grant read only to a single user
Hi allI had crossed unlimited forums and blogs, but not to any solution appropriately and is getting confused because I am not good in sql.
I had created a db user.
I need to grant more privileges as a user apps only reading: -.
(1) he can select all tables except dba on the tables, views, etc.
(2) he can select any table of any user
(3) he can select the functions, procedures, and all custom objects.
(4) he can select any table without prefix apps. in front of the table.
Step by step instructions with sql statements.
Hello
Richa says:
Hi all
I had crossed unlimited forums and blogs, but not to any solution appropriately and is getting confused because I am not good in sql.
I had created a db user.
I need to grant more privileges as a user apps only reading: -.
(1) he can select all tables except dba on the tables, views, etc.
(2) he can select any table of any user
Her SELECT ANY TABLE system privilege allows the user to select any table including dba linked tables and views. If you want to exclude, you must give privileges SELECT on all other tables, one at a time and remember to do for new tables they are created.
(3) he can select the functions, procedures, and all custom objects.
The privilege of system to RUN the PROCESS ALL this.
(4) he can select any table without prefix apps. in front of the table.
Are not truncated. It's like saying "he can choose any table without giving the name of the table", or "without having to type what whatsoever".
You could reduce how often you must qualify the name of the table with the schema name using "ALTER SESSION SET CURRENT_SCHEMA = schema_name;".
Step by step instructions with sql statements.
To give privileges mentioned in (1), (2) and (3) the FUBAR user, log in as SYSTEM and say
GRANT SELECT ANY TABLE TO fubar;
GRANT EXECUTE ANY PROCEDURE TO fubar;
Tags: Database
Similar Questions
-
Grant read only to a user only with the role
Legends of dear,
Req: create user selection/read-only join specific 3-5 tables in a specific schema and no selection/read only access to the sys/system schema.
After surfing and tried to grant the "read-only" access for a user as follows.
create user readonly identified by readonly123;
create read_only_role role identified by read_only_access;
Grant connect, read-only resources.
Grant select on applications. FND_PRODUCT_GROUPS read-only;
Grant select on applications. FND_USER read-only;
grant read_only_role read-only;
The above statements
1. created user, role
2. granted to connect/create user session and I am able to run the following query
logged in as readonly
Select * from APPS. FND_PRODUCT_GROUPS;
Where I am able to select even sys or system tables.
But I'm not able to make the same read only access provided to a role and assign the role to the user subsequently,.
create user readonly identified by readonly123;
create the role of read_only_role identified by read_only_access;
Grant connect to read_only_role;
Grant select on applications. FND_PRODUCT_GROUPS to read_only_role;
Grant select on applications. FND_USER to read_only_role;
grant read_only_role read-only;
Let me know your suggestions,
Ref:roles and privileges of user management
https://forums.Oracle.com/thread/2223362
Thank you
Knockaert
Hi, Karthik,
If a role has a password (as in this case), then the user must activate this role during its current session in order to to use, like this:
ROLE of the read_only_role IDENTIFIED BY read_only_access VALUE.
If the role does not have a password, then it is enabled by default as soon as the user opens a session.
Remember, the roles do not count inside procedures AUTHID DEFINE stored (which is the default type). If you need to use the table inside an AUTHID DEFINER stored procedure, then the privileges must be granted directly to the user and not just a role.
I hope that answers your question.
If this isn't the case, after a complete test script that people can run to recreate the problem and test their ideas. You started great: CREATE instructions you posted were perfect, but you need to add the CONNECTIONS and SELECT statements (and the SETTINGS, if necessary) to show how the error occurs.
-
Hi all
I have a very strange problem... we had a trouble report from a user who said that she could not see the text in a Flex application, we are working on. It works for everyone but this one user - and still unknown, it works for me when I open as the user, on the same hardware that is using this user.
The only difference is the remote desktop client that is used. In my test case, I connect to the Terminal Services Server in Windows 2003 server from my workstation, and it works. It connects on the same Services Terminal Server in Windows 2003 workstation server, using the same credentials, and it does not work. If I don't see it with my own eyes, I'm not sure I would have believed it.
