Grant 'select only "on the basis of data

Hello

10.2.0.2 Dim.

I want to give a user with "Select any object in the database"

Thank you
KSG

>
I am also finding an alternative path to the query below. (since there are more than 100 patterns and n number of objects) ("grant select on any table of " is not a best choic)
>
You are the only person who can assess your security needs.

But if you want to exercise a positive security measures do not TAKE SHORTCUTS. This means put in place restrictions known on well-known objects and not grant on a table or an object and any grants a single user or super role.

Aman and others have already said a good security refers to the compartmentalization and a rigid hierarchy. The objective of the implementation process and standards is not to make developers work more easier or faster. Yes - do the work correctly on 100 patterns and a large number of objects in each scheme will be tedious. You can automatically generate basic subsidies and coil them to scripts. But don't try to automate the entire process from beginning to end. That will leave large enough for a bus through security holes.

Create a hierarchy in the sense of

1. a schema at a time
a. purpose of subsidies - for tables, views, procedures, etc. to a role. Best is to use a separate role for each type of object
2 grant the role of schema for users who need

Build small pieces manageable and controllable. Then combine these pieces into a top-level component. Not just make a huge mess of subsidies.

Tags: Database

Similar Questions

  • Grant select privilege on the table column

    Hello
    I think that it is not possible to give the right to select level of column in a table.

    by example-grant select (col1, col2) on table1 to User1;

    Can anyone suggest what might be the way to achieve (apart from creating a view on the table).

    Hi, Anit,

    Anit says:
    Hi Frank,.
    Thanks for the reply. Nothing bad to see.

    Then use a notice. It is simpler and more robust.

    As that I knew WHAT EVP is used for the column data hide with a null value or other values. do not hide the entire column of the selection operation. Please correct me if I'm wrong.

    Maksing the column with a null value or another value is hide the column.
    Do what you should always do whenever you have a question. Post some sample data (CREATE TABLE and INSERT statements) and the results desired from these data. In this case, after an authorized user (that is, a user with all privileges) must get results and results that a user with lesser forge privileges.

    A view (or a copy of the table, as a materialized view) is the only way I know to prevent users to know that there is a column (for example) called credit_card_num.
    Use row-level security, you can return NULL when users not allowed to reference credit_card_num, or you can trigger an error if they try to refer to this column.

  • Grants to only read the schema

    Hi all

    We want to create read only one schema with dynamic read-only access to a source schema.

    We knew that the steps to create read only schema, but we would like to know, how grant us only read access for new objects created in the source schema?

    Let's say, test pattern source today has 100 items. We have created reading scheme (test_ro) with select on / execute on for all 100 objects in the schema source (test).

    After a week, another 30 new objects are created on the test. Now how we automate reading only grants for these 30 new items to read only one schema (test_ro) of the schema of the source (test)?

    Thank you in advance...

    Thank you

    Dinesh.

    A simple approach could be like below. Readonly_role is a user-defined. You can add any number of privileges in the execute stmt.

    create or replace trigger .AUTO_ASSIGN_GRANT_READONLY
     after CREATE on .schema
      declare
      l_str varchar2(255);
      l_job number;
      begin
      if ( ora_dict_obj_type = 'TABLE' )
      then
      l_str := 'execute immediate "grant select on .'||ora_dict_obj_name ||' to READONLY_ROLE";';
      --execute immediate 'grant select on .'|| ora_dict_obj_name ||' to READONLY_ROLE;';
     dbms_job.submit( l_job, replace(l_str,'"','''') );
     end if;
     end;
  /

    I copied this over the internet a few years back and I modified to suit my needs...

    The unknown author is the one who should take the credit.

  • Granting select permission on the view to the schema of the database different.

    Dear all

    I need schema view 'data_model_eb' APPS to grant select permission on a different database schema "HHS" on another server.

    Kindly help me to create the link to the db and grant the select permission.

    Thank you.

