define AUTHID

Similar Questions

• Useless DEFINE AUTHID clause of the procedures that contain privs SYSTEM right?

  Hello

  I'm 11 GR 2. I have a user DB OPER I want to allow the creation of other users, so I did the following:

  1 / create a procedure as SYSTEM containing some EXECUTE IMMEDIATE instructions for the creation of a

  user etc., procedure I did with the option DEFINE AUTHID.

  2 / I granted EXECUTE on this procedure to the OPER

  3 / then connected under OPER and tried

  SQL > exec crea_user ('name')

  and received an "ORA-01031: insufficient privileges".

  I tried also directly grant the privilege to CREATE a USER to OPER, but it still doesn't work! -. In any case

  It is not my goal, of course - I don't want OPER to be able to create any user, I just want to allow

  it run/use my procedure AUTHID DEFINE manufactured CREA_USER...

  Obviously for this kind of requirement it not there no solution is?

  Thank you very much.

  Kind regards

  SEB

  Yes, there is a solution.

  Stop creating things under SYSTEM.

  SQL> create user oper identified by oper;                                
  
  User created.                                                            
  
  SQL> grant create session to oper;                                        
  
  Grant succeeded.                                                          
  
  SQL> create user u1 identified by u1;                                    
  
  User created.                                                            
  
  SQL> grant create session, create procedure, create user to u1;          
  
  Grant succeeded.                                                          
  
  SQL> conn u1/u1
  Connected.
  SQL> create procedure t(x in varchar2) as
    2  begin
    3  execute immediate 'create user ' || x || ' identified by ' || x;
    4  end;
    5  /                                                                    
  
  Procedure created.                                                        
  
  SQL> grant execute on t to oper;                                          
  
  Grant succeeded.                                                          
  
  SQL> conn oper/oper
  Connected.
  SQL> exec u1.t('FOO');                                                    
  
  PL/SQL procedure successfully completed.                                  
  
  SQL> conn foo/FOO
  ERROR:
  ORA-01045: user FOO lacks CREATE SESSION privilege; logon denied    
  

  Yes, foo could not open a session because of any privilege, but the user was created successfully.

• PL/SQL function to calculate the non-working days

  Hello

  I have the following pl/sql function which generates a number of days between two selected dates (i.e. excluding weekends). However, I also need to exclude specific holidays - day of Christmas etc. These holiday dates are stored in a table in our database (11 GR 2) called "HOLIDAY".

  How can I integrate the holidays which is held in the table of holidays in the following query to exclude these dates as well? I know how to write a separate funtion pl/sql for a number of days between two dates using SELECT... BUT I can't work out how to bring together them in a single query.

  Could someone show me how with the pl/sql / dates below please?

  Example of HOLIDAY table below.

  Thank you!

  TP

  create or replace
  function WORKING_DAYS (pi_start_date in date, pi_end_date in date) return integer
  
  is
  
  v_start_date date :=pi_start_date;
  v_end_date date:=pi_end_date;
  v_count integer:=0;
  
  begin
  
  while v_start_date <= v_end_date
        loop
                          if to_char(v_start_date,'D') not in ('6','7')                    
                          then
                          v_count := v_count+1;                       
                          end if;
                         
                  v_start_date:=v_start_date+1;
                 
        end loop;
       
  return v_count;
  
  end;
  
  

  (select '10-Apr-2013' as NWD from dual union all
  select '06-May-2013' from dual union all
  select '27-May-2013' from dual union all
  select '26-Aug-2013' from dual union all
  select '26-Dec-2013' from dual union all
  select '25-Dec-2013' from dual union all
  select '01-Jan-2014' from dual union all
  select '18-Apr-2014' from dual union all
  select '21-Apr-2014' from dual union all
  select '05-May-2014' from dual union all
  select '26-May-2014' from dual union all
  select '25-Aug-2014' from dual union all
  select '25-Dec-2014' from dual union all
  select '26-Dec-2014' from dual) HOLIDAYS
  

  Hello

  the link is on MOSC, not OTN... Here's a copy:

  This function calculates the number of days between two dates, ignoring weekends and holidays (if requested and if the holidays are stored in a table)

  I give an example of table 'public_holiday' with sample data, but users must ensure that their table contains the relevant data (all holidays within the maximum range of use of the service)

  CREATE TABLE public_holiday (calendar_day, DATE, text VARCHAR2 (30));

  FUNCTION to CREATE or REPLACE nb_days (p_date_from IN DATE

  p_date_to DATE by DEFAULT TRUNC (sysdate)

  , p_public_holidays in CHAR DEFAULT 'Y '.

  ) RETURN NUMBER

  DEFINE AUTHID

  AS

  /*********************************************************************/

  / * Author: Bruno Vroman * /.

  / * Created: 23-AUG-2012 * /.

  / * Last updated: 23-AUG-2012 * /.

  / * Object: to calculate the number of days between 2 dates, to the exclusion of * /.