To prove that I'm not crazy, I made a record. Check it out:
http://screencast.com/t/OWE0YWMzMz
What's happening in the world!
-Josh
Wmode causes a lot of weird problems. Avoid at all costs.
-
Adobe is creating - JavaScript - read-only / gray fields according to the user's response
I hope someone here can help me!
I need to create an Adobe form where the answer to the first question greys out and makes some fields read-only.
I am aware that I need to write a Java Script for that, but how do I do this? I did research for the days, and I can't function.
Here is the example:
The question is "is - this project fall under standard terms? ' and if the answer is Yes - so many questions should be ignored, as if the answer is no, the questions must be answered.
I tried to have the first question as a checkbox, radio button and a drop-down with the 'yes' and 'no' option, but none of this seems to help.
Can someone help me understand what I need to do? PLEASE, I BEG YOU!
Thank you
It is quite simple and can be made much simpler if give you all the names of optional field of a common prefix using a hierarchical naming scheme. For example, if you use a prefix of 'optional' so that you have domain names like "optional.name", "optional.address", "optional.email", etc. (note that the period character is critical here), you can set fields in the group to read-only with a single statement. Similarly, you can set the background color or reset the group, which is a good idea when the fields turn off/on. For example:
var f_prefix = "optional"; // Get a reference to all of the "optional" fields var f = getField(f_prefix); // Set them all to readonly f.readonly = true; // Set the background color to gray f.fillColor = color.gray; // Reset all of the fields resetForm([f_prefix]);
You can place this type of code in the mouse event to the top of a box, something like:
// Mouse Up script for check box // If checked, certain fields should be disabled var f_prefix = "optional"; // Get a reference to all of the "optional" fields var f = getField(f_prefix); // Reset the optional fields resetForm([f_prefix]); if (event.target.value === "Off") { // Enable the optional fields f.readonly = false; f.fillColor = color.white; } else { // Disable the optional fields f.readonly = true; f.fillColor = color.gray; }
-
Dear,
Could you just confirm that with FDMEE 1.1.2.3.x you can't grant only read access to a user or a group of users?
He read / write access or not at all (not even read in this case).
Thanks a lot for what confirms.
Fix. There is no way to grant read-only access to load map data.
-
Static display LOV discriptions in a read-only table
Attempts to display a read-only table. The user will then select a line to edit.
If the table is editable the LOV displays very well. If it is read-only, it shows only the raw values. The majority of my LOV is static.
Is there a way to display descriptions instead of the ID?
see you soon
JamesIn the view object, define a list of values in the field (as usual).
When you create the table, remove the default column (in general the output text) and replace it with a single column select (should be automatic if the view has the LOV - so drag and drop)
Now, open the properties of the field by selecting the poplist in the column and change the unique selection of read only = true.
It will be much better that decode, who has a number of fixed - so it's the table led - as records are added - the list will always work.
-
Read only access to the database
Hi all
I am unable to give read-only access to a newly created in the Oracle database user. I grant only read permission to the user, but the problem, it's that this user is able to delete data from a table or schema.
Must only give 'Read only' access to the user who will be sql query for any table, schema, etc.
I followed the steps.
1 creation of the user
2 granted suite privilege
CREATE SESSION
SELECT_ANY_TABLE;
SELECT_ANY_DICTIONARY
Please guide on the same.user8934591 wrote:
HelloI created the user "MFC".
and granted 'create the Session '.
Thank you and best regards,
Fine. But I asked PUBLIC.
-
API import block and read only fields
I want to create a custom field for a Contact that will be read only in the interface user of E10, but for that I can import values via import bulk API. I created my domain via the REST API as a text type and marked read-only; It appears as such in the user interface. I then create an import via the API definition in bulk and run an import. The status of the synchronization ends as "warning", and my read only field is not filled.
I tried the same import API code block using custom fields not unalterable and he succeeds, then I'm sure it has to do with the read-only field. Is there a way to accomplish what I'm trying to do?
UPDATE: I received confirmation from someone of Eloqua fields read-only cannot be set via the import bulk API.
-
I need apply the changes on the DB (add a new table and modify some...), I'm looking to make the database in "READ ONLY" mode, so that users cannot add or change anything on DB, during the time I work in production - the reason is that we have an operation of the NOC who need a/access of non-stop service to DB.