    You have two solution, but I think the second One is the best for you, what is your version of the database!

    create view  as select * from table_name@dblink
grant select on  to USER;

    OR create a PUBLIC database link

  • Grant select on all the table schema in the role

    Hi, it is possible to grant is selected on all the table on a diagram to a role?

    Yes.

    SELECT 'GRANT ALL ON' ||TABLE_NAME || ' to ROLE_NAME;' from dba_tables where owner='SCHEMA';

  • generating triggers composed on the basis of data Oracle 11 GR 2

    Hello SDDM users.

    Does anyone have an idea how to force the SQL Developer Data Modeler to produce the compound triggers on tables during DDL generation?

    I saw that there was a similar question of 2011 on this forum.  At the request of development was honoured again?

    Thanks for any info

    concerning

    Wouter

    Hi Wouter,

    We can operate in DM 4.1 production code.

    Philippe

  • Select and use the advanced Script data

    Hello

    I developed a script that determines the data but to automate the process more far, I need help with a strategy to select the starting point for packaging data.  I mean, is that I have a piece of raw data that say has 2 events, EV1 and EV2.

    Sometimes, when the data are acquired EV1 is performed first EV2 is performed, sometimes that ev2 is performed first and then EV1 is made, after the acquisition also sometimes only EV1 and EV2.

    I developed a script that processes my data but I have to compensate for a physical value in my script manual then the 'FIND()' function begins to look in the right place.

    I want to do is to have my script request to the user where the script should be considered a starting point for the script or if the part of the script is executed at all.

    Here's how I'm compensating the FIND()

    CtrlTimeVals (i) = Find ("Ch (L2)" > = R1 ', CtrlTimeVals(i-1) + 3537 ")

    RespTimeVals (i) = Find ("Ch (L4)" > = R2 ", RespTimeVals (i - 1) + 35400")

    I use DIAdem 2011


  • On the basis of data

    Hello

    I don't understand the need for database links,

    I think I can quote the remote database and the ip address of the remote server that has the database in the tnsnames.ora and I can connect.

    so, what is the need of the db link?

    I think I have a conflict, please clarify the question for me,

    Thank you

    > First point, I think I can do it with the tnsnames method, I've already mentioned?

    Yes.

    > 2nd point, which is the meanning to the DML distributed?

    Look at the fourth example (below).

    Definition:

    What are distributed Transactions?

    "A distributed transaction includes one or more instructions which, individually or in a group, update data on two or more separate nodes of a distributed data base."

    1. SELECT distance

    -Selects from a single database (remote)

    -It is a non-distributed transaction (of course, this operation does not alter because it does contain no DML commands)

    Select...

    of remote table1@db2--table

    where the...

    commit;

    2. remote DML, for example. Remote UPDATE

    -Updates as a single database (remote)

    -It is a non-distributed transaction

    Update remote table1@db2--table

    where the...

    commit;

    3. SELECT distribution

    -Selects in two or more databases

    -It is a non-distributed transaction (of course, this operation does not alter because it does contain no DML commands)

    -We cannot do this without database link

    Select...

    FROM table1,-local table

    Remote Table2@DB2--table

    where the...

    commit;

    4 distributed DML, for example. INSERTION distributed

    -Selection of two or more databases and inserts them into a single database (or selects a database and inserts into the second database)

    -It is a non-distributed transaction

    -We cannot do this without database link

    Insert into table1... - local table

    Select...

    from table2,-local table

    Remote table3@DB2--table

    where the...

    commit;

    5 distributed transaction

    -Once again: "a distributed transaction includes one or more instructions which, individually or in a group, update data on two or more nodes separate a database distributed."

    -We cannot do this without database link

    Insert into table1... - local table

    Update remote [email protected]

    commit;

    Kind regards

    Zlatko

  • can I create an EM 12 c database with the preconfigured repository database use, models on the basis of data Oracle 12 c

    The installation for EM 12 c document indicates "Install Oracle Database 11 g Release 2 (11.2.0.3) software on the host computer, where you want to create the database".  I want to use Oracle database 12 c.  Is there a template to preconfigure the repository on a database of 12 c?  Or is there a work around?

