Return-Path: <oracle-l-bounce@freelists.org>
Received: from air189.startdedicated.com (root@localhost)
 by orafaq.com (8.11.6/8.11.6) with ESMTP id i1J1IW914287
 for <oracle-l@orafaq.com>; Wed, 18 Feb 2004 19:18:32 -0600
X-ClientAddr: 206.53.239.180
Received: from turing.freelists.org (freelists-180.iquest.net [206.53.239.180])
 by air189.startdedicated.com (8.11.6/8.11.6) with ESMTP id i1J1IUo14280
 for <oracle-l@orafaq.com>; Wed, 18 Feb 2004 19:18:31 -0600
Received: from turing (localhost [127.0.0.1])
 by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP
 id A4436394CDA; Wed, 18 Feb 2004 20:20:40 -0500 (EST)
Received: with ECARTIS (v1.0.0; list oracle-l); Wed, 18 Feb 2004 20:19:19 -0500 (EST)
X-Original-To: oracle-l@freelists.org
Delivered-To: oracle-l@freelists.org
Received: from irvbhxw01.prod.quest.corp (irvbhxw01.quest.com [12.106.87.68])
 by turing.freelists.org (Avenir Technologies Mail Multiplex) with ESMTP id A51A5394CCB
 for <oracle-l@freelists.org>; Wed, 18 Feb 2004 20:19:15 -0500 (EST)
Received: from irvmbxw02.prod.quest.corp ([10.1.2.203]) by irvbhxw01.prod.quest.corp with Microsoft SMTPSVC(5.0.2195.6713);
	 Wed, 18 Feb 2004 17:20:59 -0800
X-MimeOLE: Produced By Microsoft Exchange V6.0.6487.1
content-class: urn:content-classes:message
MIME-Version: 1.0
Content-type: text/plain
Subject: RE: Privilege to be abl to truncate another user's table
Date: Wed, 18 Feb 2004 17:20:59 -0800
Message-ID: <B5C5F99D765BB744B54FFDF35F602621033DAEE9@irvmbxw02>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: Privilege to be abl to truncate another user's table
Thread-Index: AcP0EUozbQSuSVBmQUasv6v8klryegCdTtnw
From: "Jacques Kilchoer" <Jacques.Kilchoer@quest.com>
To: <oracle-l@freelists.org>
X-OriginalArrivalTime: 19 Feb 2004 01:20:59.0685 (UTC) FILETIME=[A1C8D550:01C3F686]
Content-Transfer-Encoding: 8bit
X-archive-position: 1154
X-ecartis-version: Ecartis v1.0.0
Sender: oracle-l-bounce@freelists.org
Errors-To: oracle-l-bounce@freelists.org
X-original-sender: Jacques.Kilchoer@quest.com
Precedence: normal
Reply-To: oracle-l@freelists.org
X-list: oracle-l

True enough, assuming all the tables that the person will be truncating are in the same schema.
> -----Original Message-----
> Jared Still
>
> You don't need to give anyone the 'drop any table' priv.
>
> Just create the procedures in the same schema as the table,
> and be selective about who to grant execute to.
>
> Jared
>
> On Fri, 2004-02-13 at 18:16, Jacques Kilchoer wrote:
> > I hate to steal someone else's thunder, but I wrote
> something a while ago that does exactly the same thing, so I
> will take the liberty of posting it here.
> > Create two procedures owned by USERA. USERA has DROP ANY
> TABLE privilege.
> > grant execute on TRUNCATE_TABLE to USERB ;
> >
> > USERB has DELETE privilege on USERC.TABLENAME ;
> >
> > then USERB can say
> > execute usera.truncate_table ('USERC', 'TABLENAME')
> >
> > create or replace procedure do_truncate (table_owner_in
> varchar2, table_name_in varchar2)
> > is
> > begin
> >    execute immediate 'truncate table "' || table_owner_in || '"."'
> >       || table_name_in || '"' ;
> > end do_truncate ;
> > /
> > create or replace procedure truncate_table
> >    (table_owner_in varchar2, table_name_in varchar2)
> >    authid current_user
> > is
> > begin
> >    execute immediate 'delete from "' || table_owner_in ||
> '"."' || table_name_in
> >       || '" where rownum < 2' ;
> >    rollback ;
> >    do_truncate (table_owner_in, table_name_in) ;
> > end truncate_table ;
> > /
> >
> > > -----Original Message-----
> > > Bobak, Mark
> > >
> > > Sounds like a nice implementation.  If you have the=20
> > > code handy, I'd be interested.
> > >
> > > -----Original Message-----
> > > From: John Flack [ mailto:JohnF@smdi.com]
> > >
> > >
> > > Yes, you could grant "drop any table" and it would work, but
> > > I hate to =
> > > =3D
> > > grant that much power to do this.  So, I create a truncate
> > > procedure in =
> > > =3D
> > > a COMMON schema that has the drop any table privilege.  It
> > > does the =3D
> > > truncate with an EXECUTE IMMEDIATE, only if the user has the
> > > DELETE =3D
> > > privilege on the table.  If you're interested, I'll go find
> > > the code for =
> > > =3D
> > > the procedure.



----------------------------------------------------------------
Please see the official ORACLE-L FAQ: http://www.orafaq.com
----------------------------------------------------------------
To unsubscribe send email to:  oracle-l-request@freelists.org
put 'unsubscribe' in the subject line.
--
Archives are at http://www.freelists.org/archives/oracle-l/
FAQ is at http://www.freelists.org/help/fom-serve/cache/1.html
-----------------------------------------------------------------