Granting the privileges of existing objects within a schema to a new role

Ted

How do I grant all privileges for a schema that has a large number of
existing tables, procedures, functions, etc to a newly created role,
without having to issue a grant statement for each object and each
privilege? I want the role to have all of the rights of the schema
owner.

Is there any kind of blanket granting of all privileges to a role?

Jul 19 '05 #1

Subscribe Reply

8569

Mark C. Stock

"Ted" <st******@ceva. net> wrote in message
news:39******** *************** ***@posting.goo gle.com...
| How do I grant all privileges for a schema that has a large number of
| existing tables, procedures, functions, etc to a newly created role,
| without having to issue a grant statement for each object and each
| privilege? I want the role to have all of the rights of the schema
| owner.
|
| Is there any kind of blanket granting of all privileges to a role?

Like 'GRANT SELECT TO xxx ON SCHEMA SCOTT'? Good idea, but doesn't exist.

You can, however, right PL/SQL to loop through all objects in a schema and
grant appropriate privileges to the target role

Something like:

procedure grant_all_objec ts(ip$role in varchar2)
for r1 in (select object_type, object_name from user_objects where
object_type in .... )
loop
case
when r1.object_type = 'TABLE'
then execute immediate 'grant select on ' || r1.object_name || ' to
' || ip$role;
when r1.object_type in ('PROCEDURE','F UNCTION'...

++ mcs

Jul 19 '05 #2

Bob Murphy

Ted wrote:

How do I grant all privileges for a schema that has a large number of
existing tables, procedures, functions, etc to a newly created role,
without having to issue a grant statement for each object and each
privilege? I want the role to have all of the rights of the schema
owner.

Is there any kind of blanket granting of all privileges to a role?

-- Try something like:
rem This script performs dynamic granting of tables,views,se quences to
rem users/roles/PUBLIC. This script needs to be run as the owner
rem of the objects you are granting to.

rem s_user - List of users/roles to grant to. Can be comma seperated.

set verify off
set pause off
set doc off
set heading off

accept s_user prompt 'Enter USERNAME,ROLE, or PUBLIC to grant to : '

prompt

show user

prompt 'Granting SELECT,INSERT,U PDATE,DELETE only to &s_user'
prompt

DECLARE
l_sql varchar2(254);
cursor_id integer;
result integer;

l_target_user varchar2(80) := '&s_user';

cursor get_tab is
select table_name from user_tables ;

cursor get_view is
select view_name from user_views;

cursor get_seq is
select sequence_name from user_sequences;

BEGIN

cursor_id:=dbms _sql.open_curso r;

/* Tables first */

FOR tab_rec in get_tab LOOP

l_sql := 'grant select,insert,u pdate,delete on
'||tab_rec.tabl e_name||' to '||l_target_use r;
dbms_sql.parse( cursor_id,l_sql ,1);
result := dbms_sql.execut e(cursor_id);

END LOOP;

/* Views */

FOR view_rec in get_view LOOP

l_sql := 'grant select,insert,u pdate,delete on
'||view_rec.vie w_name||' to '||l_target_use r;
dbms_sql.parse( cursor_id,l_sql ,1);
result := dbms_sql.execut e(cursor_id);

END LOOP;

/* Sequences */

FOR seq_rec in get_seq LOOP

l_sql := 'grant select on '||seq_rec.sequ ence_name||' to
'||l_target_use r;
dbms_sql.parse( cursor_id,l_sql ,1);
result := dbms_sql.execut e(cursor_id);

END LOOP;

dbms_sql.close_ cursor(cursor_i d);

END;
/

-- add loops for each type (e.g., packages, etc.)

Jul 19 '05 #3

Similar topics

34075

Granting sysdba to a user

by: DC_DBA | last post by:

I want to 'grant sysdba to a user' for an application. (At least that is what I believe so far after having had this problem dumped on me 2 days ago.) The support we get from the application vendor is lame, to say the least. Our application users dont know anything. 1. The Oracle 9i server is installed on a Sun Solaris system. 2. I work with Sybase and hence don't know any Oracle. 3. I can start sqlplus but dont know where to go after...

