Create a user, grant permission and alter its password

create user hr_audit identified by hr_audit;

grant create session, resource to hr_audit;

alter user hr_audit identified by oracle;

Alter user to grant new quota value

alter user hr_audit
    quota unlimited on users
    quota 10M on temp
    quota 0M on system
    /

Alter user to change password

 
SQL>
SQL> CREATE USER newUserName IDENTIFIED BY password;

User created.

SQL>
SQL> SELECT default_tablespace, temporary_tablespace
  2  FROM dba_users
  3  WHERE username='NEWUSERNAME';

DEFAULT_TABLESPACE             TEMPORARY_TABLESPACE
------------------------------ ------------------------------
SYSTEM                         TEMP

SQL>
SQL> ALTER USER newUserName IDENTIFIED BY newPass;

User altered.

SQL>
SQL> DROP USER newUserName;

User dropped.

SQL>
 

Turning Auditing On in the Database

AUDIT SELECT ON employees;

AUDIT DELETE ANY TABLE BY userName WHENEVER NOT SUCCESSFUL;

AUDIT UPDATE ANY TABLE;

AUDIT SESSION BY UserName;

AUDIT SELECT,INSERT,UPDATE,DELETE
ON employees BY ACCESS WHENEVER SUCCESSFUL;

--

Turning Auditing Off

NOAUDIT SESSION;

NOAUDIT DELETE ANY TABLE BY userName WHENEVER NOT SUCCESSFUL;

NOAUDIT DELETE ANY TABLE BY userName;

grant INSERT and UPDATE privileges at a column level.

GRANT INSERT (salary) ON persons to userName;

--

Create User demo

 

SQL>
SQL> CREATE USER Bob IDENTIFIED BY mypass;

User created.

           
         
  

Create user and assign password

    

SQL> create user user1 identified by VALUES '1A2DD3CCEE354DFA';
SQL>
SQL>
SQL> drop user user1;

   
    
    
    
  

Create user: default tablespace, temporary tablespace, quota

SQL>
SQL> create user aNewUser
  2      identified by doomed
  3      default tablespace users
  4      temporary tablespace temp
  5      quota unlimited on users;

User created.

SQL>
SQL>
SQL> grant create session, create table to aNewUser;

Grant succeeded.

SQL>
SQL> connect aNewUser/doomed;
Connected.
SQL>
SQL> create table employees_backup (
  2        employee_id number,
  3        last_name   varchar2(30),
  4        email       varchar2(100)
  5      );
Table created.

SQL>
SQL> drop table employees_backup;

Table dropped.

SQL>
           
         
  

Create a user and drop it

 
create user java2s identified by password;

grant create session, dba to java2s;

connect java2s/password;

--DROP USER java2s;

           
         
  

Get current user name

SQL> select user from dual;

USER
------------------------------
JAVA2S

SQL>
           
         
  

Display current user

   

SQL>
SQL>
SQL> show user
USER is "JAVA2S"
SQL>
   
    
    
  

Get current user

 
SQL>
SQL>
SQL> select user Current_User
  2  from dual
  3  /
CURRENT_USER
------------------------------
JAVA2S

1 row selected.

SQL>
SQL> --

Use current user name in where clause

 
SQL>
SQL> select object_name, object_type
  2  from all_objects
  3  where owner = user
  4  /
OBJECT_NAME                    OBJECT_TYPE
------------------------------ --------------------
MYTABLE_SESSION                TABLE