    For the version EM Cloud control 12.1.0.5, which is the most recent version of the MA, the models for the 12.1.0.2 of the database version is available here.

    Model of data base for the installation of Oracle Enterprise Manager Cloud control 12 c Release 5 (12.1.0.5)

    Note that, although a DB template helps you to simplify the installation process, you can always install EM12c without one. If necessary, look at the manual below:

    http://docs.Oracle.com/CD/E24628_01/install.121/e22624/install_em_exist_db.htm#EMBSC159

    Kind regards

    -Loc

  • Clone of the drive selected only--ignore the independent record

    I have a virtual machine with two drives.  the first disk contains the operating system and is a standard virtual disk.  The second disc is independent - persistent.  I want hot Clone ONLY the OS disk and ignore the independent drive.  I have a Powershell script that will clone a virtual machine, but I need to know how to jump the independent drive.

    It seems that it is possible to copy a vmdk selected a virtual computer on the ground, but I need to be able to make a clone of hot.  Is this possible via Powershell?

    Here is the code for the loop. Replace # DO comment on the line and everything up to the # clean comment by the following

    ## DO IT -- NOTE that CopyVirtualDisk_Task is 'experimental' as of vSphere 4.0 GA        $taskMoRef = $vdiskMgr.CopyVirtualDisk_Task($sourceDS, $sourceDC, $destDS, $destDC, $destSpec, $force)
        $task = Get-View $taskMoRef        $info = get-task | where {$_.id -like "*-"+$task.info.key}
        while ($task.Info.State -eq "running" -or $task.Info.State -eq "queued") {
            sleep 10            $info = get-task | where {$_.id -like "*-"+$task.info.key}
            $task = Get-View $taskMoRef            Write-Host "Task" $task.info.state "," $info.percentcomplete "% complete."        }
    }
}

  • selection column of the table xml data type

    Hello.
    I tried the following example with xml as column name data type
    create table emp_detail( empno number,ename varchar2(32),empdetails sys.xmltype)

Insert into EMP_DETAIL
   (EMPNO, ENAME, EMPDETAILS)
 Values
   (1, 'satya', XMLTYPE('<NAME>
  <FIRSTNAME>SATYA</FIRSTNAME>
  <LASTNAME>SREE</LASTNAME>
  <LOC>SECBAD</LOC>
</NAME>
'));
Insert into EMP_DETAIL
   (EMPNO, ENAME, EMPDETAILS)
 Values
   (2, 'jo', XMLTYPE('<NAME>
  <FIRSTNAME>JO</FIRSTNAME>
  <LASTNAME>REDDY</LASTNAME>
  <LOC>MYPR</LOC>
</NAME>
'));
    So, after that I tried this query to retrieve the State of an attribute data.
    SELECT a.empdetails.extract('//NAME/text()').getStringVal() AS "Table Name"
FROM   emp_detail a
WHERE  a.empdetails.existsNode('/NAME')  = 1;
    But those who above indicates no record...
    Why?


    Thank you 
    SQL>  SELECT a.empdetails.extract('//NAME/FIRSTNAME/text()').getStringVal() AS "first_name",
  2     a.empdetails.extract('//NAME/LASTNAME/text()').getStringVal() AS "last_name",
  3     a.empdetails.extract('//NAME/LOC/text()').getStringVal() AS "loc"
  4     FROM emp_detail a
  5    WHERE a.empdetails.existsNode('/NAME')  = 1;

first_name           last_name            loc
-------------------- -------------------- --------------------
SATYA                SREE                 SECBAD
JO                   REDDY                MYPR

  • Portege M400 boots only when the base

    For the last two months, I have starting problems with my M400. When it is not attached to the docking station it starts as soon as a person out of 30 (or more) times. The rest of the time that it is either the power led flashing orange or simply the Green switch, and do nothing else.

    I tried to start with a/c, A / C + battery, battery alone, but nothing helps. However, when it is attached to the docking station, it starts fine everytime.

