I'm working on a Groovy/Grails project that will display the roles that a user is currently assigned in an Oracle database. Is it possible to query this information from the Oracle server via Groovy/Grails? If it is, any pointers on how to do this are much appreciated.
There are a lot of oracle metadata views available. First of all there is a prefix DBA_, ALL_, USER_ describes how much data you will see (depending on your permissions). I will list only DBA_ prefix, you could replace it with more restrictive prefix.
You will be interested in views:
DBA_ROLES
DBA_ROLE_PRIVS
ROLE_TAB_PRIVS
DBA_TAB_PRIVS
DBA_USERS
SESSION_PRIVS
SESSION_ROLES
TABLE_PRIVILEGES
Related
I'm working on C# Winform app and I have the query that select the list of tables but in but in the schema of the user I list there's no table listed.
This query should work in SQL Server
ALTER LOGIN [my_user_name] WITH DEFAULT_DATABASE = [new_default_database]
is there query like that on oracle?
Nope, there's not (as far as I can tell).
(Just a side note: what you call "database" in MS SQL Server is called "user" in Oracle, while "schema" = "user + all its objects").
Solution? Connect as user which owns tables you use.
Alternatively, if you can't have those credentials (username and password + database) for some reasons (such as security), you'll have to get access to those objects, somehow. One option is that owner grants (at least) select privilege. Suppose I'm the owner (user = "littlefoot"):
grant select on employees to kim;
("kim" is user you can connect to).
Then you'd precede table name with owner name:
select * From littlefoot.employees;
Or, you could create a synonym to all those tables so that you could avoid specifying owner name:
create synonym employees for littlefoot.employees;
select * from employees;
Or, if it really is a different database, you'll have to create a database link, but it presumes that you know login credentials so - I believe that this is not your case.
I would simply like to allow a colleague to view and edit the Database I've created.
I've tried:
GRANT ALL on FISHTABLE to CDEMARES;
and it returned Grant succeeded but nothing changed for him and he still wasn't able to view my table.
I also tried
GRANT SELECT smahala.fishtable to cdemares#sole.nefsc.noaa.gov;
but that failed with SQL Error: ORA_00990: missing or invalid privilege.
Is my issue that I don't have the administrative authority to allow someone else to view my Oracle table? Any advice is appreciated, thanks.
Your colleague needs to prefix your table with your schema name, otherwise Oracle doesn't know where to look for it, e.g.:
select * from smahala.fishtable
If they don't do that, and simply try to use:
select * from fishtable
then Oracle will look for the table in their own schema, and then look for a view, or a private synonym, or a public synonym. Your colleague could create a synonym if they'll be accessing this table a lot (and they don't have their own table with the same name). It's also possible to change their session's current schema, but that will make it harder to see their own objects.
You can read more about object naming and how to refer to objects in the documentation.
SQL Developer allows you to browse objects in other schemas. If your colleague was connected when you granted the permissions, they can refresh the object list, or disconnect and reconnect. Either way they should then be abke to see your table under your schema.
(Your second grant statement is missing an on, and you can't grant permissions across a database link, if that's what you're trying to do.)
I want to know which privilege is required to access the table ALL_ARGUMENTS in Oracle? There is any specific one?
Example:
SELECT * FROM ALL_ARGUMENTS
Searched on web but found nothing.
The ALL_ARGUMENTS table is returned when we execute this:
SELECT * FROM sys.dba_tab_privs WHERE grantee='PUBLIC' and table_name like 'ALL_ARGUMENTS'
We see a value of PUBLIC as the grantee. That means, PUBLIC has SELECT privilege.
Reference: https://docs.oracle.com/database/121/TTSYS/systemtables.htm#TTSYS348
There may be other tables in SYS, for which this is not true: Then, ADMIN or SELECT ANY TABLE privileges are needed.
Typically, anyone can see ALL_ARGUMENTS. For that matter, anyone can see any ALL_ data dictionary view.
It will show you YOUR arguments, and any argument for an object you are also able to view based on your privilege level.
This security check is why querying DBA_ views is always (generally) faster than querying ALL_ views - because it just shows EVERY SINGLE ARGUMENT regardless of object privileges.
Not every view has an ALL_ and a DBA_ version.
