Beruflich Dokumente
Kultur Dokumente
create user hr_audit identified by hr_audit;
grant create session, resource to hr_audit;
alter user hr_audit identified by oracle;
alter user hr_audit
quota unlimited on users
quota 10M on temp
quota 0M on system
/
SQL>
SQL> CREATE USER newUserName IDENTIFIED BY password;
User created.
SQL>
SQL> SELECT default_tablespace, temporary_tablespace
2 FROM dba_users
3 WHERE username='NEWUSERNAME';
DEFAULT_TABLESPACE TEMPORARY_TABLESPACE
------------------------------ ------------------------------
SYSTEM TEMP
SQL>
SQL> ALTER USER newUserName IDENTIFIED BY newPass;
User altered.
SQL>
SQL> DROP USER newUserName;
User dropped.
SQL>
AUDIT SELECT ON employees;
AUDIT DELETE ANY TABLE BY userName WHENEVER NOT SUCCESSFUL;
AUDIT UPDATE ANY TABLE;
AUDIT SESSION BY UserName;
AUDIT SELECT,INSERT,UPDATE,DELETE
ON employees BY ACCESS WHENEVER SUCCESSFUL;
--
NOAUDIT SESSION;
NOAUDIT DELETE ANY TABLE BY userName WHENEVER NOT SUCCESSFUL;
NOAUDIT DELETE ANY TABLE BY userName;
GRANT INSERT (salary) ON persons to userName;
--
SQL>
SQL> CREATE USER Bob IDENTIFIED BY mypass;
User created.
SQL> create user user1 identified by VALUES '1A2DD3CCEE354DFA';
SQL>
SQL>
SQL> drop user user1;
SQL>
SQL> create user aNewUser
2 identified by doomed
3 default tablespace users
4 temporary tablespace temp
5 quota unlimited on users;
User created.
SQL>
SQL>
SQL> grant create session, create table to aNewUser;
Grant succeeded.
SQL>
SQL> connect aNewUser/doomed;
Connected.
SQL>
SQL> create table employees_backup (
2 employee_id number,
3 last_name varchar2(30),
4 email varchar2(100)
5 );
Table created.
SQL>
SQL> drop table employees_backup;
Table dropped.
SQL>
create user java2s identified by password;
grant create session, dba to java2s;
connect java2s/password;
--DROP USER java2s;
SQL> select user from dual;
USER
------------------------------
JAVA2S
SQL>
SQL>
SQL>
SQL> show user
USER is "JAVA2S"
SQL>
SQL>
SQL>
SQL> select user Current_User
2 from dual
3 /
CURRENT_USER
------------------------------
JAVA2S
1 row selected.
SQL>
SQL> --
SQL>
SQL> select object_name, object_type
2 from all_objects
3 where owner = user
4 /
OBJECT_NAME OBJECT_TYPE
------------------------------ --------------------
MYTABLE_SESSION TABLE
DONTCOUNTSP FUNCTION
DO_COMMIT PROCEDURE
DONE TABLE
