ORACLE Permissions on tables - oracle

I have a table orders in OE schema. I don't have access to this table either from scott or hr schemas . But when I try to select from oe.orders from these 2 schemas I get different messages as below.Why is this so?
SQL> connect scott/test
Connected.
SQL> select count(*) from oe.orders;
select count(*) from oe.orders
*
ERROR at line 1:
ORA-01031: insufficient privileges
SQL> connect hr/test
Connected.
SQL> select count(*) from oe.orders;
select count(*) from oe.orders
*
ERROR at line 1:
ORA-00942: table or view does not exist

SCOTT may have INSERT, UPDATE, and/or DELETE privileges on the table oe.orders, but not SELECT, while HR clearly has no privileges granted at all on oe.orders. SCOTT could also have INSERT ANY TABLE, DELETE ANY TABLE, and/or UPDATE ANY TABLE as well.
Be sure to look in dba_sys_privs for granted system privileges that might confer the ability to know an object such as a table exists, without granting the right to select from it. For example, CREATE ANY INDEX or ANALYZE ANY privileges result in the insufficient privileges message for a table I don't have DML rights on. Compare the privileges granted to SCOTT with those granted to HR.

Related

Oracle Db: Grant select doesn't show up in dba_sys_privs

In Oracle, I granted select on a table to a user by giving the following command:
GRANT SELECT ON DEPT TO HOMERSIMPSON;
Once I granted a select on the dept table to homersimpson, I queried the dba_sys_privs, there's no record of the privilege granted. I used the following query:
Select * from dba_sys_privs where grantee = 'HOMERSIMPSON';
Why is the privilege not reported on this table?
Thanks in advance.
You are granting a SELECT on a specific table. That's not a system priv. It is an object prv. Try looking at DBA_TAB_PRIVS.

Oracle: Granting Select ANY Table doesn't show up in dba_tab_privs

I have an issue where I (as sysdba) granted a privilege to perform a select on any table to a user. I used the following query:
GRANT SELECT ANY TABLE TO BARTSIMPSON
I get the message that grant succeeded. But I don't see a record of this privilege in the dba_tab_privs. Why? Thanks in advance
You are looking in the wrong view. dba_tab_privs shows table privileges. select any table is a system privilege. You should look for it in dba_sys_privs.

Rename Oracle Table in Other Schema

How to rename the table which is under other schema? For example, my user is A, I want to rename table_1 to table_1_temp which both supposed to be under the same schema, let's say schema B. Is that possible?
I tried this:
RENAME B.table_1 TO B.table_1_temp
and
RENAME B.table_1 TO table_1_temp
but got this error:
ORA-01765: specifying owner's name of the table is not allowed
ALTER statement is also doesn't work:
ALTER TABLE B.table_1 RENAME TO table_1_temp
got this error:
ORA-01031: insufficient privileges
and this
ALTER TABLE B.table_1 RENAME TO B.table_1_temp
ORA-14047 ALTER TABLE|INDEX RENAME may not be combined with other operations
"Insufficient privilege" is the keyword here. You can't modify other users' objects unless you're allowed to; of course you can't - how would it look like if anyone messes up with your schema?
Owner itself can't grant that privilege; it is a strong one and user - who is granted such a privilege - must be trustworthy as it can alter any other user's tables.
Have a look at the following example. There are two users in my database: mike (who owns a table) and scott (who should rename mike's table).
Mike and his table:
SQL> show user
USER is "MIKE"
SQL> select * from tab;
TNAME TABTYPE CLUSTERID
------------------------------ ------- ----------
BEDIENSTETER TABLE
Connect as scott and try to rename mike's table (rename won't work here; it is supposed to be used in your own schema):
SQL> connect scott/tiger
Connected.
SQL> alter table mike.bediensteter rename to test;
alter table mike.bediensteter rename to test
*
ERROR at line 1:
ORA-01031: insufficient privileges
Right; insufficient privileges. What privilege is it? ALTER ANY TABLE. So let's grant it, connected as a privileged user (such as SYS in my XE database):
SQL> connect sys as sysdba
Enter password:
Connected.
SQL> grant alter any table to scott;
Grant succeeded.
OK; back to scott, repeat the action:
SQL> connect scott/tiger
Connected.
SQL> alter table mike.bediensteter rename to test;
Table altered.
Succeeded! Let's see what we've done:
SQL> connect mike/lion
Connected.
SQL> select * from tab;
TNAME TABTYPE CLUSTERID
------------------------------ ------- ----------
TEST TABLE
SQL>
Right; table is now renamed.
Rename Oracle Table or View
as you can see on this post based on Pop's answer, the RENAME statement only works for table in the same schema.
The ALTER TABLE B.table_1 RENAME TO table_1_temp looks to be the best solution, have you tried giving your user account more privileges ?

