Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Trigger creation by one user against another user's table

Re: Trigger creation by one user against another user's table

From: Steve Cummings <scummings_at_comshare.com>
Date: 24 Jul 2003 13:08:00 -0700
Message-ID: <dca24fbb.0307241208.50c1201@posting.google.com> 





Norman Dunbar <Norman.Dunbar_at_lfs.co.uk> wrote in message news:<E2F6A70FE45242488C865C3BC1245DA703F30847_at_lnewton.leeds.lfs.co.uk>...


> Morning Steve,

> 

> I'm puzzled as to why you would want to do this, however, as far as I'm

> aware, you need to grant the 'create any trigger' priv - which you

> already know about and have reservations about doing, for obvious

> reasons.

> 

> The only other way I can suggest you do this is for USER1 to create the

> required triggers for USER2.

> 

> You wouldn't be wanting USER2 to create triggers 'on the fly' would you

> ?

> 

> 

> Cheers,

> Norm.

> 

> -------------------------------------

> Norman Dunbar

> Database/Unix administrator

> Lynx Financial Systems Ltd.

> mailto:Norman.Dunbar_at_LFS.co.uk

> Tel: 0113 289 6265

> Fax: 0113 289 3146

> URL: http://www.Lynx-FS.com

> -------------------------------------





Norman,



Basically, the answer is yes the triggers are being dynamically
created based on user selections of certain information.  That said,
the frequency of the dynamics is very small in that once it is setup
it isn't likely to change but the user does have the option of
changing what data is selected at a later time. Which in turn requires
the trigger to be modified.



To try and clarify further, we have an Admin role defined which we
want members to be able to perform the same actions as the actual
schema owner from an application perspective.  Until recently, this
worked fine because the users in the Admin role only needed to perform
DML statements and not change schema content with DDL. But now the
application alters tables, drops/creates views and triggers when the
user changes certain pieces of configuration information in the
application and therefore needs privileges to perform the necessary
DDL statements.



I am of the opinion that because the action is done infrequently, that
we simply require the user log in as the schema owner and then make
their changes.


This doesn't seem to be an unreasonable requirement to me.



Thanks for your input.


Steve
Received on Thu Jul 24 2003 - 15:08:00 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US