Site icon IT Tutorial

Oracle Roles & Privileges

I will explain Oracle Roles & Privileges in this post.

 

Oracle Roles

If lots of types of users are using the database, you need to classfied the users with the Roles. Because If you use the Roles, then you won’t grant the users one by one, you will only grant the roles not users. When you change the privilige of Role, all users using this role will be effected.

 

 

 

Oracle Roles are used to localize the administration of objects. Oracle roles are most helpful when large numbers of users will need the same system and object privileges

 

The syntax for creating a role in Oracle is as follows.

CREATE ROLE role_name
[ NOT IDENTIFIED | 
IDENTIFIED {BY password | USING [schema.] package | EXTERNALLY | GLOBALLY } ;

 

 

The following examples are Oracle-defined roles:

 

The syntax for granting table privileges to a role in Oracle is:

GRANT privileges ON object TO role_name;

The syntax for revoking table privileges from a role in Oracle is:

REVOKE privileges ON object FROM role_name;


privileges
The privileges to assign to the role. It can be any of the following values:
Privilege Description
SELECT Ability to perform SELECT statements on the table.
INSERT Ability to perform INSERT statements on the table.
UPDATE Ability to perform UPDATE statements on the table.
DELETE Ability to perform DELETE statements on the table.
REFERENCES Ability to create a constraint that refers to the table.
ALTER Ability to perform ALTER TABLE statements to change the table definition.
INDEX Ability to create an index on the table with the create index statement.
ALL All privileges on table.

 

Roles are created and managed by DBAs .

 

Role Creation in Oracle

Now let’s create a role for developers :

CREATE ROLE DEVELOPER_ROLE;

 

Our role is now ready to grant :

Give the priviliges to the role as follows.

GRANT SELECT ANY TABLE TO DEVELOPER_ROLE;
GRANT UPDATE ANY TABLE,INSERT ANY TABLE TO DEVELOPER_ROLE;

Now let’s give this role to the user named mdrn that we created before and after that mdrn user will have all grants or privileges to be given to developer_role .

GRANT DEVELOPER_ROLE TO MDRN;

 

 

For example; You want to create the read_only_users role and all reporting users are granted with this role.

You can create this role and grant any privilige to this role as follows.

SQL> Create role read_only_user;

SQL> Grant select any table to read_only_user;

SQL> Grant read_only_user to MSDB;

 

 

If you want to learn more details about Grant & Priviliges in Oracle, read the following post.

How to Grant and Revoke Privileges | Create and Drop any User in Oracle Database

 

 

Do you want to learn Oracle Database for Beginners, then Click and read the following articles.

Oracle Database Tutorials for Beginners ( Junior Oracle DBA )

 

Exit mobile version