Roles and Privileges

From: Steve <stevenmgarcia_at_hotmail.com>
Date: 27 Mar 2002 18:43:03 -0800
Message-ID: <4c049a8c.0203271843.1f74c6fc_at_posting.google.com>

I have a user (say userA) who owns about 70 tables
250 procedures
50 sequences
30 views

and a few other objects. Now I also have another user (say userB) who I want to have access to various schema objects of userA. For instance I want userB to have select, insert, update, and delete on the 70 tables.

Currently I'm doing this by creating a synonym for every table, procedure, view, sequence, etc for userB's account like

create synonym userB.table1 for userA.table1; create synonym userB.table2 for userA.table2;

After I create the synonyms, I assign various privileges to these synonym objects, like

grant select, insert, update, delete on table1 to userB; grant select, insert, update, delete on table2 to userB;

Now as one could imagine my synonym sql file will have hundreds of lines in it, and my grants sql file will also have hundreds of lines in it. Is there an easier way to implement this security by using roles?

For instance, I would love to create a role like

create role selecttable;
grant 'select all tables in userA schema' to selecttable;

Is there a way to do this without using the "any" keyword? I don't want to give this role select on ALL tables in the database, just the tables in userA's schema.

I would like to make this so for all the objects in userA's schema, but not across all the objects in the database.

Is there a way? Received on Thu Mar 28 2002 - 03:43:03 CET

This message: [ Message body ]
Next message: Sam: "Performace problem after upgraded from 8.0.5 to 8.1.7"
Previous message: Jon Armstrong: "Re: sql processing of local tables"
Next in thread: Steve: "Re: Roles and Privileges"
Reply: Steve: "Re: Roles and Privileges"
Reply: Burt Peltier: "Re: Roles and Privileges"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message