MY_TO_DATE FUNCTION
EXITFUNC
FACTORIAL
EMP_CHANGE_S PROCEDURE
LOG_SHUTDOWN TRIGGER
ADDRESS TYPE
LOG_STARTUP TRIGGER
ADDRESS TYPE BODY
EMP_PUBLIC_DATA VIEW
EMP_NAME_CHANGE TRIGGER
EMP_DEPT_PROCS PACKAGE
EMP_DEPT_PROCS PACKAGE BODY
DEBUG
ERASE PROCEDURE
GETEMPBLDGNAME FUNCTION
ASSIGNEMPTOBLDG PROCEDURE
DEBUG PACKAGE
ADD_MON FUNCTION
RAISE
ASSERT PROCEDURE
MAKE_MYTABLE
WRITE_NAME
HELLO
EMP_CHG TYPE
EMP_CHANGES TABLE
SYS_C005784 INDEX
SYS_LOB0000016238C00034$$ LOB
AQ$_EMP_CHANGES_S TABLE
SYS_C005787 INDEX
AQ$_EMP_CHANGES_V EVALUATION CONTEXT
AQ$_EMP_CHANGES_T TABLE
AQ$EMP_CHANGES_S VIEW
AQ$_EMP_CHANGES_N SEQUENCE
SYS_IOT_TOP_16247 INDEX
AQ$_EMP_CHANGES_H TABLE
EMPLOYEES_LIST TYPE
EMPLOYEE_TYPE
VIEW_T VIEW
STATE_PACKAGE PACKAGE
SHAPE TYPE
DEPT_EMP_VIEW VIEW
IO_BIFER_DEPT_EMP_VIEW TRIGGER
DEPARTMENT_10 VIEW
COMPILE_SCHEMA_TMP_PK INDEX
GET_NEXT_OBJECT_TO_COMPILE PROCEDURE
COMPILE_SCHEMA
COMPILE_SCHEMA_TMP TABLE
PRINT_TABLE PROCEDURE
SHOW_SPACE
DEBUG_TIMER
VC2TAB TYPE
P PROCEDURE
PEOPLE PACKAGE
PEOPLE PACKAGE BODY
TEMP_EMP TABLE
P_ADD_PROD PROCEDURE
P_ADD_EMPS
P_ADD_ORDERS
MEASURE_USAGE
SYS_IOT_TOP_15816 INDEX
UPPER_ENAME TABLE
SHOW_IOT_SPACE PROCEDURE
SYS_IOT_TOP_16249 INDEX
SYS_IOT_OVER_16251 TABLE
AQ$_EMP_CHANGES_G
SYS_IOT_TOP_16251 INDEX
AQ$_EMP_CHANGES_I TABLE
SYS_IOT_TOP_16254 INDEX
AQ$_EMP_CHANGES_E QUEUE
AQ$_EMP_CHANGES_F VIEW
AQ$EMP_CHANGES
EMP_DEPT_CHANGES_R RULE SET
EMP_DEPT_CHANGES_N
AQ$EMP_CHANGES_R VIEW
EMP_DEPT_CHANGES QUEUE
DEPT_AND_EMP TABLE
FILE_DUMP PROCEDURE
EMP_REG TABLE
EMP_TYPE TYPE
EMP_TAB_TYPE
EMPS_NT TABLE
SYS_C005826 INDEX
SYS_C005827
SUPER_TYPE TYPE
SESS_EVENT TABLE
NEW_PERSON TYPE
PERSON
NEW_PERSON TYPE BODY
LOGON_TRIGGER TRIGGER
VIRTUAL_TABLE_TYPE TYPE
ROWTYPE
ELEMENTTYPE
RESULTTYPE
COMPANY_LISTING PROCEDURE
PIVOT FUNCTION
VIRTUAL_TABLE
REMOVE_CONSTANTS
SQL_AREA_TMP TABLE
102 rows selected.
SQL>
SQL>
SQL> --
Create a user and then drop it
create user java2s identified by password;
grant create session, dba to java2s;
connect java2s/password;
--DROP USER java2s;
drop user Tom cascade;
SQL>
SQL>
SQL> create user dropme
2 identified by doomed
3 default tablespace users
4 temporary tablespace temp
5 quota unlimited on users
6 /
User created.
SQL>
SQL> grant create session, create table
2 to dropme
3 /
Grant succeeded.
SQL>
SQL> drop user dropme;
User dropped.