  / * Saturday and Sunday, but also "holidays" If the * /.

  / * argument 'p_public_holidays' = 'Y ' * /.

  / * Support: p_date_from<= p_date_to                             ="">

  / * component ' hour min dry "ignored (just counting days) * /.

  /* First step:                                                       */

  / * the calendar days between 2 days * /.

  / Remove 2 days for each "week" and 0 or 1 extra day * /.

  / * function to a condition "complex" mix day of first week * /.

  / * and the number of days when full remaining weeks are removed * /.

  / * (set up once for all, for example if there is 3 days and the * /)

  (/ * first day is a Thursday, there is 1 "Sat/Sun" to subtract) * /.

  / * Second step: If 'p_public_holidays' = 'Y': other * /.

  / * days, do not count holidays.                         */

  / Holiday everyday are defined in a table "public_holiday" * /.

  / * Note: there may be holidays defined on Saturday/Sunday.       */

  /*********************************************************************/

  l_result NUMBER;

  l_from DATE;

  l_to DATE;

  l_case tank (4);

  BEGIN

  l_from: = TRUNC (p_date_from);

  l_to: = TRUNC (p_date_to);

  l_case: = TO_CHAR (l_from, 'Dy', 'NLS_DATE_LANGUAGE = English').

  To_char (MOD (l_to - l_from + 1, 7));

  l_result: = l_to - l_from + 1

  -TRUNC ((l_to-l_from + 1) / 7) * 2

  -CASE

  WHEN l_case IN ('Mon6', 'Tue5', 'Wed4', 'Thu3', 'Fri2'

  , "Sat1", "Sun1", "Sun2', 'Sun3", "Sun4".

  , "Sun5', 'Sun6.

  )

  THEN 1

  WHEN l_case IN ('Tue6', 'Wed5', 'Wed6', 'Thu4', "Thu5"

  , 'Thu6', 'Fri3', 'Fri4', 'Fri5', 'Fri6 '.

  , "Sat2", "Sat3', 'Sat4', 'Sat5", "Sat6.

  )

  THEN 2

  0 OTHERWISE

  END

  ;

  IF SUPERIOR (p_public_holidays) = "Y".

  THEN

  SELECT l_result - COUNT (*)

  IN l_result

  OF public_holiday p

  WHERE p.calendar_day > = l_from

  AND p.calendar_day<=>

  AND SUBSTR (TO_CHAR (p.calendar_day

  , "Dy".

  'NLS_DATE_LANGUAGE = English'

  )

  , 1, 1 ) != 'S'

  ;

  END IF;

  RETURN l_result;

  EXCEPTION

  WHILE OTHERS

  THEN

  DBMS_OUTPUT. Put_line (' CTF nb_days (' |))

  To_char (p_date_from, "MON-DD-YYYY"). ', ' ||

  To_char (p_date_to, "MON-DD-YYYY"). ', ' ||

  p_public_holidays | ' ) : ' || SQLERRM

  );

  LIFT;

  END nb_days;

  /

  REM

  REM example:

  REM A) fill out the 'public_holidays '.

  REM

  TRUNCATE TABLE public_holiday;

  INSERT INTO public_holiday VALUES (DATE ' 2012-01-01', ' new year (a Sunday)');

  INSERT INTO public_holiday VALUES (DATE '' 2012-01-03, "for example");

  REM (insert other days...)

  COMMIT;

  Call the function for some pairs of dates of REM B)

  REM nb1: remove only Sat/Sun

  REM nb2: also remove holidays

  REM

  ALTER SESSION SET nls_date_format ='Dy DD-MON-YY';

  WITH some_dates AS

  (SELECT DATE ' 2011-12-29'd dual FROM

  UNION ALL SELECT DATE ' 2012-01-08' FROM dual

  UNION ALL SELECT DATE ' 2012-01-10' FROM dual

  )

  SELECT d1.d 'FROM '.

  , d2.d ' to THE '.

  , nb_days (d1.d, d2.d, ' don't) nb1

  , nb_days (d1.d, d2.d, 'Y') nb2

  OF some_dates d1

  some_dates d2

  WHERE d1.d<=>

  ORDER BY nb1, nb2, d1.d

  ;

  GO TO NB1 NB2

  ------------- ------------- ---- ----

  Monday, January 8, 12 Monday, January 8, 12 0 0

  Friday, December 29, 11 Friday, December 29, 11 1 1

  Wednesday, January 10, 12 Wednesday, January 10, 12 1 1

  Monday, January 8, 12 Wednesday, January 10, 12 2 2

  Friday, December 29, 11 Monday, January 8, 12 7 6

  Friday, December 29, 11 Wednesday, January 10, 12 9 8

  Hope that this could be useful, but note that this code has not been completely tested, so check and test before you trust it (in the case of any questions, please post a comment)

  Bruno Vroman.

  Best regards

  Bruno

• insufficient privileges as sys

  Can someone explain this situation?

