or correct ;)

• No segment found in Metadata table

  Hi,
  We are posting an Idoc from an external application to R/3 using C RFC libraries. There was a new custom segment Z1xxx added to an Extension message type Zxxxx on SAP. There is an error in the external application while trying to build/Map the Idoc segments before sending the idoc to R/3.
  The error says "<u>No such segment type found in metadata table</u>". The segments heirarchy is the same as defined on SAP.
  The release have been checked for this new segment, its released to 45B as similar to other standard segments.
  Please let us for any resolution for successful posting of an Idoc with the custom Z1 segment.
  Thanks,
  Prabhu
  Message was edited by: Prabhu Kudlapura

  Hi Suhas,
  Thanks for your quick response.
  Yes I have run SE14 and activate & adjust the database, But problem is same.
  My select query is:
  SELECT VBELN
           PI
           GJAHR
           KUNNR
           GPD
           GPI
  INTO TABLE I_GP_DATA
  FROM ZFI_GP_DISCOUNTS
  WHERE AUGDT BETWEEN ZFI_GP_DISCOUNTS-AUGDT AND ZFI_GP_DISCOUNTS-P_DATE
  AND DOC_NO EQ SPACE.
  Thanks & Regards,
  Hemant Maurya

• How to grant select permission to all the tables in the user

  Hi All,
  I have 5 tables in one user, now i want to give only select privilege to another user on those tables. Please help me to solve this issue.
  Thanks in Advance.
  Thanks and Regards,
  chiranth

  See following discussion: Re: Select Grant on another schema

• Query to get objects list for which the current user has 'SELECT' privilege

  Hi,
  I want to get tables and views list for which the current user has 'SELECT' privilege excluding sytem tables and views. The privilege information for the current user is scattered in more than one system views. I have following system views
  USER_TAB_PRIVS_RECD - Object grants for which the current user is the grantee
  ROLE_TAB_PRIVS - describes table privileges granted to roles. Information is provided only about roles to which the user has access.
  If the object privilege is granted explicitly like "GRANT ALL ON TABLE_NAME TO "USERNAME" then this privilege entry goes to USER_TAB_PRIVIS_RECD
  If the object privilege is granted by ROLE. Role is created with certain object privileges. this role is assigned to user "GRANT ROLE_NAME TO "USERNAME"", then this entry goes to ROLE_TAB_PRIVS
  From these findings, I have composed below query
  (SELECT DISTINCT TABLE_NAME FROM USER_TAB_PRIVS_RECD) UNION (SELECT DISTINCT TABLE_NAME FROM ROLE_TAB_PRIVS WHERE PRIVILEGE = 'SELECT')
  Have I got user's all prvilege details? should I look some other system views?
  How to exclude system table privileges details?
  (SELECT DISTINCT TABLE_NAME FROM USER_TAB_PRIVS_RECD) UNION (SELECT DISTINCT TABLE_NAME FROM ROLE_TAB_PRIVS WHERE PRIVILEGE = 'SELECT' AND OWNER NOT IN ('SYS','SYSTEM') Is this right?
  What about Public role in Oracle? Should I consider public role here?
  Oracel Version :11g
  I want make this query to work on Oracle 8i or above version
  Thanks

  >
  I want to get tables and views list for which the current user has 'SELECT' privilege excluding sytem tables and views.
  >
  You will need a hierarchical query to do that.
  Try this script for Listing privileges recursively for Oracle users
  http://www.adp-gmbh.ch/ora/misc/recursively_list_privilege.html

• SELECT PRIVILEGES required on Materialized View Logs

  Hi,
  I have a scenario where in Base table exists in one database and Materialized View on other.
  The Materialized View is created with FAST REFRESH option.
  I have created Materialized View Log in database where master table exists.
  Also I have given Select priv on master table to the user(where MV is created).
  I want to know how will i Grant SELECT PRIV on Materialized View Log so that FAST refresh happens.
  Both databases are Oracle 10g R2.
  I have read following on oracle site:
  The owner of the materialized view must have the CREATE TABLE system privilege. The owner must also have access to any master tables of the materialized view that the schema owner does not own (for example, if the master tables are on a remote database) and to any materialized view logs defined on those master tables, either through a SELECT object privilege on each of the tables or through the SELECT ANY TABLE system privilege.
  Please tell me the command to GRANT SELECT to the user who has created MV.
  Thank You,
  Niranjan.

