Re: ROLES AND PRIVILEGES

From: Mark Powell <Mark.Powell_at_eds.com>
Date: 22 Dec 1998 18:58:10 GMT
Message-ID: <01be2ddd$596b9e40$a12c6394_at_J00679271.ddc.eds.com>

You do not get around this problem. In order to be able to create objects that reference objects owned by others and upon which you can then grant access on to other people, you must have direct grants on the foreign objects.

The best solution is to take a look at who the owner of the view, package, function etc... should be. Roles are great for holding and administering the table level privileges necessary to use an application. Application owners still need to be handled via direct grants.

E. Nunns <en201_at_cus.cam.ac.uk> wrote in article <
>
> We have adopted a role based approach to granting privileges to objects.
>
> However now we want to allow a user to create a view.
>
> The user was granted privileges to the underlying tables via a role and
so
> we get an error :-
>
> 'stored objects cannot use privileges from roles' (ORA-01933)
>
> The suggested action is to grant the privs directly to user. But does
> this not defeat the object of roles altogether?
>
> Anyone else had a similar problem? How do we get round this one?
>
> Elaine
>
Received on Tue Dec 22 1998 - 19:58:10 CET

This message: [ Message body ]
Next message: Thomas Kyte: "Re: ProC Date"
Previous message: oracle_man_at_hotmail.com: "Re: Alternative to T.O.A.D. ???"
In reply to E. Nunns: "ROLES AND PRIVILEGES"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message