SQL>
SQL>
Create a user and grant the
permission
create user java2s identified by pa
ssword;
grant create session, dba to java2s
;
connect java2s/password;
--DROP USER java2s;
grant all on
directory
DirName to User
grant all on director
y ext_data_files to s
cott
/
Grant permission to
system
grant select on george.
mytable to system;
Grant update
permission
create table sprockets (
id number,
description varch
ar2(200),
quantity numbe
r )
/
grant update (id, descrip
tion)
on sprockets
to scott;
insert into sprockets (id
, description, quantity)
values( 1, 'Titanium', 25
);
commit;
-- connect scott/tiger
update george.sprockets s
et quantity = 3;
update george.sprockets s
et description = 'N';
drop table sprockets;
Column-Level Object
Privileges
GRANT UPDATE (product_id) O
N sales01 TO salapati;
--
add the additional ALL
clause to a GRANT
statement in order to
grant all possible
privileges
GRANT SELECT,INSERT,UPDATE,DE
LETE on EMPLOYEES TO oe;
GRANT ALL ON EMPLOYEES TO oe;
GRANT EXECUTE ON employee_pkg T
O hr;
Materialized view
privileges: SELECT and
QUERY REWRITE
GRANT QUERY REWRITE TO userName;
GRANT READ ON DIRECTORY bfile_dir
TO userName;
GRANT SELECT ON ods_process TO teste
r;
GRANT INSERT ON ods_process TO teste
r;
GRANT ALL ON ods_servers TO tester;
--
Grant Permissions
SQL>
SQL> CREATE USER Alice IDENTIFIED BY s
implepassword;
User created.
SQL>
SQL> GRANT SELECT, INSERT ON emp TO Al
ice WITH GRANT OPTION;
SQL>
SQL> drop user alice;
User dropped.
SQL>
SQL>
SQL>
SQL>
SQL> create user oracle_admin identifie
d by oracle_admin;
User created.
SQL>
SQL> grant create session, dba to oracle
_admin;
Grant succeeded.
SQL>
SQL> alter user oracle_admin account loc
k;
User altered.
SQL>
SQL> alter user oracle_admin account unl
ock;
User altered.
SQL>
SQL> -- connect oracle_admin/oracle_admi
n;
SQL>
SQL> DROP USER oracle_admin;
User dropped.
SQL>
unlock user
alter user joe account unlock;
CREATE PROFILE test_profile
LIMIT FAILED_LOGIN_ATTEMPTS 5
PASSWORD_LOCK_TIME UNLIMITED
Revoking roles
-- Only the DBA is allowed to revoke roles fr
om users and other roles.
-- Revoke the OrderEntry role from java2s
REVOKE OrderEntry FROM java2s;
REVOKE SELECT, INSERT ON ods_process FROM teste
r;
Revoke Permissions
SQL>
SQL>
SQL> CREATE USER Alice IDENTIFIED BY simplepasswo
rd;
User created.
SQL>
SQL> GRANT SELECT, INSERT ON emp TO Alice WITH GR
ANT OPTION;
SQL>
SQL> REVOKE INSERT ON emp FROM Alice;
SQL>
SQL>
SQL> drop user alice;
User dropped.
SQL>
SQL>
SQL>
SQL> CREATE USER Alice IDENTIFIED BY simplepassword
;
User created.
SQL>
SQL> GRANT SELECT, INSERT ON emp TO Alice WITH GRAN
T OPTION;
SQL>
SQL>
SQL> REVOKE INSERT ON emp FROM Alice CASCADE;
SQL>
SQL> drop user alice;
User dropped.
SQL>
create table sprockets (
id number,
description varchar2(200),
quantity number )
/
create or replace procedure add_sprocket
as
begin
insert into george.sprockets values( 6, 'Aluminu
m', 10 );
end;
/
drop table sprockets;
GRANT SELECT
ON customers_seq TO userName;
--
GRANT CREATE SESSION TO hr;
--
GRANT CREATE SESSION TO public;
--
SQL>
SQL> CREATE USER newUserName IDENTIFIED BY password;
User created.
