Bu Blogda Ara

2 Aralık 2011 Cuma

Privileges of deployment user

If you have deployment user, after this user creates new table, you have DML procesess in new table. Create role for deployment user, grant privileges to this role because deployment user may not grant/revoke  to/from yourself.

For Example:
oracle@dbatest> sqlplus / as sysdba
SQL> create user kapsul identified by kapsul;
User created.
SQL> grant connect,resource to kapsul;
Grant succeeded.
SQL> GRANT GRANT ANY OBJECT PRIVILEGE TO KAPSUL;
Grant succeeded.
SQL> grant CREATE ANY TABLE to kapsul;
Grant succeeded.
SQL> create role role_kapsul;
Role created.
SQL> grant role_kapsul to kapsul;
Grant succeeded.

----------------------------

oracle@dbatest> sqlplus kapsul/kapsul
SQL> create table scott.kapsul_table (sayi number);
Table created.

SQL> insert into scott.kapsul_table sayi values (3);
insert into scott.kapsul_table sayi values (3)
ERROR at line 1:
ORA-01031: insufficient privileges

SQL> grant insert,update,select,delete on scott.kapsul_table to kapsul;
grant insert,update,select,delete on scott.kapsul_table to kapsul
ERROR at line 1:
ORA-01749: you may not GRANT/REVOKE privileges to/from yourself

SQL> grant insert,update,select,delete on scott.kapsul_table to role_kapsul;
Grant succeeded.
SQL> insert into scott.kapsul_table sayi values (3);
1 row created.
SQL> commit;
Commit complete.

Hiç yorum yok:

Yorum Gönderme