DONTCOUNTSP                    FUNCTION

DO_COMMIT                      PROCEDURE

DONE                           TABLE

MY_TO_DATE                     FUNCTION
EXITFUNC
FACTORIAL

EMP_CHANGE_S                   PROCEDURE

LOG_SHUTDOWN                   TRIGGER

ADDRESS                        TYPE

LOG_STARTUP                    TRIGGER
ADDRESS                        TYPE BODY

EMP_PUBLIC_DATA                VIEW

EMP_NAME_CHANGE                TRIGGER

EMP_DEPT_PROCS                 PACKAGE

EMP_DEPT_PROCS                 PACKAGE BODY
DEBUG

ERASE                          PROCEDURE

GETEMPBLDGNAME                 FUNCTION

ASSIGNEMPTOBLDG                PROCEDURE

DEBUG                          PACKAGE

ADD_MON                        FUNCTION
RAISE

ASSERT                         PROCEDURE
MAKE_MYTABLE
WRITE_NAME
HELLO

EMP_CHG                        TYPE

EMP_CHANGES                    TABLE

SYS_C005784                    INDEX

SYS_LOB0000016238C00034$$      LOB

AQ$_EMP_CHANGES_S              TABLE

SYS_C005787                    INDEX

AQ$_EMP_CHANGES_V              EVALUATION CONTEXT

AQ$_EMP_CHANGES_T              TABLE

AQ$EMP_CHANGES_S               VIEW

AQ$_EMP_CHANGES_N              SEQUENCE

SYS_IOT_TOP_16247              INDEX

AQ$_EMP_CHANGES_H              TABLE

EMPLOYEES_LIST                 TYPE
EMPLOYEE_TYPE

VIEW_T                         VIEW
STATE_PACKAGE                  PACKAGE

SHAPE                          TYPE

DEPT_EMP_VIEW                  VIEW

IO_BIFER_DEPT_EMP_VIEW         TRIGGER

DEPARTMENT_10                  VIEW

COMPILE_SCHEMA_TMP_PK          INDEX

GET_NEXT_OBJECT_TO_COMPILE     PROCEDURE
COMPILE_SCHEMA

COMPILE_SCHEMA_TMP             TABLE

PRINT_TABLE                    PROCEDURE
SHOW_SPACE
DEBUG_TIMER

VC2TAB                         TYPE

P                              PROCEDURE

PEOPLE                         PACKAGE

PEOPLE                         PACKAGE BODY

TEMP_EMP                       TABLE

P_ADD_PROD                     PROCEDURE
P_ADD_EMPS
P_ADD_ORDERS
MEASURE_USAGE

SYS_IOT_TOP_15816              INDEX

UPPER_ENAME                    TABLE

SHOW_IOT_SPACE                 PROCEDURE

SYS_IOT_TOP_16249              INDEX

SYS_IOT_OVER_16251             TABLE
AQ$_EMP_CHANGES_G

SYS_IOT_TOP_16251              INDEX

AQ$_EMP_CHANGES_I              TABLE

SYS_IOT_TOP_16254              INDEX

AQ$_EMP_CHANGES_E              QUEUE
AQ$_EMP_CHANGES_F              VIEW
AQ$EMP_CHANGES

EMP_DEPT_CHANGES_R             RULE SET
EMP_DEPT_CHANGES_N

AQ$EMP_CHANGES_R               VIEW

EMP_DEPT_CHANGES               QUEUE

DEPT_AND_EMP                   TABLE

FILE_DUMP                      PROCEDURE

EMP_REG                        TABLE

EMP_TYPE                       TYPE
EMP_TAB_TYPE

EMPS_NT                        TABLE

SYS_C005826                    INDEX
SYS_C005827

SUPER_TYPE                     TYPE

SESS_EVENT                     TABLE

NEW_PERSON                     TYPE
PERSON

NEW_PERSON                     TYPE BODY

LOGON_TRIGGER                  TRIGGER

VIRTUAL_TABLE_TYPE             TYPE
ROWTYPE
ELEMENTTYPE
RESULTTYPE

COMPANY_LISTING                PROCEDURE

PIVOT                          FUNCTION
VIRTUAL_TABLE
REMOVE_CONSTANTS

SQL_AREA_TMP                   TABLE

102 rows selected.

SQL>
SQL>
SQL> --

 
Create a user and then drop it

create user java2s identified by password;

grant create session, dba to java2s;

connect java2s/password;

--DROP USER java2s;

           
       

If Tom owns a table. Use the CASCADE keyword to drop it

drop user Tom cascade;

Create user, grant permission and drop user

 
SQL>
SQL>
SQL> create user dropme
  2      identified by doomed
  3      default tablespace users
  4      temporary tablespace temp
  5      quota unlimited on users
  6      /

User created.

SQL>
SQL> grant create session, create table
  2      to dropme
  3      /

Grant succeeded.

SQL>
SQL> drop user dropme;

User dropped.

SQL>
SQL>
 Create a user and grant the
permission

 
create user java2s identified by pa
ssword;

grant create session, dba to java2s
;

connect java2s/password;

--DROP USER java2s;

           
         
  

grant all on
directory
DirName to User

  

grant all on director
y ext_data_files to s
cott
/

   
  

Grant permission to
system

  

grant select on george.
mytable to system;

   
   

Grant update
permission

  

create table sprockets (
        id number,
        description varch
ar2(200),
        quantity    numbe
r )
    /

grant update (id, descrip
tion)
       on sprockets
       to scott;

insert into sprockets (id
, description, quantity)
values( 1, 'Titanium', 25 
);
    commit;
-- connect scott/tiger
update george.sprockets s
et quantity = 3;

update george.sprockets s
et description = 'N';

drop table sprockets;

