I have created table it's sequence on owner .
Also granted permission of insert update delete select on table from owner to user.
Also granted select on sequence from owner to user.
Finally I logged in user and created synonym for owner table and sequence.
Now when I access table in user it throws insufficient permission.the same table can be accessible in owner..
Any idea what I'm missing here..
You should execute these queries and verify grantor and grant:
select * from all_tab_privs where table_name ='YOUR_NAME_SEQUENCE';
select * from all_tab_privs where table_name ='YOUR_NAME_TABLE';
select * from all_synonyms where synonym_name ='YOUR_NAME_TABLE';
Certainly Grantor not equal to your user or some grant is missed.
Thank you.
issue got resolved as issue with grant statement I gave incorrect user id
Related
In Oracle, I granted select on a table to a user by giving the following command:
GRANT SELECT ON DEPT TO HOMERSIMPSON;
Once I granted a select on the dept table to homersimpson, I queried the dba_sys_privs, there's no record of the privilege granted. I used the following query:
Select * from dba_sys_privs where grantee = 'HOMERSIMPSON';
Why is the privilege not reported on this table?
Thanks in advance.
You are granting a SELECT on a specific table. That's not a system priv. It is an object prv. Try looking at DBA_TAB_PRIVS.
I have an issue where I (as sysdba) granted a privilege to perform a select on any table to a user. I used the following query:
GRANT SELECT ANY TABLE TO BARTSIMPSON
I get the message that grant succeeded. But I don't see a record of this privilege in the dba_tab_privs. Why? Thanks in advance
You are looking in the wrong view. dba_tab_privs shows table privileges. select any table is a system privilege. You should look for it in dba_sys_privs.
I am trying to create a view that is referencing to dba_objects table.
I can select the dba_objects just fine but when I try to create a view I am getting an insuf priv error.
select * from session_privs //this returns create view privilege
create view v_test_view
as
select * from dba_objects
where owner = 'HR'
ORA-01031: insufficient privileges
You aren't allowed to select from DBA_OBJECTS. A privileged user (such as SYS) has to grant you select privilege on it.
Alternatively, if it is enough for what you're doing, select from ALL_OBJECTS which contains all objects you have access to.
What is the query to get all objects with privileges under a specific role.
ROLE_NAME TABLE SELECT INSERT DELETE UPDATE EXECUTE
SELECT *
FROM DBA_TAB_PRIVS
WHERE GRANTEE='ROLE_NAME';
DBA_TAB_PRIVS describes all object grants in the database.
Or to get the grants for all the roles, you can use below query.
SELECT grantee role_name,table_name,privilege
FROM dba_tab_privs dtp,dba_roles dr
WHERE dtp.grantee=dr.role
ORDER BY role_name,table_name,privilege;
One of the pitfalls in Oracle is the fact that sometimes you can select from a table if you run a query in SQLplus but that you can't when running the query from a stored procedure. In order to run a query from a stored procedure you need a direct grant for the object and not a grant obtained through a role.
If I see a table in the all_tables view, how can I know if I can see this table because of a direct grant or because of a role grant?
Look at ALL_TAB_PRIVS:
select grantee from all_tab_privs
where table_schema = 'SCOTT' and table_name='EMP'
and privilege = 'SELECT';
This shows all grantees, whether roles or users.
One method to see exactly what a procedure would see is to issue the command:
SET ROLE none
It disables all roles for your current session.