  DB version: 11.2.0.4.0

  in the scheme of the User1, there is a procedure:

  create or replace procedure do_alter_user is
  begin
  execute immediate 'alter user hr identified by hr acount unlock';
  end;
  
  

  now, we run the procedure like this

  conn / as sysdba
  exec user1.do_alter_user;
  
  

  There is an error return

  ORA-01031: insufficient privileges

  its easy to give the user to alter privilege to User1.

  But im running the procedure as SYS?

  Thank you.

  Update:

  When running the steps in a database 11.2.0.2.0 the procedue completes successfully.

  its easy to give the user to alter privilege to User1.

  But im running the procedure as SYS?

  Caution - it is important to be VERY precise in the terms / words that you use.

  You say you 'perform the procedure as SYS' but most likely, you mean that the SYS user is to PERFORM the procedure, which is owned by USER1.

  The procedure is a defect, the DEFINER rights procedure so it runs with the privileges of USER1, not SYS privileges.

  See "how the work of roles in PL/SQL blocks" in the doc of database security

  http://docs.Oracle.com/CD/B28359_01/network.111/B28531/authorization.htm#i1007304

  See 'Rights of appellant to help' or define (AUTHID Clause) in the doc of the PL/SQL language

  http://docs.Oracle.com/CD/B28359_01/AppDev.111/b28370/subprograms.htm#LNPLS00809

  For units stored PL/SQL that you create or change with the following statements, you can use the optional parameter AUTHID clause to specify either CURRENT_USER or DEFINER . The default value is DEFINER .

• Spend multiple values with parameter of stored procedure

  CREATE TABLE VTEST_INSERT)

  NUMBER OF MY_ID,

  COLUMN1 VARCHAR2 (50)

  );

  -SELECT * FROM VTEST_INSERT;

  INSERT INTO VTEST_INSERT (MY_ID, COLUMN1) VALUES (1, 'TEST1');

  INSERT INTO VTEST_INSERT (MY_ID, COLUMN1) VALUES (2, "TEST2");

  INSERT INTO VTEST_INSERT (MY_ID, COLUMN1) VALUES (3, "TEST3");

  INSERT INTO VTEST_INSERT (MY_ID, COLUMN1) VALUES (4, "TEST4");

  INSERT INTO VTEST_INSERT (MY_ID, COLUMN1) VALUES (5, 'TEST5');

  INSERT INTO VTEST_INSERT (MY_ID, COLUMN1) VALUES (1, "TEST6");

  INSERT INTO VTEST_INSERT (MY_ID, COLUMN1) VALUES (2, 'TEST7');

  INSERT INTO VTEST_INSERT (MY_ID, COLUMN1) VALUES (3, "TEST8");

  INSERT INTO VTEST_INSERT (MY_ID, COLUMN1) VALUES (4, 'TEST9');

  INSERT INTO VTEST_INSERT (MY_ID, COLUMN1) VALUES (5, "TEST10");

  CREATE OR REPLACE

  PROCEDURE VTEST_INSERT_SP (vid in VARCHAR2, vname IN VARCHAR2)

  AS

  BEGIN

  DELETE FROM VTEST_INSERT WHERE MY_ID IN (vid);

  INSERT INTO VTEST_INSERT (MY_ID, COLUMN1) VALUES (vid, vname);

  END;

  /

  EXEC VTEST_INSERT_SP(1,'TEST999');

  This set works well above. But I want to be able to pass multiple values VNAME. so, something like:

  EXEC VTEST_INSERT_SP(1,'TEST999','TEST888','TEST777');

  any help is appreciated. Thank you.

  This would make many inserts each with the same vid and values of different VNAME.

  Try something like this

  1. SET SQLBLANKLINES
  2. ALTER SESSION SET PLSQL_WARNINGS = ' ENABLE: ALL ';
  3. DROP TABLE vtest_insert;
  4. CREATE TABLE vtest_insert (vid NUMBER, vname VARCHAR2 (20));
  5. INSERT ALL
  6. IN vtest_insert (vid, vname) VALUES (1, "yyyy")
  7. IN vtest_insert (vid, vname) VALUES (1, "bb")
  8. IN vtest_insert (vid, vname) VALUES (1, "cccccc")
  9. IN vtest_insert (vid, vname) VALUES (2, "ddd")
  10. IN vtest_insert (vid, vname) VALUES (2, 'ee')
  11. SELECT * FROM .dual 'PUBLIC '.
  12. SELECT * FROM vtest_insert;
  13. CREATE or REPLACE TYPE vnames_tab_ty IS TABLE OF VARCHAR2 (20)
  14. /
  15. DISPLAY ERRORS;
  16. CREATE OR REPLACE PROCEDURE vtest_insert_sp
  17. (
  18. p_vid IN vtest_insert.vid%TYPE,
  19. p_vnames IN vnames_tab_ty
  20. )
  21. DEFINE AUTHID
  22. IS
  23. BEGIN
  24. DELETE FROM vtest_insert WHERE the vid = p_vid;
  25. FORALL idx IN p_vnames. FIRST... p_vnames. LAST
  26. INSERT INTO vtest_insert (vid, vname) VALUES (p_vid, p_vnames (idx));
  27. END vtest_insert_sp;
  28. /
  29. DISPLAY ERRORS;
  30. >
  31. DECLARE
  32. Vnam vnames_tab_ty;
  33. vid vtest_insert.vid%TYPE.
  34. BEGIN
  35. BK.vid: = 1;
  36. BK.vnames: is vnames_tab_ty ('vn-01', 'vn-02', 'vn-03');.
  37. vtest_insert_sp (p_vid-online bk.vid, p_vnames-online bk.vnames).
  38. COMMIT;
  39. BK.vid: = 2;
  40. BK.vnames: is vnames_tab_ty ('vn-04', 'vn-05', 'vn-06', 'vn-07');.
  41. vtest_insert_sp (p_vid-online bk.vid, p_vnames-online bk.vnames).
  42. COMMIT;
  43. END;
  44. /
  45. SELECT * FROM vtest_insert;