   
  

Column-Level Object
Privileges

  

GRANT UPDATE (product_id) O
N sales01 TO salapati;
--

   
  
 add the additional ALL
clause to a GRANT
statement in order to
grant all possible
privileges

  

GRANT SELECT,INSERT,UPDATE,DE
LETE on EMPLOYEES TO oe;

GRANT ALL ON EMPLOYEES TO oe;

Procedure, function, and

package privileges:
EXECUTE and DEBUG

  

GRANT EXECUTE ON employee_pkg T
O hr;

   
  

Materialized view
privileges: SELECT and
QUERY REWRITE

  

GRANT QUERY REWRITE TO userName;

   
  

Directory privileges: READ

and WRITE
   

GRANT READ ON DIRECTORY bfile_dir 
TO userName;

   
  

grant one type or all types of

privileges at once on any given
object.

  

GRANT SELECT ON ods_process TO teste
r;

GRANT INSERT ON ods_process TO teste
r;

GRANT ALL ON ods_servers TO tester;

--

   
  

Grant Permissions

    
SQL>
SQL> CREATE USER Alice IDENTIFIED BY s
implepassword;

User created.

SQL>
SQL> GRANT SELECT, INSERT ON emp TO Al
ice WITH GRANT OPTION;

SQL>
SQL> drop user alice;

User dropped.
 SQL>
SQL>
SQL>
SQL>

   

Alter user to lock or unlock the

account

SQL> create user oracle_admin  identifie
d by oracle_admin;

User created.

SQL>
SQL> grant create session, dba to oracle
_admin;

Grant succeeded.

SQL>
SQL> alter user oracle_admin account loc
k;

User altered.

SQL>
SQL> alter user oracle_admin account unl
ock;

User altered.

SQL>
SQL> -- connect oracle_admin/oracle_admi
n;
SQL>
SQL> DROP USER oracle_admin;

User dropped.

SQL>

           
       

unlock user
  

alter user joe account unlock;

creating a profile with the time

period for locking the account:

CREATE PROFILE test_profile
LIMIT FAILED_LOGIN_ATTEMPTS 5
PASSWORD_LOCK_TIME UNLIMITED

Revoking roles

-- Only the DBA is allowed to revoke roles fr
om users and other roles.

-- Revoke the OrderEntry role from java2s

REVOKE OrderEntry FROM java2s;

           
       

Revoking Object Privileges

  

REVOKE SELECT, INSERT ON ods_process FROM teste
r;

   

Revoke Permissions
    
SQL>
SQL>
SQL> CREATE USER Alice IDENTIFIED BY simplepasswo
rd;

User created.

SQL>
SQL> GRANT SELECT, INSERT ON emp TO Alice WITH GR
ANT OPTION;
SQL>
SQL> REVOKE INSERT ON emp FROM Alice;
SQL>
SQL>
SQL> drop user alice;

User dropped.

SQL>

   
    
    

Revoke Permissions with Cascade

   
SQL>
SQL>
SQL> CREATE USER Alice IDENTIFIED BY simplepassword
;

User created.

SQL>
SQL> GRANT SELECT, INSERT ON emp TO Alice WITH GRAN
T OPTION;
SQL>
SQL>
SQL> REVOKE INSERT ON emp FROM Alice CASCADE;
SQL>
SQL> drop user alice;

User dropped.

SQL>

   
    

Use schema in stored procedure

  

create table sprockets (
        id number,
        description varchar2(200),
        quantity    number )
    /
    
create or replace procedure add_sprocket
    as
    begin
    insert into george.sprockets values( 6, 'Aluminu
m', 10 );
    end;
    /

drop table sprockets;

Sequence privileges: ALTER and SELECT

GRANT SELECT
ON customers_seq TO userName;

--

Grant CREATE SESSION privilege to a user,

hr, allowing hr to log on to an Oracle database

GRANT CREATE SESSION TO hr;

--

grant a system privilege to PUBLIC

 
 GRANT CREATE SESSION TO public;

--

GRANT CREATE SESSION TO newUserName

in order to log in

 
SQL>
SQL> CREATE USER newUserName IDENTIFIED BY password;

User created.

SQL>
SQL> SELECT default_tablespace, temporary_tablespace
  2  FROM dba_users
  3  WHERE username='NEWUSERNAME';

DEFAULT_TABLESPACE             TEMPORARY_TABLESPACE
------------------------------ -----------------------------
-
SYSTEM                         TEMP

SQL>
-- sqlplus newUserName/password

SQL> GRANT CREATE SESSION TO newUserName;

Grant succeeded.