  Hi,
  The privileges required to create a materialized view should be granted directly rather than through a role
  To create a materialized view in your own schema:
  1- Grant CREATE MATERIALIZED VIEW system privilege and either the CREATE TABLE or CREATE ANY TABLE system privilege.
  2-You must also have access to any master tables of the materialized view that you do not own, either through a SELECT object privilege on each of the tables or through the SELECT ANY
  TABLE system privilege.
  To create a materialized view in another user's schema:
  1-You must have the CREATE ANY MATERIALIZED VIEW system privilege.
  2-The owner of the materialized view must have the CREATE TABLE system privilege. The owner must also have access to any master tables of the materialized view that the schema owner does not own (for example, if the master tables are on a remote database) and to any materialized view logs defined on those master tables, either through a SELECT object privilege on each of the tables or through the SELECT ANY TABLE system privilege.
  To create a refresh-on-commit materialized view (ON COMMIT REFRESH clause), in addition to the preceding privileges, you must have the ON COMMIT REFRESH object privilege on any master tables that you do not own or you must have the ON COMMIT REFRESH system privilege.
  see this link
  http://download.oracle.com/docs/cd/B12037_01/server.101/b10759/statements_6002.htm

• Create user with select privilege only one schema

  can someone tell me how i can create user with select priviliges only one schema.
  i don't want the user to have any select privileges with other schema.
  can someone advise me.
  Thansk

  In general, you would do something like
  CREATE ROLE abc_read_only;
  FOR x IN (SELECT * FROM dba_tables WHERE owner='ABC')
  LOOP
    EXECUTE IMMEDIATE 'GRANT SELECT ON abc.' || x.table_name || ' TO abc_read_only';
  END LOOP;
  CREATE USER your_user ...;
  GRANT abc_read_only TO your_userYou create a role, grant the role SELECT access to all the tables in the ABC schema (you can extend this to grant access to views, functions, etc depending on the requirements), and then grant that role to your user.
  Justin

• Granting select privileges

  I want to grant select privileges on all tables and views belonging to database xyz to the user abc.
  What's the best way to do that?
  Message was edited by: Diarmuid - 11/07/07
  user580522

  I beg to differ. Of course OP can try to 'GRANT SELECT ANY TABLE'. It's just a matter of his own privileges if he succeeds or not.
  To OP: Reading about GRANT might help:
  http://download.oracle.com/docs/cd/B19306_01/server.102/b14200/statements_9013.htm#i2077938
  Note this part from the docs:
  To grant a system privilege, you must either have been granted the system privilege with the ADMIN OPTION or have been granted the GRANT ANY PRIVILEGE system privilege.

• How to find Apex user table

  Hello,
  Please let me know, how to find the apex user table. I need to validate unique user based on the same, for which I am using below function,
  DECLARE
  VAL BOOLEAN;
  BEGIN
  VAL := APEX_UTIL.IS_USERNAME_UNIQUE(p_username =>
  :P6_USERNAME );
  END;
  However in this case it is returning always 'FALSE', saying new user exist.
  Kindly help me in fixing this issue.

  Hello Andre,
  I am validating records from apex_workspace_apex_users, to check whether user is present or not,
  While creating validation, I select SQL-> Not Exist and below query,
  select 1 from apex_workspace_apex_users where user_name = :my_user.
  If this record is present, it should throw an customised error, however it shows the error of "Unique key violation error...".
  Can you please help me out whether while creating validation I should select (EXIST or NOT Exist). Since I am still confuse with the same.
  Thanks,
  Girish