  Which produces the following output

  Table created.

  5 rows created.

  VNAME VID

  ---------- --------------------

  1-aaaa

  1 bb

  1 cccccc

  2 ddd

  2 EA

  Type of creation.

  No errors.

  Created procedure.

  No errors.

  PL/SQL procedure successfully completed.

  VNAME VID

  ---------- --------------------

  1 VL-01

  1 VL-02

  1 VL-03

  2 vn-04

  2 vn-05

  2 vn-06

  2 vn-07

  7 selected lines.

  SQL >

  Kind regards

  Dariyoosh

• Why the DR unit does not trigger schema when it is called remotely?

  Hi all

  I have a question about the triggers of oracle schema and I would be grateful if you could kindly give me a helping hand.

  Oracle version: 11 GR 2 (11 g Enterprise Edition Release 11.2.0.1.0 - 64 bit)

  OS:                      Linux Fedora Core 17 (X86_64)

  I was reading the online documentation on schema triggers where oracle says:

  Assume that users user1 and user2 own schema triggers and user1 invokes a DR unit owned by user2. Inside the DR unit, User2 is the current user. Therefore, If the DR unit triggers the triggering event of a trigger schema that User2 owns, while the trigger is activated.

  I wanted to see this behavior in practice, so I made the following test case:

  -There are two schemas:
  
  

  • testuser where I create a procedure with AUTHID DEFINE (a unit of the Dr. therfore) named createTab. This procedure takes a table name as a parameter and if no table with this name exists already in the testuser schema, it will create a new table with the same name with a single column of type NUMBER (well, it's just an example to this issue, in practice I never create my tables this way)
    
    
  • training is therefore another scheme to which we grant the privilege EXECUTE on the above mentioned procedure createTab so that it may be possible to create tables on schema testuser by calling the remote procedure.

  The idea behind the test is to create a schema for testusertrigger, so that whenever he is, for example, a creation of the table, a message is inserted into a table of newspaper (just an example to show proof that trigger the diagram has been drawn on the table creation event). Now assuming I admit the EXECUTE privilege on the procedure of createTab for the trainingscheme, then any creation of the remote table must trigger the schema trigger, because according to the documentation inside the unit of the DR, the user is not considered appellant user (= training) but actually the owner (= testuser) that created the trigger and procedure.

  The problem is that I cannot see it in my test. Therefore I will write here my test case so that you can have a look at it and to indicate where I did wrong, and what I misunderstood in the documentation.

  So here's what I created on the schema testuser

  Code
  SET SQLBLANKLINES ALTER SESSION SET PLSQL_WARNINGS = ' ENABLE: ALL '; SET SERVEROUTPUT ON; -A table of newspaper in which the schema trigger inserts messages

  
  -indicating that the schema trigger was triggered (as proof)
  

  CREATE TABLE tablog (logMsg VARCHAR2 (100));

  -Here is the procedure that updates the above defined log table (tablog)

  -This procedure (autonomous transaction) is called by the schema trigger
  

  CREATE OR REPLACE PROCEDURE updateLog (p_logMsg IN tablog.logMsg%TYPE)

  DEFINE AUTHID

  IS

  PRAGMA AUTONOMOUS_TRANSACTION;

  BEGIN

  INSERT INTO tablog (logMsg) VALUES (p_logMsg);

  COMMIT;

  END updateLog;

  /

  DISPLAY ERRORS;

  -This is the procedure we use to create tables (which will be called so

  -remotely from another schema-> training)
  

  -As stated above, the procedure takes a table
  -name as a parameter and creates a table with a single column of type NUMBER

  -that if no table with this name exists already

  CREATE OR REPLACE PROCEDURE createTab

  (

  p_tabName IN user_tables.table_name%TYPE

  )

  AUTHID DEFINE - Therefore a unit DR that we explicitly specify AUTHID DEFINE
  

  IS

  BEGIN

  < < bk > >

  DECLARE

  tabName user_tables.table_name%TYPE;

  BEGIN

  -Check to see if a table with the name p_tabName
  -already exists
  

  T1.table_name SELECT INTO bk.tabName

  FROM user_tables t1

  WHERE t1.table_name = upper (p_tabName);

  EXCEPTION

  -No table with this name exists, so we create now
  

  WHEN NO_DATA_FOUND THEN

  IMMEDIATELY RUN 'CREATE TABLE ' |

  p_tabName | '(NUMÉRO n) ';

  END;

  END createTab;

  /

  DISPLAY ERRORS;

  - And finally it is the schema for the schema 'testuser '.
  