    Any thoughts on what could go wrong?

    + The message was edited: link has been removed - unauthorized +.

    Hello

    From my experience the docking station has no influence on the start-up procedure specification.
    That's why I put t understand why the laptop does not start successfully without the stand logged.

    But perhaps it is something wrong with a connection to the motherboard and because of s connected docking station the motherboard would be forced to another post.

    Sorry, mate, but we can only speculate what might affect the start-up procedure specifications

  • SOA Suite, on the basis of data applications

    Hello

    SOA Suite (10.0.1.3.1 with 10.0.1.3.5 update) installed on the database with the Applications of the E-Business Suite does 11i both 12R?

    Or should she have separate database for himself?

    Thanks for your help
    Pawel

    Yes, SOA Suite (10.1.3.x) is using its own scheme to store its data. This does not disturb the EBS.

    Marc
    http://orasoa.blogspot.com

  • BlackBerry Smartphones support email done BB 10 on WiFi mode only (without the need for data plan)?


    No need to double post. I answered your question here:

    http://supportforums.BlackBerry.com/T5/BlackBerry-accessories/does-BB-10-support-email-on-WiFi-only-...

  • How can I select multiple cells in tableview with javafx only with the mouse?

    I have an application with a tableview in javafx and I want to select more than one cell only with the mouse (something like the selection that exists in excel). I tried with setOnMouseDragged but I cant'n do something because the selection only returns the cell from which the selection started. Can someone help me?

    For events of the mouse to be propagated to other than the node in which nodes the drag started, you must activate a 'full-drag-release press gesture' by calling startFullDrag (...) on the original node. (For more details, see the Javadocs MouseEvent and MouseDragEvent .) You can register for MouseDragEvents on cells of the table in order to receive and process these events.

    Here's a simple example: the user interface is not supposed to be perfect, but it will give you the idea.

    import java.util.Arrays;

import javafx.application.Application;
import javafx.beans.property.SimpleStringProperty;
import javafx.collections.FXCollections;
import javafx.collections.ObservableList;
import javafx.event.EventHandler;
import javafx.geometry.Insets;
import javafx.scene.Group;
import javafx.scene.Scene;
import javafx.scene.control.Label;
import javafx.scene.control.SelectionMode;
import javafx.scene.control.TableCell;
import javafx.scene.control.TableColumn;
import javafx.scene.control.TableView;
import javafx.scene.control.cell.PropertyValueFactory;
import javafx.scene.input.MouseDragEvent;
import javafx.scene.input.MouseEvent;
import javafx.scene.layout.VBox;
import javafx.scene.text.Font;
import javafx.stage.Stage;
import javafx.util.Callback;

public class DragSelectionTable extends Application {

    private TableView table = new TableView();
    private final ObservableList data =
        FXCollections.observableArrayList(
            new Person("Jacob", "Smith", "[email protected]"),
            new Person("Isabella", "Johnson", "[email protected]"),
            new Person("Ethan", "Williams", "[email protected]"),
            new Person("Emma", "Jones", "[email protected]"),
            new Person("Michael", "Brown", "[email protected]")
        );

    public static void main(String[] args) {
        launch(args);
    }

    @Override
    public void start(Stage stage) {
        Scene scene = new Scene(new Group());
        stage.setTitle("Table View Sample");
        stage.setWidth(450);
        stage.setHeight(500);

        final Label label = new Label("Address Book");
        label.setFont(new Font("Arial", 20));

        table.setEditable(true);

        TableColumn firstNameCol = new TableColumn<>("First Name");
        firstNameCol.setMinWidth(100);
        firstNameCol.setCellValueFactory(
                new PropertyValueFactory("firstName"));

        TableColumn lastNameCol = new TableColumn<>("Last Name");
        lastNameCol.setMinWidth(100);
        lastNameCol.setCellValueFactory(
                new PropertyValueFactory("lastName"));

