On schema test package pkg_test I have c_status CONSTANT NUMBER := 1;
How add grant on this value to other scheme test2?
Some like this:
Grant select pkg_test.c_status to test2
On schema test2 I need constant value in update statements
You cannot grant single variables, only packages, procedures and functions. Would be
Grant execute on test.pkg_test to test2;
If you need to give access only to this single constant, then I would suggest
CREATE OR REPLACE FUNCTION get_status RETURN NUMBER DETERMINISTIC IS
BEGIN
return test.pkg_test.c_status;
END get_status;
GRANT EXECUTE ON get_status TO test2;
Or a bit more generic:
CREATE OR REPLACE FUNCTION get_constant(const_name IN VARCHAR2) RETURN NUMBER DETERMINISTIC IS
INVALID_IDENTIFIER EXCEPTION;
PRAGMA EXCEPTION_INIT(INVALID_IDENTIFIER, -904);
res NUMBER;
BEGIN
IF UPPER(const_name) IN ('C_STATUS') THEN
EXECUTE IMMEDIATE 'BEGIN :ret := test.pkg_test.'||const_name||'; END;' USING OUT res;
RETURN res;
ELSE
RAISE INVALID_IDENTIFIER;
END IF;
END get_constant;
GRANT EXECUTE ON get_constant TO test2;
Related
I want to write a procedure that logs output to the Oracle concurrent manager log when run from a concurrent program, but writes to dbms_output when run "standalone".
Is there a way from PL/SQL to check whether my code is being run from a concurrent request? The best way I've been able to find is
select * from fnd_concurrent_requests
where oracle_session_id = userenv('SESSIONID');
but that's pretty slow. Is there a function or table I can query that gives me the information more efficiently?
You can best use fnd_global.conc_request_id like we do in our blitz report code:
procedure write_log(p_text in varchar2, p_log_level in number default 1) is
begin
if fnd_global.conc_request_id>0 then
fnd_file.put_line(fnd_file.log,p_text);
else
fnd_log.string(p_log_level,'XXEN',p_text); --or your dbms_output.put_line() call
end if;
end write_log;
Add a boolean flag argument to the procedure that you can use to tell it where you want to log to when you call the procedure and then pass different flags from your two different (concurrent/non-concurrent) programs:
CREATE PROCEDURE my_proc(
i_value1 IN NUMBER,
i_use_concurrent_logging IN BOOLEAN DEFAULT FALSE
)
IS
-- Helper function so you only check the flag in one place.
PROCEDURE log(value IN VARCHAR2)
IS
BEGIN
IF i_use_concurrent_logging THEN
-- put your concurrent logging code here.
NULL;
ELSE
DBMS_OUTPUT.PUT_LINE(value);
END IF;
END;
BEGIN
-- Do stuff.
log('Stuff done');
-- Do other stuff
log('Other Stuff done');
END;
/
If you want to use your check once in the procedure then you could use:
CREATE OR REPLACE PROCEDURE my_proc(
i_value1 IN NUMBER
)
IS
v_use_concurrent_logging BOOLEAN := FALSE;
PROCEDURE log(value IN VARCHAR2)
IS
BEGIN
IF v_use_concurrent_logging THEN
-- put your concurrent logging code here.
NULL;
ELSE
DBMS_OUTPUT.PUT_LINE(value);
END IF;
END;
BEGIN
DECLARE
v_exists INT;
BEGIN
SELECT 1
INTO v_exists
FROM fnd_concurrent_requests
WHERE oracle_session_id = userenv('SESSIONID')
AND ROWNUM = 1;
v_use_concurrent_logging := TRUE;
EXCEPTION
WHEN NO_DATA_FOUND THEN
v_use_concurrent_logging := FALSE;
END;
-- Do stuff.
log('Stuff done');
-- Do other stuff
log('Other Stuff done');
END;
/
db<>fiddle here
Here is the definition of the stored procedure:
CREATE OR REPLACE PROCEDURE usp_dropTable(schema VARCHAR, tblToDrop VARCHAR) IS
BEGIN
DECLARE v_cnt NUMBER;
BEGIN
SELECT COUNT(*)
INTO v_cnt
FROM all_tables
WHERE owner = schema
AND table_name = tblToDrop;
IF v_cnt > 0 THEN
EXECUTE IMMEDIATE('DROP TABLE someschema.some_table PURGE');
END IF;
END;
END;
Here is the call:
CALL usp_dropTable('SOMESCHEMA', 'SOME_TABLE');
For some reason, I keep getting insufficient privileges error for the EXECUTE IMMEDIATE command. I looked online and found out that the insufficient privileges error usually means the oracle user account does not have privileges for the command used in the query that is passes, which in this case is DROP. However, I have drop privileges. I am really confused and I can't seem to find a solution that works for me.