When I alter DATABASE READ ONLY, I see that I can't even access the app APEX...
Any help will be appreciated.
Mehr
Hi Mehr,
This is not possible, just because access APEX made writing APEX allot of things in the database, like for example session information. In a database of reading, this is not possible.
The only solution creates a database not readonly 2nd where you simply store your APEX application, and where you use links from database for all your tables/packages/views/etc to your database read only.
Kind regards
Joni
-
How to have a createinsert operation and display a read-only table
Hello
I am a newbie to the ADF. I wonder how to do that? -I want a form where the user can see certain values of data read-only in a table but be able to add new lines and commit / save.
I used an editable table, an entity based view object object and operation of createinsert. If I leave the editable table as-is (all cells are editable) add new using createinsert line works well. But if I change the cell in design view read-only, even the new line added is created in read-only, so essentially the user cannot enter any values in there.
How can I separate the property read-only so that the table looks like read-only, but they can add new lines?
Thank you!
KassouriHello
the way forward on this issue is to show a table reading and when the user clicks a command to create a new line, open a pop-up dialog box with an entry form to create the new row. After that. refresh the tabel to show change
Frank
-
create the user with READ only grant
Hello
10 g R2 on AIX.
How to create users with READ only grant on all tables (or all tables in a schema with 70000 tables)?
Thank you.Please refer to: http://www.ulfet.info/index.php?view=oracle.docs_grant.with.loop
-
Granting of flashback to a user read-only
Is it possible to give a 'read only' user access to query flashback on a table in another schema while ensuring that they remain a user 'read only '? I am thinking particularly of a query like the one below. There are cases where a 'read only' user would see the previous status of a given table. In this case, one way to read the user can perform only in select queries.
SELECT *.
OF SCHEMA1. TABLE1:
FROM TIMESTAMP (SYSTIMESTAMP - INTERVAL 0 ' 00:05:00 ' DAY TO SECOND)
Just privilege of flashback for the object to the required user.
Kind regards
Ivica Arsov
-
How to create a read only user
Hello
Please, can someone tell me step by step with complete orders to create a single read user who only read only access to tables. functions and procedures but will b totally restricted to make changes or can create all new items etc.
Hi Richa
Steps to create read only user: -.
CREATING USER
IDENTIFIED BY
DEFAULT TABLESPACE users
TABLESPACE TEMPORARY temp2;
GRANT CREATE SESSION, CONNECT to
; BEGIN
FOR x IN (SELECT master, object_name FROM dba_objects owner WHERE IN ("SCHEMA1", 'SCHEMA2', "SCHEMA3") and object_type in ('TABLE', 'SEE'))
LOOP
RUN IMMEDIATELY ' GRANT SELECT ON ' | x.Owner |'. ' | x.object_name | » À
' ; END LOOP;
END;
/
Concerning
Jihane Narain Sylca
-
Grants to only read the schema
Hi all
We want to create read only one schema with dynamic read-only access to a source schema.
We knew that the steps to create read only schema, but we would like to know, how grant us only read access for new objects created in the source schema?
Let's say, test pattern source today has 100 items. We have created reading scheme (test_ro) with select on / execute on for all 100 objects in the schema source (test).
After a week, another 30 new objects are created on the test. Now how we automate reading only grants for these 30 new items to read only one schema (test_ro) of the schema of the source (test)?
Thank you in advance...
Thank you
Dinesh.
A simple approach could be like below. Readonly_role is a user-defined. You can add any number of privileges in the execute stmt.
create or replace trigger
.AUTO_ASSIGN_GRANT_READONLY after CREATE on .schema declare l_str varchar2(255); l_job number; begin if ( ora_dict_obj_type = 'TABLE' ) then l_str := 'execute immediate "grant select on .'||ora_dict_obj_name ||' to READONLY_ROLE";'; --execute immediate 'grant select on .'|| ora_dict_obj_name ||' to READONLY_ROLE;'; dbms_job.submit( l_job, replace(l_str,'"','''') ); end if; end; / I copied this over the internet a few years back and I modified to suit my needs...