From the DOCS
Hi I m new to oracle using 11g exprs edition and familiar with mysql. We can use the below code to display all databases in mysql
show databases;
What is the corresponding command in Oracle. Or how can i display all databases. Also We have
use mydatabase;
to chanage database in mysql. How can i change database in oracle. I tried to display all owners and their tables using the following command
select table_name, owner from all_tables;
It working fine. But when I tried to display tables I have created, by adding a where cluase
select table_name, owner from all_tables where owner='root';
it shows no rows were selected. Why this happens? Also I am facing the same problem with most of the queries when using the where clause. Without where clause it works fine. but when using it, the result is no rows selected for example
select * from all_tab_comments where owner='root';
select constraint_name, constraint_type from user_constraints where table_name='location';
Is there anything special in oracle for where clause or the problem with my query.
Your username is very unlikely to be root; it could however be ROOT, in which case you could do:
select table_name, owner from all_tables where owner='ROOT';
The owner name is case-sensitive, and all objects including users and table names are upper-case by default (unless they're created with double-quotes, which is a bad idea). If you're connected as that user, to see only your own tables you can also do:
select table_name from user_tables;
And there is the dba_tables view which also shows you tables you don't have permissions on, but you can only see that with elevated privileges.
Oracle doesn't have 'databases' in the same sense as other products. You probably means schemas, as the logical grouping of objects. And schemas and users are essentially synonymous.
To get a list of all schemas you can query dba_users (if you have the right privileges), or to get a list of schemas that have objects - as you may have users who only use objects in other schemas - you can do:
select distinct owner from dba_objects;
... or all_objects to again only see things you have permissions for. To see what kind of objects:
select owner, object_type, count(*) from dba_objects group by owner, object_type;
The documentation explains the static data dictionary views which hold all of this information. You won't be able to see all of them though, unless you're connected as a privileged user.
There will be a lot of differences between the two products; you might be better off trying to find a tutorial that works through them rather than using trial and error and trying to understand what's gone wrong at each step. Or at least familiarise yourself with the Oracle documentation so you can research issues.
First, there is going to be a terminology difference when you change platforms. What MySQL calls a "database" is most similar to what Oracle calls a "schema". If you are using Oracle XE, you can only have one database (using Oracle terminology) on the machine. You can have many schemas within that database.
The owner in all_tables is the name of the schema that owns the table. Assuming that you created an Oracle user root (which seems like an odd choice for a database user) and assuming that you did not create a case-sensitive user name in all lower case (which would create a ton of issues down the line), the owner will always be upper-case.
SELECT owner, table_name
FROM all_tables
WHERE owner = 'ROOT'
In Oracle, you do not generally change from one schema to another. You either fully qualify the table name
SELECT *
FROM schema_name.table_name
or you create synonyms (public or private) for objects that you want to reference
CREATE SYNONYM synonym_name
FOR schema_name.table_name;
SELECT *
FROM synonym_name
If you really want to, however, you can change your current schema for name resolution purposes
ALTER SESSION SET current_schema = <<schema name>>
use the view : tabs
select * from tabs;
A third party product we have at my company uses Oracle as a backend. I'm attempting to log into the Oracle database and look at the schema and data. I've logged in as sys/sysdba, created a user with a default tablespace of that created by the application, and granted the user all necessary permissions to query the structures. I've also set O7_DICTIONARY_ACCESSIBILITY to true to allow querying of the data dictionary objects.
After logging in as the user and querying User_Tables nothing is returned. But when I query DBA_Tables the tables I'd expect to find are returned. I'm new to Oracle so I'm not quite certain how a non-system table can be in the tablespace, but not a user_table.
More importantly, how do you query the data in these tables? Whenever I attempt a simple "Select *" from the tables I get a "table or view does not exist" error.
Thanks in advance.
The default tablespace you set for a user controls what tablespace objects owned by that user are created in. It has nothing to do with what objects they can query.
USER_TABLES returns information about the tables that a particular user owns. It does not sound like your user owns any tables, so you would expect that to be empty.
ALL_TABLES returns information about the tables that a particular user has access to. If you granted the appropriate privileges, your user should see the tables in this data dictionary view.
DBA_TABLES returns information about every table in the database even if you don't necessarily have access to the underlying table.
If you are trying to query data from one of the tables, are you specifying the schema name (the OWNER column in ALL_TABLES)? If you do not own an object, you generally need to use fully qualified names to reference it, i.e.
SELECT *
FROM schema_owner.table_name
You can avoid using fully qualified names if
You create a synonym (public or private) for the object
You change the CURRENT_SCHEMA for the session. This changes the default schema that a name is resolved under. It does not affect permissions and privileges. You can change the current schema with the command
ALTER SESSION SET current_schema = new_schema_name
You would have to do this for each session the user creates-- potentially in a login trigger.