i have some problem on my student Database schema. I want to find with query which Tables don't have: for example 'SELECT' grant to role XXX. Second example is that in Tables i have like Grants for delete,alter but now i want to check all Tables with one query to find which Tables don't have Select grant to role 'STUDENT_DBA' or where this role don't have grant for Select...
Please help 😅😅😅
SELECT table_name
FROM dba_tables
WHERE owner = 'STUDENT'
AND table_name NOT IN
(SELECT table_name
FROM dba_tab_privs
WHERE owner = 'STUDENT'
AND privilege = 'SELECT'
AND grantee = 'STUDENT_DBA');
This will return all tables in the STUDENT schema that do not have select permissions directly granted to the STUDENT_DBA role.
Related
I should give username “Username1” read access to the “Product_id”, “Price” columns for all entries in the “Sales” table that have a “Price”> 10. Assume that the user exists and has the "Connect" role. The table exists in its schema.
I tried this code but it does not work:
Grant select(product_id, price) on sales where price > 10 to ‘Username1’;
You can create a view:
CREATE VIEW TEST AS
SELECT s.PRODUCT_ID, s.PRICE
FROM SALES s
WHERE s.PRICE > 10
/
then use:
GRANT SELECT ON TEST TO USERNAME1
/
As far as I know You cannot add grant on strict column with where condition, but view can.
I got some tables:
Book(bookId, libraryId, bookName, bookType);
BookType(bookType, typeName);
Library(LibrayId);
User(UserId);
BookBorrowed(BorrowId, LibraryId, UserId);
BorrowDetail(BorrowId, bookId)
and a user created in sqlDeveloper, C##DG.
How to GRANT privileges(select) ON BookBorrowed and User with UserId = 1(C##DG can only see and use SELECT the data on the 2 table whose UserId column is 1)?.
Can you guys show me some examples?
Thanks you very much.
The proper Oracle solution to this is Virtual Private Database.
if that isn't an option, another way is to define views such as:
create view userBookBorrowed
as select * from bookBorrowed bb
join users u on (u.userid = bb.userid)
where u.username = USER;
Then only grant the users access to the view, not the table.
There's no such thing as column-level privileges that you can grant or revoke. You need to implement Virtual Private Database policies for those kinds of filters or restrictions. See here: https://docs.oracle.com/en/database/oracle/oracle-database/19/dbseg/using-oracle-vpd-to-control-data-access.html#GUID-06022729-9210-4895-BF04-6177713C65A7
I'm trying to locate blank schemas within my oracle server.
I've tried using DBA_TAB_COLS, but no success. Eg:
select * from
(
select OWNER, COUNT(distinct(TABLE_NAME)) as TABLE_COUNT
from DBA_TAB_COLS
group by OWNER
)
where TABLE_COUNT = 0
Is there a way to query for a list of blank schemas?
If "blank schema" means a schema that does not own any tables
SELECT username
FROM dba_users u
WHERE NOT EXISTS(
SELECT 1
FROM dba_tables t
WHERE t.owner = u.username
);
If you want to look for schemas that own no object, rather than schemas that own no tables, you'd use dba_objects in the subquery rather than dba_tables. For either of these, though, you'd need to have privileges to query the dba_* objects.
I wanted to delete some unused schemas on our oracle DB.
How can I query for all schema names ?
Using sqlplus
sqlplus / as sysdba
run:
SELECT *
FROM dba_users
Should you only want the usernames do the following:
SELECT username
FROM dba_users
Most likely, you want
SELECT username
FROM dba_users
That will show you all the users in the system (and thus all the potential schemas). If your definition of "schema" allows for a schema to be empty, that's what you want. However, there can be a semantic distinction where people only want to call something a schema if it actually owns at least one object so that the hundreds of user accounts that will never own any objects are excluded. In that case
SELECT username
FROM dba_users u
WHERE EXISTS (
SELECT 1
FROM dba_objects o
WHERE o.owner = u.username )
Assuming that whoever created the schemas was sensible about assigning default tablespaces and assuming that you are not interested in schemas that Oracle has delivered, you can filter out those schemas by adding predicates on the default_tablespace, i.e.