Thanks to you in advance.
SOLUTION:
As Steve mentioned below, Oracle security model is weird in that it needs to know explicitly somewhere in the procedure what kind of privileges to use. The way to let Oracle know that is to use AUTHID keyword in the CREATE OR REPLACE statement. If you want the same level of privileges as the creator of the procedure, you use AUTHID DEFINER. If you want Oracle to use the privileges of the user currently running the stored procedure, you want to use AUTHID CURRENT_USER. The procedure declaration looks as follows:
CREATE OR REPLACE PROCEDURE usp_dropTable(schema VARCHAR, tblToDrop VARCHAR)
AUTHID CURRENT_USER IS
BEGIN
DECLARE v_cnt NUMBER;
BEGIN
SELECT COUNT(*)
INTO v_cnt
FROM all_tables
WHERE owner = schema
AND table_name = tblToDrop;
IF v_cnt > 0 THEN
EXECUTE IMMEDIATE('DROP TABLE someschema.some_table PURGE');
END IF;
END;
END;
Thank you everyone for responding. This was definitely very annoying problem to get to the solution.
Oracle's security model is such that when executing dynamic SQL using Execute Immediate (inside the context of a PL/SQL block or procedure), the user does not have privileges to objects or commands that are granted via role membership. Your user likely has "DBA" role or something similar. You must explicitly grant "drop table" permissions to this user. The same would apply if you were trying to select from tables in another schema (such as sys or system) - you would need to grant explicit SELECT privileges on that table to this user.
You should use this example with AUTHID CURRENT_USER :
CREATE OR REPLACE PROCEDURE Create_sequence_for_tab (VAR_TAB_NAME IN VARCHAR2)
AUTHID CURRENT_USER
IS
SEQ_NAME VARCHAR2 (100);
FINAL_QUERY VARCHAR2 (100);
COUNT_NUMBER NUMBER := 0;
cur_id NUMBER;
BEGIN
SEQ_NAME := 'SEQ_' || VAR_TAB_NAME;
SELECT COUNT (*)
INTO COUNT_NUMBER
FROM USER_SEQUENCES
WHERE SEQUENCE_NAME = SEQ_NAME;
DBMS_OUTPUT.PUT_LINE (SEQ_NAME || '>' || COUNT_NUMBER);
IF COUNT_NUMBER = 0
THEN
--DBMS_OUTPUT.PUT_LINE('DROP SEQUENCE ' || SEQ_NAME);
-- EXECUTE IMMEDIATE 'DROP SEQUENCE ' || SEQ_NAME;
-- ELSE
SELECT 'CREATE SEQUENCE COMPTABILITE.' || SEQ_NAME || ' START WITH ' || ROUND (DBMS_RANDOM.VALUE (100000000000, 999999999999), 0) || ' INCREMENT BY 1'
INTO FINAL_QUERY
FROM DUAL;
DBMS_OUTPUT.PUT_LINE (FINAL_QUERY);
cur_id := DBMS_SQL.OPEN_CURSOR;
DBMS_SQL.parse (cur_id, FINAL_QUERY, DBMS_SQL.v7);
DBMS_SQL.CLOSE_CURSOR (cur_id);
-- EXECUTE IMMEDIATE FINAL_QUERY;
END IF;
COMMIT;
END;
/
you could use "AUTHID CURRENT_USER" in body of your procedure definition for your requirements.
Alternatively you can grant the user DROP_ANY_TABLE privilege if need be and the procedure will run as is without the need for any alteration. Dangerous maybe but depends what you're doing :)
I've been given the task of converting a stored procedure, with several CRUD operations, to a package with functions defined.
When I created the package in Oracle SQL Developer, I defined may functions:
FUNCTION func1 RETURN NUMBER;
FUNCTION func2 RETURN NUMBER;
etc...
I have corresponding code in the 'package body':
FUNCTION func1 RETURN NUMBER
IS
BEGIN
-- some CRUD operation
END;
RETURN 0;
COMMIT;
EXCEPTION
WHEN OTHERS THEN
dbms_output.put_line('FUNCTION func1: error ' || ERR_NUM || ', Msg:' || ERR_MSG);
ROLLBACK;
END func1;
When I run them, I can choose which function to run from the list supplied. My question is what do I need to write or do to have all functions run in sequence with one command?
thanks
If you need to run some procedures in a given order, you need to build a procedure or an anonymous block that calls the procedures in the right order.