  -Any appeal of the above mentioned procedure createTab (if the procedure)
  -creates a new table) fires the following trigger
  

  CREATE OR REPLACE TRIGGER testuser_schema_tr

  Before you CREATE on testuser.schema

  BEGIN

  -Just insert a message into the table of the newspaper showing the evidence
  -that our schema trigger wiped of CREATE TABLE
  -statements

  updateLog

  (

  TO_CHAR (sysdate, ' ' MON-DD-YYYY HH24:Mi:ss) |

  ' ': Schema for testuser trigger pulled.

  );

  END testuser_schema_tr;

  /

  DISPLAY ERRORS;

  -I grant the privileges required for the formation of the user/schema
  -may also be able to remotely run my procedure

  GRANT EXECUTE ON createTab to training;

  GRANT SELECT ON tablog to training;

  First, I tested the procedure createTab locally (so be etre connecte connected as drawing testuser , in other words, the owner of the procedure and the relaxation). Everything worked pretty well and created table, that table the journal has been updated by the trigger which showed that in fact after each CREATE TABLE statement, the trigger was activated.

  However, when I opened a new SQL * Plus term, this time in being connected as a training scheme, I have observed that, once again, it was possible to create tables on schema testuser remotely, but the log table has been updated no more, which means that the trigger has not wiped CREATE TABLE statements that were issued remotely (by remote createTab procedure call).

  Code
  SQL > EXECUTE testuser.createTab ('tmptab');

  PL/SQL procedure successfully completed.

  SQL > SELECT * FROM testuser.tablog;

  no selected line

  SQL > USER to see THE

  The USER is 'TRAINING'

  
  

  SQL >

  Any idea? Why unity DR (createTab procedure) does not have the schema trigger, unlike what documents said, when it is called remotely?

  Thanks in advance,

  Dariyoosh

  It works for me on Oracle 11.2.0.3

  August 21, 2013 18:10:12: trigger pulled schema

  But not on 11.2.0.1

  It looks like a bug.

• A question about ROLLBACK and in stored subprograms unhandled Exceptions

  Hello

  Oracle version:  Enterprise Edition Release 11.2.0.1.0 - 64 bit

  OS :   Linux Fedora Core 17 (X86_64)

  In Chapter 11 of the PL/SQL online, here's what oracle says about The unhandled Exceptions :

  If a stored subprogram stops with an unhandled exception, PL/SQL does not restore of database changes made by the subprogramme.

  I tried the following code:

  code

  HOST clear; SET SQLBLANKLINES ALTER SESSION SET PLSQL_WARNINGS = ' ENABLE: ALL '; DROP TABLE tmptab; CREATE TABLE tmptab (n NUMBER); CREATE or REPLACE PACKAGE pkg1_pkg DEFINE AUTHID AS EXCEPTION MYEXCEPTION. PRAGMA EXCEPTION_INIT (MYEXCEPTION,-20001); END; / DISPLAY ERRORS; -It is a subroutine that exists -with an exception unhandled CREATE OR REPLACE PROCEDURE mytestProc DEFINE AUTHID IS BEGIN INSERT INTO tmptab (n) VALUES (100); -Unhandled exception does a ROLLBACK -which annuls the previous INSERT statement

  RAISE pkg1_pkg. MYEXCEPTION;

  END mytestProc;

  /

  DISPLAY ERRORS;

  
  

  
  

  BEGIN

  mytestProc();

  END;

  /

  
  

  
  

  SELECT * FROM tmptab;

  And here is the result

  BEGIN * ERROR on line 1: ORA-20001: ORA-06512: at "TRAINING. MYTESTPROC', line 6 ORA-06512: at line 2 no selected line

  The fact that SELECT * FROM tmptab gives: no selected line indicates that the exception unhandled in the stored routine myTestProc is doing a ROLLBACK for the INSERT statement in the tmptab table.

  So I do not understand why in the documentation noted that no ROLLBACK is not done.

  Could someone kindly do some clarification on this?

  Thanks in advance,

  Kind regards

  Dariyoosh

  Hello

  If a stored subprogram exits with an unhandled exception, PL/SQL does not restore changes to the database made by the subprogramme.

  What is happening here, it is an anonymous block (which is not stored) stops with an unhandled exception, and who restores the uncommitted transactions.