• Using case when statement in the select query to create physical table

  Hello,
  I have a requirement where in I have to execute a case when statement with a session variable while creating a physical table using a select query. let me explain with an example.
  I have a physical table based on a select table with one column.
  SELECT 'VALUEOF(NQ_SESSION.NAME_PARAMETER)' AS NAME_PARAMETER FROM DUAL. Let me call this table as the NAME_PARAMETER table.
  I also have a customer table.
  In my dashboard that has two pages, Page 1 contains a table with the customer table with column navigation to my second dashboard page.
  In my second dashboard page I created a dashboard report based on NAME_PARAMETER table and a prompt based on customer table that sets the NAME_ PARAMETER request variable.
  EXECUTION
  When i click on a particular customer, the prompt sets the variable NAME_PARAMETER and the NAME_PARAMETER table shows the appropriate customer.
  everything works as expected. YE!!
  Now i created another table called NAME_PARAMETER1 with a little modification to the earlier table. the query is as follows.
  SELECT CASE WHEN 'VALUEOF(NQ_SESSION.NAME_PARAMETER)'='Customer 1' THEN 'TEST_MART1' ELSE TEST_MART2' END AS NAME_PARAMETER
  FROM DUAL
  Now I pull in this table into the second dashboard page along with the NAME_PARAMETER table report.
  surprisingly, NAME_PARAMETER table report executes as is, but the other report based on the NAME_PARAMETER1 table fails with the following error.
  Error Codes: OPR4ONWY:U9IM8TAC:OI2DL65P
  State: HY000. Code: 10058. [NQODBC] [SQL_STATE: HY000] [nQSError: 10058] A general error has occurred. [nQSError: 16001] ODBC error state: S1000 code: 1756 message: [Oracle][ODBC][Ora]ORA-01756: quoted string not properly terminated. [nQSError: 16014] SQL statement preparation failed. (HY000)
  SQL Issued: SET VARIABLE NAME_PARAMETER='Novartis';SELECT NAME_PARAMETER.NAME_PARAMETER saw_0 FROM POC_ONE_DOT_TWO ORDER BY saw_0
  If anyone has any explanation to this error and how we can achieve the same, please help.
  Thanks.

  Hello,
  Updates :) sorry.. the error was a stupid one.. I resolved and I got stuck at my next step.
  I am creating a physical table using a select query. But I am trying to obtain the name of the table dynamically.
  Here is what I am trying to do. the select query of the physical table is as follows.
  SELECT CUSTOMER_ID AS CUSTOMER_ID, CUSTOMER_NAME AS CUSTOMER_NAME FROM 'VALUEOF(NQ_SESSION.SCHEMA_NAME)'.CUSTOMER.
  The idea behind this is to obtain the data from the same table from different schemas dynamically based on what a session variable. Please let me know if there is a way to achieve this, if not please let me know if this can be achieved in any other method in OBIEE.
  Thanks.

• Best practice of metadata table in data warehouse environment ?

  Hi guru's,
  In datawarehouse, we have 1. Stage schema 2. DWH(Data warehouse reporting schema). In stageing we have about 300 source tables. In DWH schema, we are creating the tables which are only required from reporting prespective . some of the tables in stageing schema, have been created in DWH schema as well with different table name and column names. The naming convention for these same tables and columns in DWH schema is more based on business names.
  In order to keep track of these tables we are creating metadata table in DWH schema say for example
  Stage                DWH_schema
  Table_1             Table_A         
  Table_2             Table_b
  Table_3             Table_c
  Table_4              Table_DMy question is how do we handle the column names in each of these tables. The stage_1, stage_2 and stage_3 column names have been renamed in DWH_schema which are part of Table_A, Table_B, Table_c.
  As said earlier, we have about 300 tables in stage and may be around 200 tables in DWH schema. Lot of the column names have been renamed in DWH schema from stage tables. In some of the tables we have 200 column's
  so my concern is how do we handle the column names in metadata table ? Do we need to keep only table names in metadata table not column names ?
  Any idea will be greatly appriciated.
  Thanks!

  hi
  seems quite a buzzing question.
  In our project we designed a hub and spoke like architecture.
  Thus we have 3 layer, L0 is the one closest to the source and L0 table's name are linked to the corresponding sources names by mean of naming standard (like tabA EXT_tabA tabA_OK1 so on based on implementation of load procedures).
  At L1 we have the ODS , normalized model , we use business names for table there and standard names for temporary structures and artifacts
  Both L0 an L1 keep source's column names as general rule, new columns like calculated one are business driven and metadata are standard driven.
  Datamodeler fits perfect for modelling L1 purpose.
  L2 is the dimensional schema business names take place for tables and columns eventually rewritten at presentation layer ( front end tool )
  hope this helps D.