SQL>
SQL> DROP USER newUserName;

User dropped.

SQL>

Create synonym for table

  
SQL>
SQL> CREATE TABLE source_log
  2  (backup_date    DATE,
  3   backup_time    VARCHAR2(6),
  4   last_ddl_time  DATE,
   5   owner          VARCHAR2(30),
  6   name           VARCHAR2(30),
  7   type           VARCHAR2(12),
  8   line           NUMBER,
  9   text           VARCHAR2(2000))
 10  /

Table created.

SQL> CREATE INDEX source_log_idx1 ON source_log
  2    (last_ddl_time, owner, name)
  3  /

Index created.

SQL> CREATE or replace PUBLIC SYNONYM source_log FOR source_l
og
  2  /

Synonym created.

SQL> GRANT SELECT, INSERT ON source_log to PUBLIC
  2  /

Grant succeeded.

SQL>
SQL> drop table source_log;

Table dropped.

SQL>
SQL>

   

Creating a Public Synonym

  

create public synonym employees for hr.employees;

   

Creating a Private Synonym

  

create synonym addresses for hr.locations;

desc addresses
    

drop synonym addresses;

  

Creating a Private Synonym

create synonym addresses for hr.locations;

desc addresses

drop synonym addresses;

   
  

drop public synonym;

  

drop public synonym synonymName;

   

create synonym for a view

SQL>
SQL> create table emp(
  2           emp_id                integer         primary key
  3          ,lastname               varchar2(20)    not null
  4          ,firstname              varchar2(15)    not null
  5          ,midinit                varchar2(1)
  6          ,street                 varchar2(30)
  7          ,city                   varchar2(20)
  8          ,state                  varchar2(2)
  9          ,zip                    varchar2(5)
 10          ,shortZipCode                   varchar2(4)
 11          ,area_code              varchar2(3)
 12          ,phone                  varchar2(8)
 13          ,company_name           varchar2(50));

Table created.

SQL>
SQL>
SQL> insert into emp(emp_id,lastname,firstname,midinit,street,city,stat
e,zip,shortZipCode,area_code,phone,company_name)values
  2                      (1,'Jones','Joe','J','1 Ave','New York','NY','
11202','1111','212', '221-4333','Big Company');

1 row created.

SQL> insert into emp(emp_id,lastname,firstname,midinit,street,city,stat
e,zip,shortZipCode,area_code,phone,company_name)values
  2                      (2,'Smith','Sue','J','1 Street','New York','NY
','11444','1111','212', '436-6773','Little Company');

1 row created.

SQL> insert into emp(emp_id,lastname,firstname,midinit,street,city,stat
e,zip,shortZipCode,area_code,phone,company_name)values
  2                      (3,'X','Peggy','J','1 Drive','New York','NY','
45502','2222','212', '234-4444','Medium Company');

1 row created.

SQL>
SQL> create or replace view phone_list as
  2  select emp_id, firstname || ' ' || midinit || '. ' || lastname as 
name,'(' || area_code || ')' || phone as telephone#
  3  from emp;

View created.

SQL>
SQL>
SQL>
SQL> desc phone_list
 Name                                                                   
                               Null?    Type
 ----------------------------------------------------------------------
------------------------------- -------- ------------------------------
--------------------------------------
 EMP_ID                                                                 
                               NOT NULL NUMBER(38)
 NAME                                                                   
                                VARCHAR2(39)
 TELEPHONE#                                                             
                                VARCHAR2(13)

SQL> select * from phone_list;

    EMP_ID NAME                                    TELEPHONE#
---------- --------------------------------------- -------------
         1 Joe J. Jones                            (212)221-4333
         2 Sue J. Smith                            (212)436-6773
         3 Peggy J. X                              (212)234-4444

3 rows selected.
SQL> create synonym phones for phone_list;

Synonym created.

SQL> desc phones
 Name                                                                   
                               Null?    Type
 ----------------------------------------------------------------------
------------------------------- -------- ------------------------------
--------------------------------------
 EMP_ID                                                                 
                               NOT NULL NUMBER(38)
 NAME                                                                   
                                VARCHAR2(39)
 TELEPHONE#                                                             
                                VARCHAR2(13)

SQL> select * from phones;

    EMP_ID NAME                                    TELEPHONE#
---------- --------------------------------------- -------------
         1 Joe J. Jones                            (212)221-4333
         2 Sue J. Smith                            (212)436-6773
         3 Peggy J. X                              (212)234-4444

3 rows selected.

