BNFD - Your DBA NoteBook On The Net!!!

Tuesday, February 5, 2008

Roles and Priveleges in Oracle Database!!!

Creating a Role
To create a role, you must have CREATE ROLE system privileges.

The syntax for creating a role is:
CREATE ROLE role_name[ NOT IDENTIFIED IDENTIFIED {BY password USING [schema.] package EXTERNALLY GLOBALLY } ;

For example:
CREATE ROLE test_role;

This first example creates a role called test_role.

CREATE ROLE test_roleIDENTIFIED BY test123;

This second example creates the same role called test_role, but now it is password protected with the password of test123.

Grant Privileges (on Tables) to Roles

Privilege Description
Select Ability to query the table with a select statement.
Insert Ability to add new rows to the table with the insert statement.
Update Ability to update rows in the table with the update statement.
Delete Ability to delete rows from the table with the delete statement.
References Ability to create a constraint that refers to the table.
Alter Ability to change the table definition with the alter table statement.
Index Ability to create an index on the table with the create index statement.

The syntax for granting privileges on a table is:
grant privileges on object to role_name

For example, if you wanted to grant select, insert, update, and delete privileges on a table called suppliers to a role named test_role, you would execute the following statement:

grant select, insert, update, delete on suppliers to test_role;

You can also use the all keyword to indicate that you wish all permissions to be granted. For example:

grant all on suppliers to test_role;

Revoke Privileges (on Tables) to Roles
Once you have granted privileges, you may need to revoke some or all of these privileges. To do this, you can execute a revoke command. You can revoke any combination of select, insert, update, delete, references, alter, and index.

The syntax for revoking privileges on a table is:

revoke privileges on object from role_name;

Dropping a Role
It is also possible to drop a role. The syntax for dropping a role is:

DROP ROLE role_name;

For example:
DROP ROLE test_role;

2 comments:

Anonymous said...

Hi I am so excited I found your website, I really found you by accident, while I was browsing on Aol for something else,
Nonetheless I am here now and would just like to say many thanks for a tremendous post and a all round interesting blog (I also love the
theme/design), I don't have time to browse
it all at the moment but I have saved it and also added your RSS feeds, so when I have time
I will be back to read a lot more, Please do keep up the excellent
work.

Also visit my page; http://privateinvestigations101.wordpress.com/basics/

roothee said...

look at more info this page More hints her response look at these guys my company