ora-00942 even i create table in my schema

I have created new user and granted (database administration) privilege to him.
Then I connected to this new user.
When I create a new table in this user then try to select from this table it gives me
oracle-00942: table/view does not exist
When I try to find it through toad from schema browser I cannot find it. I searched for it and found this table in (sys) user.
When I create table with schema name I found it in schema browser but also I cannot select from it.
So what is the wrong with this?
It would help if you would show the sequence of steps you used to create the table. My guess is somehow you're creating the table under the the wrong schema (owner). Do this to find out where it is:
select owner, table_name from all_tables where table_name = 'MYTABLE'
If connected as SYS, you can use dba_tables instead of all_tables.
It would be better if you actually showed us what you did and how Oracle responded (i.e. copy/pasted the whole SQL*Plus session).
As you can create users, you probably can connect as SYS. Do so, and then run such a statement:
SQL> select owner, object_type
2 from dba_objects
3 where object_name = 'EMP';
OWNER OBJECT_TYPE
------------------------------ -------------------
SCOTT TABLE
SQL>
It will show who that table really belongs to.
I'm going to simulate what you did (actually, what I understood you did). You'll see that - if you do it right - everything is OK.
Connect as SYS and create new user:
SQL> show user
USER is "SYS"
SQL> create user utest identified by utest
2 default tablespace users
3 temporary tablespace temp
4 quota unlimited on users;
User created.
SQL> grant dba to utest;
Grant succeeded.
Connect as newly created user, create a table:
SQL> connect utest/utest
Connected.
SQL> create table test (id number);
Table created.
SQL> select * from test;
no rows selected
OK; the table is empty, but - no ORA-00942 error.
Back to SYS, to check who owns the TEMP table:
SQL> connect sys as sysdba
Enter password:
Connected.
SQL> select owner, object_type
2 from dba_objects
3 where object_name = 'TEST'
4 order by owner;
OWNER OBJECT_TYPE
------------------------------ -------------------
SCOTT TABLE
UTEST TABLE
SQL>
Now, it is your turn.
I searched for it and found this table in (sys) user.
It sounds like you have connected to the database using SYSDBA privilege, something like this:
connect your_user/password as sysdba
When we do this Oracle ignores the passed username and connects us as SYS. Consequently, any actions we take are executed as SYS. Which means any tables we create are created in the SYS schema, unless we prefix them with a specific schema name.

Getting ORA-01031: insufficient privileges while querying a table instead of ORA-00942: table or view does not exist