For example:
create or replace package aPackage is
procedure runAll;
end;
create or replace package body aPackage is
procedure proc1 is
begin
dbms_output.put_line('Procedure 1');
end proc1;
--
procedure proc2 is
begin
dbms_output.put_line('Procedure 2');
end proc2;
procedure runAll is
begin
proc1;
--
proc2;
--
end runAll;
end;
The call:
SQL> exec aPackage.runAll;
Procedure 1
Procedure 2
PL/SQL procedure successfully completed.
SQL>
I used procedures just to call them without need to assign the result to a variable, but the idea is the same for functions.
With functions:
create or replace package aPackageFun is
function runAll return number;
end;
create or replace package body aPackageFun is
function fun1 return number is
begin
dbms_output.put_line('Inside function 1');
return 1;
end fun1;
--
function fun2 return number is
begin
dbms_output.put_line('Inside function 2');
return 2;
end fun2;
function runAll return number is
vNum1 number;
vNum2 number;
begin
vNum1 := fun1();
--
vNum2 := fun2();
--
return vNum1 + vNum2;
end runAll;
end;
The call:
SQL> select aPackageFun.runAll() from dual;
APACKAGEFUN.RUNALL()
--------------------
3
Inside function 1
Inside function 2
SQL>
About your code, notice that you have a commit after a return: the commit will never be executed.
I have a procedure that has DML commands. the procedure accepts a variable of type out, and it returns a value.
i need call this procedure from a function.
the goal isĀ that the function will return the value of the variable out returns the procedure.
(i need it for SSIS, but I believe that it is useful in other cases.)
During attempts, I got these errors:
ORA-14551: cannot perform a DML operation inside a query tips.
ORA-06519: active autonomous transaction detected and rolled back.
I'm looking for the right syntax to do it.
Example of a solution that works:
The procedure:
create or replace procedure MyProc(outRes OUT NUMBER)
is
begin
update some_table set some_description = 'abc';
commit;
if (some_condition) then
outRes := 666;
else
outRes := 999;
end if;
end MyProc;
Note: You must do commit; at the end of the DML command.
The function:
CREATE or replace FUNCTION MyFunc
RETURN int IS
PRAGMA AUTONOMOUS_TRANSACTION;
myVar number;
begin
MyProc(myVar);
return myVar;
END MyFunc;
Note that at the beginning of the function has: PRAGMA AUTONOMOUS_TRANSACTION;
And this function call:
select MyFunc() as res from dual;
Here is an example of what you need to do. Do know this is UNTESTED, but should give you a general idea of which way to go. This is known as Dynamic SQL and uses bind variables. There's a lot more I don't know such as the data type your procedure spits out and what not... so if it's not varchar2 then change it accordingly...
FUNCTION myFunc(procedure_call varchar2) RETURN VARCHAR2
IS
v_out1 varchar2(500);
BEGIN
EXECUTE IMMEDIATE 'begin '||procedure_call||'( :out1 ); end;' using v_out1;
RETURN v_out;
END;
I need to call a function dynamically (say handler() ) in PL/SQL function which returns a Nested Table.
Code:
BEGIN
...
v_function := 'handler'; //shown like this of simplicity.
EXECUTE IMMEDIATE 'BEGIN :result := ' || v_function || '(...); END;'
USING OUT v_error_msg;
... //process v_error_msg
END;
and the handler() specification:
TYPE t_error_msgs IS TABLE OF VARCHAR2(2000);
FUNCTION handle (...)
RETURN t_error_msgs;
Issue is I get PL-00457:expressions have to be of SQL types while compiling as execute immediate wont allow non-sql types to be binded.
Is there any way around ?
It depends what you mean by 'workaround' The type will have to be declared at SQL level, not within a PL/SQL block (presumably a package in this case). This would work, for example:
CREATE OR REPLACE TYPE t_error_msgs AS TABLE OF VARCHAR2(2000)
/
CREATE OR REPLACE PACKAGE p42 AS
FUNCTION handler RETURN t_error_msgs;
END p42;
/
CREATE OR REPLACE PACKAGE BODY p42 AS
FUNCTION handler RETURN t_error_msgs IS
BEGIN
RETURN null; -- put real data here, obviously...
END handler;
END p42;
/
DECLARE
v_error_msg t_error_msgs;
v_function varchar2(30);
BEGIN
v_function := 'p42.handler';
EXECUTE IMMEDIATE 'BEGIN :result := ' || v_function || '; END;'
USING OUT v_error_msg;
END;
/
Alternatively you can reconsider whether you really need this to be dynamic. Presumably you're passing or somehow determining the function to call on the fly and populating v_function. If there's a relatively short list of possible values it might be simpler to have a case with individual static function calls.