SELECT username
FROM dba_users
WHERE default_tablespace not in ('SYSTEM','SYSAUX')
or
SELECT username
FROM dba_users u
WHERE EXISTS (
SELECT 1
FROM dba_objects o
WHERE o.owner = u.username )
AND default_tablespace not in ('SYSTEM','SYSAUX')
It is not terribly uncommon to come across a system where someone has incorrectly given a non-system user a default_tablespace of SYSTEM, though, so be certain that the assumptions hold before trying to filter out the Oracle-delivered schemas this way.
SELECT username FROM all_users ORDER BY username;
select distinct owner
from dba_segments
where owner in (select username from dba_users where default_tablespace not in ('SYSTEM','SYSAUX'));
Below sql lists all the schema in oracle that are created after installation
ORACLE_MAINTAINED='N' is the filter. This column is new in 12c.
select distinct username,ORACLE_MAINTAINED from dba_users where ORACLE_MAINTAINED='N';
How about :
SQL> select * from all_users;
it will return list of all users/schemas, their ID's and date created in DB :
USERNAME USER_ID CREATED
------------------------------ ---------- ---------
SCHEMA1 120 09-SEP-15
SCHEMA2 119 09-SEP-15
SCHEMA3 118 09-SEP-15
Either of the following SQL will return all schema in Oracle DB.
select owner FROM all_tables group by owner;
select distinct owner FROM all_tables;
I want to find the foreign keys of a table but there may be more than one user / schema with a table with the same name. How can I find the one that the currently logged user is seeing? Is there a function that gives its owner? What if there are public synonyms?
You can query the ALL_OBJECTS view:
select owner
, object_name
, object_type
from ALL_OBJECTS
where object_name = 'FOO'
To find synonyms:
select *
from ALL_SYNONYMS
where synonym_name = 'FOO'
Just to clarify, if a user user's SQL statement references an object name with no schema qualification (e.g. 'FOO'), Oracle FIRST checks the user's schema for an object of that name (including synonyms in that user's schema). If Oracle can't resolve the reference from the user's schema, Oracle then checks for a public synonym.
If you are looking specifically for constraints on a particular table_name:
select c.*
from all_constraints c
where c.table_name = 'FOO'
union all
select cs.*
from all_constraints cs
join all_synonyms s
on (s.table_name = cs.table_name
and s.table_owner = cs.owner
and s.synonym_name = 'FOO'
)
HTH
-- addendum:
If your user is granted access to the DBA_ views (e.g. if your user has been granted SELECT_CATALOG_ROLE), you can substitute 'DBA_' in place of 'ALL_' in the preceding SQL examples. The ALL_x views only show objects which you have been granted privileges. The DBA_x views will show all database objects, whether you have privileges on them or not.
I found this question as the top result while Googling how to find the owner of a table in Oracle, so I thought that I would contribute a table specific answer for others' convenience.
To find the owner of a specific table in an Oracle DB, use the following query:
select owner from ALL_TABLES where TABLE_NAME ='<MY-TABLE-NAME>';
Interesting question - I don't think there's any Oracle function that does this (almost like a "which" command in Unix), but you can get the resolution order for the name by:
select * from
(
select object_name objname, object_type, 'my object' details, 1 resolveOrder
from user_objects
where object_type not like 'SYNONYM'
union all
select synonym_name obj , 'my synonym', table_owner||'.'||table_name, 2 resolveOrder
from user_synonyms
union all
select synonym_name obj , 'public synonym', table_owner||'.'||table_name, 3 resolveOrder
from all_synonyms where owner = 'PUBLIC'
)
where objname like upper('&objOfInterest')
Oracle views like ALL_TABLES and ALL_CONSTRAINTS have an owner column, which you can use to restrict your query. There are also variants of these tables beginning with USER instead of ALL, which only list objects which can be accessed by the current user.
One of these views should help to solve your problem. They always worked fine for me for similar problems.
To find the name of the current user within an Oracle session, use the USER function.
Note that the owner of the constraint, the owner of the table containing the foreign key, and the owner of the referenced table may all be different. It sounds like it’s the table owner you’re interested in, in which case this should be close to what you want:
select Constraint_Name
from All_Constraints
where Table_Name = 'WHICHEVER_TABLE'
and Constraint_Type = 'R' and Owner = User;
It is like #entpnerd said, but I suggest you to use upper() clause:
select *
from ALL_TABLES
where upper(TABLE_NAME) = upper('<table_name>')