In Oracle, I granted select on a table to a user by giving the following command:
GRANT SELECT ON DEPT TO HOMERSIMPSON;
Once I granted a select on the dept table to homersimpson, I queried the dba_sys_privs, there's no record of the privilege granted. I used the following query:
Select * from dba_sys_privs where grantee = 'HOMERSIMPSON';
Why is the privilege not reported on this table?
Thanks in advance.
You are granting a SELECT on a specific table. That's not a system priv. It is an object prv. Try looking at DBA_TAB_PRIVS.
Related
I have created table it's sequence on owner .
Also granted permission of insert update delete select on table from owner to user.
Also granted select on sequence from owner to user.
Finally I logged in user and created synonym for owner table and sequence.
Now when I access table in user it throws insufficient permission.the same table can be accessible in owner..
Any idea what I'm missing here..
You should execute these queries and verify grantor and grant:
select * from all_tab_privs where table_name ='YOUR_NAME_SEQUENCE';
select * from all_tab_privs where table_name ='YOUR_NAME_TABLE';
select * from all_synonyms where synonym_name ='YOUR_NAME_TABLE';
Certainly Grantor not equal to your user or some grant is missed.
Thank you.
issue got resolved as issue with grant statement I gave incorrect user id
I have an issue where I (as sysdba) granted a privilege to perform a select on any table to a user. I used the following query:
GRANT SELECT ANY TABLE TO BARTSIMPSON
I get the message that grant succeeded. But I don't see a record of this privilege in the dba_tab_privs. Why? Thanks in advance
You are looking in the wrong view. dba_tab_privs shows table privileges. select any table is a system privilege. You should look for it in dba_sys_privs.
What is the query to get all objects with privileges under a specific role.
ROLE_NAME TABLE SELECT INSERT DELETE UPDATE EXECUTE
SELECT *
FROM DBA_TAB_PRIVS
WHERE GRANTEE='ROLE_NAME';
DBA_TAB_PRIVS describes all object grants in the database.
Or to get the grants for all the roles, you can use below query.
SELECT grantee role_name,table_name,privilege
FROM dba_tab_privs dtp,dba_roles dr
WHERE dtp.grantee=dr.role
ORDER BY role_name,table_name,privilege;
I have a table orders in OE schema. I don't have access to this table either from scott or hr schemas . But when I try to select from oe.orders from these 2 schemas I get different messages as below.Why is this so?
SQL> connect scott/test
Connected.
SQL> select count(*) from oe.orders;
select count(*) from oe.orders
*
ERROR at line 1:
ORA-01031: insufficient privileges
SQL> connect hr/test
Connected.
SQL> select count(*) from oe.orders;
select count(*) from oe.orders
*
ERROR at line 1:
ORA-00942: table or view does not exist
SCOTT may have INSERT, UPDATE, and/or DELETE privileges on the table oe.orders, but not SELECT, while HR clearly has no privileges granted at all on oe.orders. SCOTT could also have INSERT ANY TABLE, DELETE ANY TABLE, and/or UPDATE ANY TABLE as well.
Be sure to look in dba_sys_privs for granted system privileges that might confer the ability to know an object such as a table exists, without granting the right to select from it. For example, CREATE ANY INDEX or ANALYZE ANY privileges result in the insufficient privileges message for a table I don't have DML rights on. Compare the privileges granted to SCOTT with those granted to HR.
I have a homegrown Oracle role that was created long ago:
create role MyRole;
It's been granted the ability to select, insert, update, and delete from some tables and views.
grant select on sometable to MyRole;
grant insert on sometable to MyRole;
grant select on someothertable to MyRole;
-- etc.
How can I now enumerate the specific list of privileges that were granted to the role? I am interested in discovering the specific tables and the rights this role has with respect to each table. How can I recover this information?
You can simply search from data dictionary ROLE_TAB_PRIVS. And do like this
SELECT * FROM ROLE_TAB_PRIVS WHERE ROLE = 'MyRole';
this works well:
SELECT DBA_TAB_PRIVS.GRANTEE, TABLE_NAME, PRIVILEGE,DBA_ROLE_PRIVS.GRANTEE
FROM DBA_TAB_PRIVS, DBA_ROLE_PRIVS
WHERE DBA_TAB_PRIVS.GRANTEE = DBA_ROLE_PRIVS.GRANTED_ROLE
AND DBA_TAB_PRIVS.GRANTEE='<ENTER GROUP ROLE HERE>'
AND DBA_ROLE_PRIVS.GRANTEE = '<ENTER ROLE HERE>'
ORDER BY DBA_ROLE_PRIVS.GRANTEE