SQL>
SQL> SELECT default_tablespace, temporary_tablespace
2 FROM dba_users
3 WHERE username='NEWUSERNAME';
DEFAULT_TABLESPACE TEMPORARY_TABLESPACE
------------------------------ -----------------------------
-
SYSTEM TEMP
SQL>
-- sqlplus newUserName/password
SQL> GRANT CREATE SESSION TO newUserName;
Grant succeeded.
SQL>
SQL> DROP USER newUserName;
User dropped.
SQL>
SQL>
SQL> CREATE TABLE source_log
2 (backup_date DATE,
3 backup_time VARCHAR2(6),
4 last_ddl_time DATE,
5 owner VARCHAR2(30),
6 name VARCHAR2(30),
7 type VARCHAR2(12),
8 line NUMBER,
9 text VARCHAR2(2000))
10 /
Table created.
SQL> CREATE INDEX source_log_idx1 ON source_log
2 (last_ddl_time, owner, name)
3 /
Index created.
SQL> CREATE or replace PUBLIC SYNONYM source_log FOR source_l
og
2 /
Synonym created.
SQL> GRANT SELECT, INSERT ON source_log to PUBLIC
2 /
Grant succeeded.
SQL>
SQL> drop table source_log;
Table dropped.
SQL>
SQL>
create public synonym employees for hr.employees;
create synonym addresses for hr.locations;
desc addresses
Creating a Private Synonym
create synonym addresses for hr.locations;
desc addresses
drop synonym addresses;
drop public synonym synonymName;
SQL>
SQL> create table emp(
2 emp_id integer primary key
3 ,lastname varchar2(20) not null
4 ,firstname varchar2(15) not null
5 ,midinit varchar2(1)
6 ,street varchar2(30)
7 ,city varchar2(20)
8 ,state varchar2(2)
9 ,zip varchar2(5)
10 ,shortZipCode varchar2(4)
11 ,area_code varchar2(3)
12 ,phone varchar2(8)
13 ,company_name varchar2(50));
Table created.
SQL>
SQL>
SQL> insert into emp(emp_id,lastname,firstname,midinit,street,city,stat
e,zip,shortZipCode,area_code,phone,company_name)values
2 (1,'Jones','Joe','J','1 Ave','New York','NY','
11202','1111','212', '221-4333','Big Company');
1 row created.
SQL> insert into emp(emp_id,lastname,firstname,midinit,street,city,stat
e,zip,shortZipCode,area_code,phone,company_name)values
2 (2,'Smith','Sue','J','1 Street','New York','NY
','11444','1111','212', '436-6773','Little Company');
1 row created.
SQL> insert into emp(emp_id,lastname,firstname,midinit,street,city,stat
e,zip,shortZipCode,area_code,phone,company_name)values
2 (3,'X','Peggy','J','1 Drive','New York','NY','
45502','2222','212', '234-4444','Medium Company');
1 row created.
SQL>
SQL> create or replace view phone_list as
2 select emp_id, firstname || ' ' || midinit || '. ' || lastname as
name,'(' || area_code || ')' || phone as telephone#
3 from emp;
View created.
SQL>
SQL>
SQL>
SQL> desc phone_list
Name
Null? Type
----------------------------------------------------------------------
------------------------------- -------- ------------------------------
--------------------------------------
EMP_ID
NOT NULL NUMBER(38)
NAME
VARCHAR2(39)
TELEPHONE#
VARCHAR2(13)
SQL> select * from phone_list;
EMP_ID NAME TELEPHONE#
---------- --------------------------------------- -------------
1 Joe J. Jones (212)221-4333
2 Sue J. Smith (212)436-6773
3 Peggy J. X (212)234-4444
3 rows selected.
SQL> create synonym phones for phone_list;
Synonym created.
SQL> desc phones
Name
Null? Type
----------------------------------------------------------------------
------------------------------- -------- ------------------------------
--------------------------------------
EMP_ID
NOT NULL NUMBER(38)
NAME
VARCHAR2(39)
TELEPHONE#
VARCHAR2(13)
SQL> select * from phones;
EMP_ID NAME TELEPHONE#
---------- --------------------------------------- -------------
1 Joe J. Jones (212)221-4333
2 Sue J. Smith (212)436-6773
3 Peggy J. X (212)234-4444
3 rows selected.