  I created a procedure to see how many lines is in tmptab:

  CREATE OR REPLACE PROCEDURE tmptab_cnt (in_txt IN VARCHAR2)
  DEFINE AUTHID
  AS
  n PLS_INTEGER;
  BEGIN
  SELECT COUNT (*)
  N
  OF tmptab;

  dbms_output.put_line (n
  || "lines of tmptab in.
  || in_txt
  );
  END tmptab_cnt;
  /

  and called it of your procedure with your anonymous block:

  CREATE OR REPLACE PROCEDURE mytestProc
  DEFINE AUTHID
  IS
  BEGIN
  INSERT INTO tmptab (n) VALUES (100);
  tmptab_cnt ("mytestProc");

  RAISE pkg1_pkg. MYEXCEPTION;
  END mytestProc;
  /
  DISPLAY ERRORS;

  BEGIN
  mytestProc();
  EXCEPTION
  WHILE OTHERS THEN
  tmptab_cnt (anonymous"block" ");
  LIFT;
  END;
  /

  The result of this is:

  ...

  Created procedure.

  No errors.
  1 lines in tmptab in mytestProc

  
  1 lines in block anonymous tmptab
  BEGIN
  *
  ERROR on line 1:
  ORA-20001:
  ORA-06512: at line 6

  no selected line

  As you can see, there is 1 row in the table after that the procedure back to the anonymous block.

  Thanks for posting such a complete and clear test script; that really helps.

  How put you in the form code, with green background and title?

• What good is Oracle roles?

  Hello all,.
  

  Oracle Database 11g Enterprise Edition Release 11.2.0.1.0 - 64bit Production
  Windows 2008 R2

  I created a role (sr_project_role) which gives a select multiple tables in A schema.
  
  The sr_project_role was then given to the schema-B.
  
  I am trying to create a view in the diagram B (as schema-B) that refers to a table in A schema. This table has been included in the above sr_project_role.
  
  I get an "ORA-01031: insufficient privileges" error.
  
  If I give you select on the table schema-A directly to the schema B, works to create view statement.
  
  Why the role that I created (sr_project_role) did not provide schema-B the privileges that have been granted to the role?
  
  Thanks for your time,
  Bob

  Hi, Bob,.

  Roles do not count for creating views. If schema_b wants to create a view that references tables of schema_s, then schema_a must give privileges directly to schema_b or to the PUBLIC.

  It is the same for the stored procedure with DEFINE AUTHID (which is the default). The reason is related to know when a view (or a strored procedure) becomes invalid. If the privileges granted through roles were allowed, then the system would essentially to detect all the privileges of all lives (and all stored procedures), any time a privilege has been revoked from any role in order to see what was still allowed.

  If you think this is confusing and inconvenient, you have company.

• grant user privileges for the execution of a procedure in a package

  Hi all
  
  My need is to grant privileges to User1 to run only a single procedure proc1 in package1.
  It is possible at all?
  Do I need to grant more privileges if procedure1 calls procedure2?

  Hello

  Marco wrote:
  OK, so I can create procedureN off package1 claiming enforcement procedureN package1.proc1 and grant privileges to User1.

  Is this possible without rights for package1.proc1?

  Yes, it is possible. If user_x has EXECUTE privileges on procedureN procedureN has DEFINE AUTHID (which is the default), then user_x doesn't have privileges on the packaging or the tables used in procedureN.

• Procedure call to different users

  HelloW to all,
  
  I have three database users
  1 USER1
  2 USER2
  3 USER3
  
  I created a procedure to User1
  
  Now, I want to use this same process in the User2 and user3 without created in these users.
  
  is there a way to do this?
  
  Any help will be appreciated...

  Hervé wrote:
  It is the use of tables of sml users...
  I want to use the tables of the bus user...

  The procedure declared to the SML schema must be created in the procedure of the appellant's rights. It's

  AUTHID CURRENT_USER

  Unlike the default
  DEFINE AUTHID

  Read all about it
  http://download.Oracle.com/docs/CD/E11882_01/AppDev.112/e25519/subprograms.htm#LNPLS682

  Concerning
  Peter

• newbie question: sql runs under sqlplus but does not compile in pl/sql?

  I have the following two tables, I have a SQL in pl/sql packages so I can use dbms_jobs to automate it however, I get the compile time error. It seems to me that pl/sql dislikes my sql that works well in sqlplus. Here is the error message and my test case?
  
  mdb_user@cmd > view the error
  PACKAGE BODY DATA_QUALITY_REPORT_P errors:
  
  LINE/COL ERROR
  -------- -----------------------------------------------------------------
  10/1 PL/SQL: statement ignored
  13/42 PL/SQL: ORA-00942: table or view does not exist
  
  
  
  
  
  create the table S_ORG_EXT
  (
  accnt_type_cd varchar2 (100),
  cust_stat_cd varchar2 (100)
  )
  /
  
  insert into s_org_ext
  Select column_name, data_type for user_tab_columns where rownum < = 100
  /
  