SQL>
SQL> select view_name from user_views;

VIEW_NAME
------------------------------
EMP_HQ
V
AVG_SAL
EMPDEPT_V
DEPT_SAL
ALL_ORACLE_ERRORS
INVENTORY_VIE
TOP_EMP
EMP_BONUS
SHARED
PHONE_LIST

11 rows selected.

SQL>
SQL> select synonym_name, table_name from user_synonyms;

SYNONYM_NAME                   TABLE_NAME
------------------------------ ------------------------------
PHONES                         PHONE_LIST

1 row selected.
 SQL>
SQL>
SQL> drop synonym phones ;

Synonym dropped.

SQL>
SQL>
SQL>
SQL> drop table emp;

Table dropped.

   

Create synonyms for dropped

tables

 
SQL>
SQL>
SQL> SELECT 'CREATE PUBLIC SYNONYM ' || 
table_name
  2         || ' for ' || user || '.' |
| table_name || ';'
  3  FROM DBA_TABLES
  4  WHERE dropped = 'NO';

no rows selected

SQL>

   
  

Viewing synonyms and what they

reference.

SQL> select owner, synonym_name, table_owner
, table_name
  2    from all_synonyms
  3   where synonym_name='JOBS' and rownum < 
6;

no rows selected

SQL>
 SQL>
SQL>

   
  

Common System Privileges

Privilege                  Description

CREATE SESSION             Enables a user to connect t
o the database instance. 

CREATE TABLE               Enables a user to create a 
table in his or her schema.

CREATE VIEW                Enables a user to create a 
view in his or her schema.

CREATE SYNONYM             Enables a user to create a 
private synonym in his or her schema.

CREATE PUBLIC SYNONYM      Enables a user to create a 
synonym in the SYS schema that can be used by 
                           any user in the database.

CREATE PROCEDURE           Enables a user to create a 
stored procedure or function is his or her 
                           schema.

CREATE SEQUENCE            Enables a user to create a 
sequence in his or her schema.

CREATE TRIGGER             Enables a user to create a 
trigger in his or her schema on a table in his 
                           or her schema.

CREATE USER                Enables a user to create an
other user in the database and specify the 
                           password and other settings 
at creation time.

ALTER USER                 Enables a user to modify th
e user information of another user in the 
                           database, including changin
g the user's password.

DROP ANY TABLE             Enables a user to drop any 
table in any schema in the database.

ALTER ANY TABLE            Enables a user to alter any 
table in any schema in the database.

BACKUP ANY TABLE           Enables a user to make a co
py of any table in the database using the 
                           Export utility (exp).

SELECT ANY TABLE           Enables a user to issue a S
ELECT statement against any table 
                           in the database.

INSERT ANY TABLE           Enables a user to issue an 
INSERT statement against any table in 
                           the database.

UPDATE ANY TABLE           Enables a user to issue an 
UPDATE statement against any table in the 
                           database.

DELETE ANY TABLE           Enables a user to issue a D
ELETE statement against any table in the 
                           database.

           
       

Grant permissions and then check the

dba_col_privs table

grant references ( employee_id ),update( first_nam
e,last_name,job_id,manager_id,department_id )
on hr.employees to scott;

select *
from dba_col_privs
/

Grant create related permission

GRANT create session
     , create table
      , create procedure
     , create view
     , create synonym
     , create public synonym
     , drop public synonym
     , alter session
TO ppl;

Table privileges: SELECT, ALTER, DELETE,

INSERT, and UPDATE

GRANT DELETE ON bonuses TO userName

--

Grant with user name and table name

GRANT SELECT ON Student.ClassEnrollment TO Susan
WITH GRANT OPTION;
   
           

Grant the CREATE TABLE privilege to DROPME

grant create session, create table  to dropme;

Grant permission for a table to a user

grant select on mytable to scott with grant option;
  

Grant select on a table with synonym

connect scott/tiger
grant select on george.mytable to system;

View privileges: SELECT, DELETE, INSERT, and UPDATE

GRANT SELECT, UPDATE
ON emp_view TO PUBLIC;

--

Remove user

   

SQL>
SQL>
SQL> CREATE USER Alice IDENTIFIED BY simplepassword;

User created.

SQL>
SQL> ALTER USER Alice IDENTIFIED BY complicatedpassword;

User altered.

SQL>
SQL>
SQL> drop user alice;

User dropped.

SQL>
SQL>
SQL>