SQL>
SQL> select view_name from user_views;
VIEW_NAME
------------------------------
EMP_HQ
V
AVG_SAL
EMPDEPT_V
DEPT_SAL
ALL_ORACLE_ERRORS
INVENTORY_VIE
TOP_EMP
EMP_BONUS
SHARED
PHONE_LIST
11 rows selected.
SQL>
SQL> select synonym_name, table_name from user_synonyms;
SYNONYM_NAME TABLE_NAME
------------------------------ ------------------------------
PHONES PHONE_LIST
1 row selected.
SQL>
SQL>
SQL> drop synonym phones ;
Synonym dropped.
SQL>
SQL>
SQL>
SQL> drop table emp;
Table dropped.
SQL>
SQL>
SQL> SELECT 'CREATE PUBLIC SYNONYM ' ||
table_name
2 || ' for ' || user || '.' |
| table_name || ';'
3 FROM DBA_TABLES
4 WHERE dropped = 'NO';
no rows selected
SQL>
SQL> select owner, synonym_name, table_owner
, table_name
2 from all_synonyms
3 where synonym_name='JOBS' and rownum <
6;
no rows selected
SQL>
SQL>
SQL>
Privilege Description
CREATE SESSION Enables a user to connect t
o the database instance.
CREATE TABLE Enables a user to create a
table in his or her schema.
CREATE VIEW Enables a user to create a
view in his or her schema.
CREATE SYNONYM Enables a user to create a
private synonym in his or her schema.
CREATE PUBLIC SYNONYM Enables a user to create a
synonym in the SYS schema that can be used by
any user in the database.
CREATE PROCEDURE Enables a user to create a
stored procedure or function is his or her
schema.
CREATE SEQUENCE Enables a user to create a
sequence in his or her schema.
CREATE TRIGGER Enables a user to create a
trigger in his or her schema on a table in his
or her schema.
CREATE USER Enables a user to create an
other user in the database and specify the
password and other settings
at creation time.
ALTER USER Enables a user to modify th
e user information of another user in the
database, including changin
g the user's password.
DROP ANY TABLE Enables a user to drop any
table in any schema in the database.
ALTER ANY TABLE Enables a user to alter any
table in any schema in the database.
BACKUP ANY TABLE Enables a user to make a co
py of any table in the database using the
Export utility (exp).
SELECT ANY TABLE Enables a user to issue a S
ELECT statement against any table
in the database.
INSERT ANY TABLE Enables a user to issue an
INSERT statement against any table in
the database.
UPDATE ANY TABLE Enables a user to issue an
UPDATE statement against any table in the
database.
DELETE ANY TABLE Enables a user to issue a D
ELETE statement against any table in the
database.
grant references ( employee_id ),update( first_nam
e,last_name,job_id,manager_id,department_id )
on hr.employees to scott;
select *
from dba_col_privs
/
GRANT create session
, create table
, create procedure
, create view
, create synonym
, create public synonym
, drop public synonym
, alter session
TO ppl;
GRANT DELETE ON bonuses TO userName
--
GRANT SELECT ON Student.ClassEnrollment TO Susan
WITH GRANT OPTION;
grant create session, create table to dropme;
grant select on mytable to scott with grant option;
connect scott/tiger
grant select on george.mytable to system;
GRANT SELECT, UPDATE
ON emp_view TO PUBLIC;
--
Remove user
SQL>
SQL>
SQL> CREATE USER Alice IDENTIFIED BY simplepassword;
User created.
SQL>
SQL> ALTER USER Alice IDENTIFIED BY complicatedpassword;
User altered.
SQL>
SQL>
SQL> drop user alice;
User dropped.
SQL>
SQL>
SQL>