  Select * from s_org_ext
  /
  
  
  create the table data_quality_report
  (
  RunId number not null,
  report_type number of non-null, - type of report as dup dup or not other measures
  org_level number not null, - organization level nsgn, sgn, shipto
  loc_level number of non-null, - local level by city, by country, by region, grand_total
  name varchar2 (100) not null,-the line output of the tot name.
  Value number not null, - line value of the tot.
  rundate date default sysdate
  )
  /
  
  create sequence data_quality_report_seq with 1000
  INCREMENT BY 1
  NOCACHE
  NOCYCLE
  /
  
  
  insert into data_quality_report
  Select data_quality_report_seq.nextval, 3, 99, 99, accnt_type_cd, cnt, sysdate from
  (
  Select accnt_type_cd, count cnt (*) of S_ORG_EXT where cust_stat_cd = 'VARCHAR2' group by accnt_type_cd by 2 desc order
  )
  /
  
  Select * from data_quality_report
  /
  
  
  
  truncate table data_quality_report
  
  CREATE or replace PACKAGE data_quality_report_p AS
  function pull_data return data_quality_report.runid%type;
  END data_quality_report_p;
  /
  
  
  create or replace package body data_quality_report_p as
  function pull_data return data_quality_report.runid%type is
  
  new_rid data_quality_report.runid%type;
  
  
  Start
  Select data_quality_report_seq.nextval in the double new_rid;
  
  insert into data_quality_report
  Select new_rid, 3, 999999, 999999, accnt_type_cd, cnt, sysdate from
  (
  Select accnt_type_cd, count cnt (*) of S_ORG_EXT where cust_stat_cd = 'VARCHAR2' group by accnt_type_cd by 2 desc order
  );
  
  
  Return new_rid;
  exception
  When no_data_found then
  DBMS_OUTPUT. Put_line ("NO_DATA_FOUND handles the exception.");
  while others then
  DBMS_OUTPUT. Put_line ("' handling ANOTHER exception.");
  
  
  end; -end pull_data
  
  end data_quality_report_p;
  /

  Hello

  Sorry, I was not clear about that.
  The owner of the package needs direct privileges (not only privileges through a role) to compile the code, whehter it is DEFINE AUTHID or AUTHID CURRENT_USER. Option (3) does not help in this case; my mistake.

  I usually create packages in the same schema tables they use, which was option (2) in my previous message. There may be good reasons why you can't do that; for example, the package may reference multiple schemas tables. In this case, grant the necessary privileges directly to the owner of the whole.

• insufficient \n(Assurez-vous

  Hello
  When I am trying to create a table in a procedure.
  I have as long as a user can create the table.
  But when I try to create the table through procedure then it says not sufficient privileges.
  Why?
  I mentioned the 'DEFINE AUTHID' clause
  Yet it won't let me create table...

  He is infamous question of subsidy based on ROLES. Use the VALUE NONE ROLE and then try to create the table. If you can't then you have the grant through ROLE but should you direct privilege.
  Re: compile errors

• Variable declaraton Question?

  Hello
  I am trying to establish a procedure that uses a similar to variable declaration
  
  Table_name.column%type var1
  
  I get an error as shown below when I compile the procedure.
  
  3/3 PL/SQL: statement ignored
  4/33 PLS-00201: identifier TABLE_XYZ' must be declared
  
  I can describe the table TABLE_XYZ and can select in the table through SQL Plus.
  So, what could be wrong with my statement?
  Please notify.
  
  Thank you

  Hello

  Roles do not count inside stored procedures with DEFINE AUTHID (which is the default).

  To refer to a table in a stored procedure, privileges must be granted directly to the user owner of the procedure, or the pseudo-user PUBLIC. The privileges granted in a role that the author will work orders DESCRIBE, SQL statements outside of PL/SQL and PL/SQL anonymous blocks, but not in strored procedures.

  The owner of the table directly you pay all you need of the privileges.

• Creating profiles

  Hello
  
  I have Oracle 10 g 2 on windows 2003 server. Here is an example of I have to have for users of oracle:
  Suppose I have three oracle users: u1, u2, u3.
  I want to create a profile p1 as seen grants only on the DML statements on u1 schema. A different profile p2 have agreed on only the on u1 schema ddl statements.
  Now, suppose I concede the P1 profile for u2, u2 can only pull the DML statements in the schema of u1.
  
  Please can anyone suggest how can I implement this?
  
