How to grant read and create Views privilege to a role?
Here are the steps I've done:
Grant statement to the role "CUSTOM_ROLE":
GRANT SELECT ON MY_VIEW_1 to CUSTOM_ROLE;
Assign the role to a user id:
GRANT CUSTOM_ROLE TO USERID_123;
Error:
01924. 00000 - "role '%s' not granted or does not exist"
*Cause: Either the role was not granted to the user, or the role did not exist.
*Action: Create the role or grant the role to the user and retry
the operation.
Please kindly help. Thank you.
Create the role prior granting to it. The message says the role doesn't exist.
I would suggest You to check existence of the role using:
select role from dba_roles where role = 'CUSTOM_ROLE';
If this query won't return any rows then use
CREATE ROLE custom_role;
to create it.
See this:
https://www.techonthenet.com/oracle/roles.php
For details
Related
im using oracle db v21c , after trying to create a role student with privs 'create session , create table , create view ' a granted that role to a user 'user3' but when trying to connect with that user i got ora-01045. i checked that privs granted to that role and everything seems normal , i have tried using granting the role the privileges with admin option and nothing happens . I used select * from dba_sys_privs where grantee='student' and all seems good . The role is created with system and so the user because at first i was trying to create the role with scott , but get an error insufficient privileges, but scott have the privilege to create role.
Roles are not active by default. You must either alter the user to set a default role (and then login again), or alter the user's current session to set a current role:
alter user user3 default role all;
or
set role student;
I have more than 10+ views in my database(i.e. myDb) in snowflake with the role analyst.
Now, I have created a new role i.e. developer and I want to give
grant select on view <> to role developer
permission to one particle view(i.e test_view).
How can I grant access to one particular view in snowflake?
Note: consider the schema name public
Along with granting select on view, you also need to grant usage on the database and schema
grant usage on database db_name to role developer;
grant usage on schema db_name.public to role developer;
grant select on view db_name.public.my_view to role developer;
Operating on a view also requires the USAGE privilege on the parent
database and schema
snowflake-view-privileges
You do it almost exactly how you have guessed. VIEWs are schemaObjectPrivileges
CREATE ROLE developer;
CREATE VIEW test.test.test_view AS SELECT 1 AS id;
GRANT SELECT ON VIEW test.test.test_view TO ROLE developer;
SHOW GRANTS TO ROLE developer;
I've created a user with a default tablespace. I've granted create session to that user and then added them to a role GRANT xxxx_role TO myuser;
However when I run SELECT * FROM USER_ROLE_PRIVS, there are no rows of data, meaning the user isn't assigned to any roles. It says that the grant succeeded. What am I doing wrong? I've done this as a SYSTEM user which should have carte blanche permissions.
user_role_privs shows roles granted to the current user. dba_role_privs shows roles granted to all users. You probably want to be querying dba_role_privs.
If you are logged in as system and do the grant, you should see a row in dba_role_privs for myuser. You won't see rows in user_role_privs for any user other than system. If you log in as myuser after the grant is done, you will see a row in user_role_privs.
It is possible to make grant select on dba_users to role? I trying to give access for users and all works fine, but when i try to do this for all group, this access didnt work.
Privileges which are granted through a role do not apply inside PL/SQL blocks. You have to grant the privilege to each USER individually.
See How Roles Work in PL/SQL Blocks
I want to know once you create a user role and add some privileges as:
CREATE ROLE usern NOT IDENTIFIED ;
GRANT SELECT ANY DICTIONARY TO usern ;
GRANT SELECT ON t90022.temptable TO usern ;
Can you edit the user role and just state the privilege as follows?
GRANT SELECT ON 90888.temptable2 TO usern ;
Will the user role be updated or do you need to drop and create the user role again?
PS: I don't have privileges to try this out. So please help
Granting privileges in Oracle is cumulative. You do not have to re-grant privileges already granted, and in fact must revoke them explicitly to remove them.