The unknown author is the one who should take the credit.
-
ALTER USER on read-only database link db
Oracle 11.2.0.3.6
Solaris 10
I have a primary database and one Active Data Guard standby database physical. My read-only database users must be able to change their password for read-only standby. I tried to create a stored procedure with an ALTER USER inside statement and then to have my user call the stored procedure of the unalterable standby by: MIMI EXEC. CHGPWD@PRIM ();
This translates into:
ERROR on line 1:
ORA-16000: database opened for read-only access
ORA-06512: at "MIMI. CHGPWD', line 27
ORA-06512: at line 1
How can I allow a user who cannot access the read-only database to change their password for read-only standby?
Here my stored procedure:
CREATE OR REPLACE PROCEDURE MIMI. CHGPWD IS
-CREATE OR REPLACE PROCEDURE CHGPWD IS
sql_stmt VARCHAR2 (200);
BEGIN
sql_stmt: = 'ALTER USER MIMITEST IDENTIFIED BY 111111';
EXECUTE IMMEDIATE sql_stmt;
END CHGPWD;
/
Ah, I got it! I had to create a public synonym for my stored procedure, and then create another stored procedure and use the synonym. This is explained in the documentation of Oracle packages and PL/SQL procedures coding under the section 'referring to remote objects. Here is what I have from the beginning to the end (My SID is MIMI and the unique name on the primary is MIMI_A):
Read-only mode ensures:
ALTER SYSTEM SET GLOBAL_NAMES IS FALSE SCOPE = BOTH;.
Elementary school:
ALTER SYSTEM SET GLOBAL_NAMES IS FALSE SCOPE = BOTH;.
CREATE THE PUBLIC DATABASE LINK MIMI_A.WORLD WITH THE HELP OF "MIMI_A";
ALTER SYSTEM SET GLOBAL_NAMES IS TRUE SCOPE = BOTH;. (I need to have this true on my primary game)
CREATE OR REPLACE PROCEDURE MIMI. CHGPWD IS
Working directory;
BEGIN
dbms_job. Submit (job,' BEGIN EXECUTE IMMEDIATE "ALTER USER MIMITEST IDENTIFIED BY 666666";) END ;') ;
END;
/
CREATE CHGPASS SYNONYM PUBLIC FOR MIMI. CHGPWD@MIMI_A.WORLD;
CREATE OR REPLACE PROCEDURE MIMI. LOCAL_PROCEDURE IS
BEGIN
CHGPASS;
END;
/
GRANT EXECUTE MIMI. CHGPWD TO MIMITEST;
GRANT EXECUTE MIMI. LOCAL_PROCEDURE TO MIMITEST;
Read-only mode ensures:
Mimi/oracle/1120308 > sqlplus mimitest
SQL * more: Production of the 11.2.0.3.0 version Fri Sep 19 15:55:56 2014
Copyright (c) 1982, 2011, Oracle. All rights reserved.
Enter the password:
Connected to:
Oracle Database 11 g Enterprise Edition Release 11.2.0.3.0 - 64 bit Production
With partitioning, OLAP, Data Mining and Real Application Testing options
SQL > exec MIMI. LOCAL_PROCEDURE;
PL/SQL procedure successfully completed.
Maybe you are looking for
-
I have problem with research on safari and mail lroblems after updating to iOS 9.3, when will it be fixed?
-
I just bought an Officejet Pro 8600 all-in-one. I put in place and have the operation of the printer/fax. I can not scan to work or find a slution online. I have a Mac OS 10.6. Can someone guide me?
-
Satellite A30: Software Modem - no dial tone
I reinstalled XP English on a machine bought in Spain.The modem has no link as all - no dial tone can be heard.I have installed the latest drivers, cables everything is OK. Phone line œuvresThe modem seeks COM3 but there is no COM port in Device Mana
-
i365 Rubber Ducky antennas install
Can someone tell me how or who will do it for me? Thank you TheBat
-
Hi AllI use LV8.6 and 8235 PCIe card with 3 cameras GIGE (Prosilica 780c) on a PC running XP sp3 with latest drivers of vision. My application requires that the PC receives an external trigger with a sensor via a card PCIe-6320 it is then used to go