Oracle Database

99026

A Query about GRANT ALL PRIVILEGES in ORACLE

by: Amardeep Verma | last post by:

Hi, I have a quick question. Which role/privileges are required before a user can give the statement "GRANT ALL PRIVILEGES"? Thanking you in Advance Have a nice day

Oracle Database

19865

Granting privileges on table owned by different owner

by: Wade Chy | last post by:

Hi All I am in a situation where I have to grant select privileges on tables owned by a different owner to a specific role. I am logged in as system/sysdba. I have created a new role FIN_READ_ONLY. I need to grant SELECT privileges on all the existing and future tables owned by FIN. I tried to grant SELECT on FIN.ACCT_REF to FIN_READ_ONLY. But was not successful due to insufficient privileges since SYSTEM does not own the table or dont...

Oracle Database

1559

Problems with GRANTING SELECT to a table

by: Amin Schoeib | last post by:

Hi, I have a problem with permissions for SELECT. Here is what I did: test=> GRANT SELECT ON "poi"."fondsstamm" TO "flex"; GRANT test=> \dp fondsstamm; Access privileges for database "test"

PostgreSQL Database

10131

granting db2expln for the public?

by: LazyAnt | last post by:

Hello, I have DB2 v8.1 for Linux for a class environment; each user has his/her own database as dbadm and they are suppose to study queries from another database. They have the right permissions to this database so they can do the SELECTS but they cannot alter the tables. Now I want them to be able to study the query plans.

DB2 Database

9412

DB2 privileges, Direct and Indirect SYSADM

by: Rahul B | last post by:

Hi, I am having the following issues while trying to restrict the current user from creating any objects. Below is the privileges for the user and response when i try to create a table in that user. Can anybody tell what is the difference between DIRECT SYSADM and Indirect SYSADM and why is Indirect SYSADM is assigned to user by default.

DB2 Database

4678

Granting DML privileges on all the tables of a schema to a user

by: Rahul B | last post by:

Hi, I want to grant only the connect, select, insert, update privileges on all the tables of a schema to a particular user/group Initially, i had revoked all the privileges from public. It seems that the privileges Select, Insert, Update can be given only on a table level and not on the schema level. I can iterate and get the script for the select privileges for all the tables and execute it.

DB2 Database

4096

Help needed: Granting Create table permisions on specific Schema Options

by: gdev | last post by:

Having some trouble getting my head around setting access to specific schemas- here's my problem: I've created a specific schema that I only want certain users to control Problem: Even though I give them full access....the cannot create tables under that schema...my code is below (flyer is the schema, eflyerAdmin is the role, and eflyer is the user):

Microsoft SQL Server

352

Granting the privileges of existing objects within a schema to a new role

by: Ted | last post by:

How do I grant all privileges for a schema that has a large number of existing tables, procedures, functions, etc to a newly created role, without having to issue a grant statement for each object and each privilege? I want the role to have all of the rights of the schema owner. Is there any kind of blanket granting of all privileges to a role?

Oracle Database

9645

What is ONU?

by: marktang | last post by:

ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However, people are often confused as to whether an ONU can Work As a Router. In this blog post, we’ll explore What is ONU, What Is Router, ONU & Router’s main usage, and What is the difference between ONU and Router. Let’s take a closer look ! Part I. Meaning of...

General

9480

Changing the language in Windows 10

by: Hystou | last post by:

Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...

Windows Server

10324

Problem With Comparison Operator <=> in G++

by: Oralloy | last post by:

Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...

C / C++

10147

Maximizing Business Potential: The Nexus of Website Design and Digital Marketing

by: jinu1996 | last post by:

In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...

Online Marketing

10090

The easy way to turn off automatic updates for Windows 10/11

by: Hystou | last post by:

Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...

Windows Server

8971

AI Job Threat for Devs

by: agi2029 | last post by:

Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing, and deployment—without human intervention. Imagine an AI that can take a project description, break it down, write the code, debug it, and then launch it, all on its own.... Now, this would greatly impact the work of software developers. The idea...

Career Advice

7499

Access Europe - Using VBA to create a class based on a table - Wed 1 May

by: isladogs | last post by:

The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...

Microsoft Access / VBA

6739

Couldn’t get equations in html when convert word .docx file to html file in C#.

by: conductexam | last post by:

I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...

C# / C Sharp

5511

Windows Forms - .Net 8.0

by: adsilva | last post by:

A Windows Forms form does not have the event Unload, like VB6. What one acts like?

Visual Basic .NET