        TableColumn emailCol = new TableColumn<>("Email");
        emailCol.setMinWidth(200);
        emailCol.setCellValueFactory(
                new PropertyValueFactory("email"));

        final Callback, TableCell> cellFactory = new DragSelectionCellFactory();
        firstNameCol.setCellFactory(cellFactory);
        lastNameCol.setCellFactory(cellFactory);
        emailCol.setCellFactory(cellFactory);

        table.setItems(data);
        table.getColumns().addAll(Arrays.asList(firstNameCol, lastNameCol, emailCol));

        table.getSelectionModel().setCellSelectionEnabled(true);
        table.getSelectionModel().setSelectionMode(SelectionMode.MULTIPLE);

        final VBox vbox = new VBox();
        vbox.setSpacing(5);
        vbox.setPadding(new Insets(10, 0, 0, 10));
        vbox.getChildren().addAll(label, table);

        ((Group) scene.getRoot()).getChildren().addAll(vbox);

        stage.setScene(scene);
        stage.show();
    }

    public static class DragSelectionCell extends TableCell {

        public DragSelectionCell() {
            setOnDragDetected(new EventHandler() {
                @Override
                public void handle(MouseEvent event) {
                    startFullDrag();
                    getTableColumn().getTableView().getSelectionModel().select(getIndex(), getTableColumn());
                }
            });
            setOnMouseDragEntered(new EventHandler() {

                @Override
                public void handle(MouseDragEvent event) {
                    getTableColumn().getTableView().getSelectionModel().select(getIndex(), getTableColumn());
                }

            });
        }
        @Override
        public void updateItem(String item, boolean empty) {
            super.updateItem(item, empty);
            if (empty) {
                setText(null);
            } else {
                setText(item);
            }
        }

    }

    public static class DragSelectionCellFactory implements Callback, TableCell> {

        @Override
        public TableCell call(final TableColumn col) {
            return new DragSelectionCell();
        }

    }

    public static class Person {

        private final SimpleStringProperty firstName;
        private final SimpleStringProperty lastName;
        private final SimpleStringProperty email;

        private Person(String fName, String lName, String email) {
            this.firstName = new SimpleStringProperty(fName);
            this.lastName = new SimpleStringProperty(lName);
            this.email = new SimpleStringProperty(email);
        }

        public String getFirstName() {
            return firstName.get();
        }

        public void setFirstName(String fName) {
            firstName.set(fName);
        }

        public String getLastName() {
            return lastName.get();
        }

        public void setLastName(String fName) {
            lastName.set(fName);
        }

        public String getEmail() {
            return email.get();
        }

        public void setEmail(String fName) {
            email.set(fName);
        }
    }

}

Maybe you are looking for

  • Crash after restore window when right clicking the back navigation button

    I have, more or less, a success rate of 100% crash Fx of worm. 33 if I restore (bring) a window from the taskbar directly then right click on the arrow to the left, when the PC is in "sleep". I thought that this would be resolved with 33.0.2, because

  • new update on IPad would not activate

    new update on IPad would not activate

  • Qosmio G30: Option unavailable SPDIF in the Audio properties

    Qosmio G30, SigmaTel HD Audio Codec, running XP 2 I'm looking for audio signal through the built in coaxial to the GPA. No signal. When I go to sounds and Audio devices > advanced > Volume Control Panel /Properties there is no cursor for spdif badett

  • 2713hm resolution to scale/stretch

    My (Dell) laptop cannot drive the monitor at full display resolution. I'm running at 1920 x 1080 over HDMI or 2048 x 1152 on VGA, and it adapts to fill the entire screen. Is it possible to disable the scaling for the corresponding and black bars of 1

  • ORA-19809: limit exceeded for the recovery file

    HelloI'm working on a database of Oracle 11 g Enterprise Edition Release 11.2.0.3.0 - 64 bit Production, RAC environment.I get the error ORA-19809 when executing a backup rman full 0.Here's the script:RUN{ALLOCATE CHANNEL disk1 DEVICE TYPE DISK MAXOP