  Vinita

  Something like this:

  I know that update, insert, and delete are LMD and
  create, delete, modify, replace and truncate. (I don't know what fusion is; dml or ddl, I think that its LMD)

  In the script below, I kept in mind that the tables can be created with quotes such as "Table1" and we cannot grant any privileges for external tables.

  onlydmlonscott drop role;
  onlyddlonscott drop role;
  create the onlydmlonscott role.
  create the onlyddlonscott role.
  left head;
  coil c:\f1.sql
  Select ' give an update on ' | owner: '. ' || Chr (34) | object_name | Chr (34): ' to onlydmlonscott;' to
  DBA_OBJECTS
  where
  owner = 'SCOTT '.
  and
  object_type = 'TABLE '.
  and object_name
  not in (select table_name from dba_external_tables where owner = 'SCOTT')
  Union of all the
  Select ' allow delete on ' | owner: '. ' || Chr (34) | object_name | Chr (34): ' to onlydmlonscott;' to
  DBA_OBJECTS
  where
  owner = 'SCOTT '.
  and
  object_type = 'TABLE '.
  and object_name
  not in (select table_name from dba_external_tables where owner = 'SCOTT')
  Union of all the
  Select ' grant insert on ' | owner: '. ' || Chr (34) | object_name | Chr (34): ' to onlydmlonscott;' to
  DBA_OBJECTS
  where
  owner = 'SCOTT '.
  and
  object_type = 'TABLE '.
  and object_name
  not in (select table_name from dba_external_tables where owner = 'SCOTT');
  spool off;
  host edit c:\f1.sql;
  @c:\f1.sql;

  create the user1 user identified by User1;
  Grant connect User1;
  grant onlydmlonscott User1;
  create user user2 identified by user2;
  Grant connect to User2.
  grant onlyddlonscott to User2;
  *******

  Now for the DOF. I created a procedure in the scott schema:
  CREATE OR REPLACE PROCEDURE create_table (sql_string VARCHAR)
  DEFINE AUTHID
  AS
  BEGIN
  EXECUTE IMMEDIATE sql_string;
  END;
  /
  GRANT execute ON onlyddlonscott TO create_table;
  Source:Create table without the privilege of "CREATE ANY TABLE"

  In this case User1 can trigger any dml in schema scott, but cannot issue any ddl (by default) in the scott schema, while;
  User2 can issue all ddl in the schema scott as "exec scott.create_table ("CREATE TABLE scott.newtab (a number)");", but cannot give any dml for schema scott. User2 can issue all ddl with the help of procedure in the scott schema, above just replace statement 'create table'. Everything works fine at my end (10.2.0.1 on win xp box, I just checked).

  Concerning
  Girish Sharma

  Published by: Girish Sharma on March 19, 2010 15:42
  A few lines added albums.

• ORA-01031: insufficient privileges when you try to run a proc

  I have a procedure called KILL_MY_SESSION that is defined with a value of DEFINE AUTHID
  
  The schema JOHN belonged procedure. The procedure makes several calls to PL/SQL DBMS_SQL package.
  The last thing that not with DBMS_SQL proceedings concern an ALTER SYSTEM KILL SESSION statement.
  Schema JOHN has privileges to kill a session in the database.
  If I log in the scheme of JOHN, I can issue the statement ALTER SYSTEM KILL SESSION successfully.
  Also, when you are logged in the scheme of JOHN, I can run the KILL_MY_SESSION procedure.
  
  Now I have the ISTO schema. I got ISTO privileged EXECUTE on the JOHN. Procedure KILL_MY_SESSION.
  Since JOHN. KILL_MY_SESSION is a privilege of rights DEFINERs, if RIGHTS shouldn't be able to execute the procedure correctly and kill a session?
  
  This is an output of the session of the ISTO when you try to run JOHN. KILL_MY_SESSION:
  
  SQL > conn oifs@dbname
  Enter password: *.
  Connected.
  SQL > 500 fixed lines
  SQL > select username, osuser, sid, serial #.
  2 session $ v
  3 where username = "OIFS."
  
  USERNAME OSUSER SID SERIAL #.
  ------------------------------ ------------------------------ ---------- ----------
  OIFS administrator 142 325
  OIFS administrator 139 613
  
  SQL > exec ('142 ', 325') john.kill_my_session
  BEGIN john.kill_my_session ('142 ', 325'); END;
  
  *
  ERROR on line 1:
  ORA-01031: insufficient privileges
  ORA-06512: at "SYS." DBMS_SYS_SQL", line 1204
  ORA-06512: at "SYS." DBMS_SQL", line 323
  ORA-06512: at "EIADBA. KILL_MY_SESSION', line 20
  ORA-06512: at line 1
  
  
  Someone at - he a clue as to what I'm doing wrong?
  View DBA_PROCEDURES, here's the record for KILL_MY_SESSION
  
  
  OWNER
  ------------------------------
  OBJECT_NAME
  --------------------------------------------------------------------------------
  OBJECT_TYPE AUTHID
  ------------------- ------------
  JOHN
  KILL_MY_SESSION
  DEFINE PROCEDURE

  I mean the privilege of system alter directly, not through roles.

  GRANT ALTER SYSTEM TO JOHN;
  

  Please read the articles below, you should restrict the sessions that can be killed, according to what will be your implementation.

  It could be useful.
  http://asktom.Oracle.com/pls/asktom/f?p=100:11:0:P11_QUESTION_ID:226613885088
  http://DBA-Oracle.com/t_granting_alter_system_kill_session.htm