When I'm querying a table in schema C from schema A, I'm getting ORA-01031: insufficient privileges and when I'm querying the same table from schema B, I'm getting ORA-00942: table or view does not exist. On the table neither of the schemas are having any privileges. Why am I getting different error messages in this case?
You may get ORA-01031: insufficient privileges instead of ORA-00942: table or view does not exist when you have at least one privilege on the table, but not the necessary privilege.
Create schemas
SQL> create user schemaA identified by schemaA;
User created.
SQL> create user schemaB identified by schemaB;
User created.
SQL> create user test_user identified by test_user;
User created.
SQL> grant connect to test_user;
Grant succeeded.
Create objects and privileges
It is unusual, but possible, to grant a schema a privilege like DELETE without granting SELECT.
SQL> create table schemaA.table1(a number);
Table created.
SQL> create table schemaB.table2(a number);
Table created.
SQL> grant delete on schemaB.table2 to test_user;
Grant succeeded.
Connect as TEST_USER and try to query the tables
This shows that having some privilege on the table changes the error message.
SQL> select * from schemaA.table1;
select * from schemaA.table1
*
ERROR at line 1:
ORA-00942: table or view does not exist
SQL> select * from schemaB.table2;
select * from schemaB.table2
*
ERROR at line 1:
ORA-01031: insufficient privileges
SQL>
ORA-01031: insufficient privileges happens when the object exists in the schema but do not have any access to that object.
ORA-00942: table or view does not exist happens when the object does not exist in the current schema. If the object exists in another schema, you need to access it using .. Still you can get insufficient privileges error if the owner has not given access to the calling schema.
for ORA-01031: insufficient privileges. Some of the more common causes are:
You tried to change an Oracle username or password without having the appropriate privileges.
You tried to perform an UPDATE to a table, but you only have SELECT access to the table.
You tried to start up an Oracle database using CONNECT INTERNAL.
You tried to install an Oracle database without having the appropriate privileges to the operating-system.
The option(s) to resolve this Oracle error are:
You can have the Oracle DBA grant you the appropriate privileges that you are missing.
You can have the Oracle DBA execute the operation for you.
If you are having trouble starting up Oracle, you may need to add the Oracle user to the dba group.
For ORA-00942: table or view does not exist. You tried to execute a SQL statement that references a table or view that either does not exist, that you do not have access to, or that belongs to another schema and you didn't reference the table by the schema name.
If this error occurred because the table or view does not exist, you will need to create the table or view.
You can check to see if the table exists in Oracle by executing the following SQL statement:
select *
from all_objects
where object_type in ('TABLE','VIEW')
and object_name = 'OBJECT_NAME';
For example, if you are looking for a suppliers table, you would execute:
select *
from all_objects
where object_type in ('TABLE','VIEW')
and object_name = 'SUPPLIERS';
OPTION #2
If this error occurred because you do not have access to the table or view, you will need to have the owner of the table/view, or a DBA grant you the appropriate privileges to this object.
OPTION #3
If this error occurred because the table/view belongs to another schema and you didn't reference the table by the schema name, you will need to rewrite your SQL to include the schema name.
For example, you may have executed the following SQL statement:
select *
from suppliers;
But the suppliers table is not owned by you, but rather, it is owned by a schema called app, you could fix your SQL as follows:
select *
from app.suppliers;
If you do not know what schema the suppliers table/view belongs to, you can execute the following SQL to find out:
select owner
from all_objects
where object_type in ('TABLE','VIEW')
and object_name = 'SUPPLIERS';
This will return the schema name who owns the suppliers table.
try to execute this on sql command line:
connect/ as sysdba;
create user b identified by "password";
grant all privileges to b;
and go create a new connection in SQL Developer;
do the same for schema 'c';
and grant privileges for schema 'a' too:
connect/ as sysdba;
grant all privileges to a;
this method fixed the problem for me.
In SQL Developer: Everything was working fine and I had all the permissions to login and there was no password change and I could click the table and see the data tab.
But when I run query (simple select statement) it was showing "ORA-01031: insufficient privileges" message.
The solution is simply disconnect the connection and reconnect.
Note: only doing Reconnect did not work for me.
SQL Developer Disconnect Snapshot
ORA-01031: insufficient privileges
Solution: Go to Your System User.
then Write This Code:
SQL> grant dba to UserName; //Put This username which user show this error message.
Grant succeeded.

Resources