How can I drop user without the table in oracle?
create user andi identified by andi;
alter user andi quota 10m on users;
grant connect to andi;
grant create table to andi;
conn andi;
create table mahasiswa( idmhs number(3) primary key, nama varchar(20),
nim number(7), jurusan varchar(20) );
insert into mahasiswa values (101, 'Budi', 0881103, 'TI');
drop user andi cascade; ---> table mahasiswa is also deleted.
How can I drop user without the table in oracle?
Thank you in advance!
You can not do this.
The table belongs to andi and when you drop andi you also drop all its belongings.
As mentioned before (by #Steven Wolfe) create a user for the tables, and grant privileges for the other users.
You could create the mahasiswa table with another user as the owner and then grant the user andi whichever privileges they require (SELECT, INSERT, UPDATE, DELETE).
I'd also create a synonym so you don't have to continually reference the table from the andi schema with the owner schema, eg: OTHERUSER.mahasiswa. As the andi user execute the following:
CREATE SYNONYM mahasiswa FOR OTHERUSER.mahasiswa
Hope that helps.
Related
How can I create a table of a user with sys? I want to give a table to an user but I want that this user can't alter the table.
I tried this:
CONNECT USER1/USER1;
CREATE TABLE Persons (
PersonID int,
LastName varchar(255),
FirstName varchar(255),
Address varchar(255),
City varchar(255)
);
But I want to create this table from sys user so user1 can't alter this table. How can I do that?
USER1 can alter a table in their schema, even if they don't have CREATE TABLE privilege.
As SYS:
grant create session to user1;
alter user user1 quota 100M on users ;
create table user1.t1 (id number);
Now connect as USER1. Both these statements will succeed:
insert into t1 values (1234);
alter table t1 add col1 varchar2(16);
In case it's not clear, USER1 cannot create tables. This statement will fail with ORA-01031: insufficient privileges...
create table t2(id number);
It's not clear exactly what you're trying to achieve, but the best way to control schemas is to separate schema owners from application users. Schema owners have objects but (usually) lack CREATE SESSION privilege, at least in production: their objects are deployed by power user accounts. Application users have CREATE SESSION and DML privileges on objects in the schema owner accounts but don't own any objects themselves, except maybe private synonyms and database links.
I don't understand the difference between these two privileges.
I found these two explanations but it's not helping me.
CREATE TABLE -> Enables a user to create a table owned by that user.
CREATE ANY TABLE -> Enables a user to create a table owned by any user in the database.
If a user creates a table it's going to be owned by the user that created it right? I don't get it.
The CREATE TABLE privilege lets you create a table in your own schema. So user scott can do:
create table scott.mytable ( id number );
The CREATE ANY TABLE privilege lets you create a table in any schema in the database. So again, user scott can do:
create table hr.employees ( id number );
That is, make a table that belongs to someone else.
I have two oracle users : User1 and User2.
User1 has a table Users_
User2 has a table TestTable
I'm trying to create a foreign key constraint between the two tables as follows :
ALTER TABLE "User2"."TESTTABLE" ADD CONSTRAINT "TESTTABLE_CREATEDBY"
FOREIGN KEY (CREATEDBY) REFERENCES "User1"."USERS_" (ID) ENABLE
User2 has the privilege to select on User1 table Users_ (Grant select to user2 on Users_)
When running the alter table statement I'm having an error : of insufficient privileges.
Does anyone know how to solve that please ?
Cheers,
To create a foreign key against a table in another schema we need to have the REFERENCES privilege on that table. This is a separate privilege because it imposes a burden on the table's owner: they can't delete records from their table if you're referencing them. Find out more
I have 2 users: User1 and User2
I am able to create table in schema of User2 from User1
create table user2.tmp_tab (
temp1 varchar2(20),
temp2 varchar2(20)
);
Table created Successfully
but I want User2 to have only select privileges on the table.
and also I don't want to create table in Schema User1.
Is it possible ? How can it be done ?
No, you can't. The schema owner automatically has all object privileges for his own schema.
From documentation,
A user automatically has all object privileges for schema objects
contained in his or her schema. A user can grant any object privilege
on any schema object he or she owns to any other user or role.
Situation is that user1 gives permision to user2:
GRANT CREATE ANY TABLE, SELECT ANY TABLE TO user2;
And after logging on user2, I'm trying to create table:
CREATE TABLE user1.test(id NUMBER PRIMARY KEY);
the result is ORA-01031 - insufficient privileges
I can create table on own schema and select tables from other schemas. I thought that CREATE ANY TABLE solves the problem, but it looks other way. Ah, and both users have unlimited tablespace. What else should I guarantee?
Perhaps you need to also grant CREATE ANY INDEX? You are creating an index when you add the primary key. You can quickly test this by omitting the PK constraint.
"create any table" is too powerful a privilege to be granting to non-DBA's. A better approach would be to create a "create table" procedure in the target schema that accepts sanitised components of the required DDL, and grant execute privilege on that to the required users.
A suitable interface would be something like ...
create procedure
create_table(
table_name varchar2,
columns varchar2,
etc varchar2)
... so that you can ...
begin
user1.create_table(
table_name => 'TEST',
columns => 'id NUMBER PRIMARY KEY',
etc => '');
end;
... and have the procedure construct and execute the DDL for you.
user
GRANT CREATE ANY INDEX TO SCHEMA_NAME