[英]oracle 12c r2 give selections permissions to user
I'm trying to give select permission to "read" user but when I enter with the user I can not do anything.我正在尝试授予“读取”用户的选择权限,但是当我与用户一起输入时,我无法执行任何操作。 it gives me the following failure:它给了我以下失败:
SQL> desc table
ERROR:
ORA-04043: object enfermeria does not exist
to give the permissions I have done this:授予我这样做的权限:
CREATE USER books_admin IDENTIFIED BY MyPassword;
GRANT CONNECT TO books_admin;
GRANT CONNECT, RESOURCE, DBA TO books_admin;
GRANT CREATE SESSION GRANT ANY PRIVILEGE TO books_admin;
GRANT UNLIMITED TABLESPACE TO books_admin;
GRANT
SELECT,
ON
schema.books
TO
books_admin;
As 'books_admin' user, try:作为“books_admin”用户,尝试:
desc schema.books
If that works, try:如果可行,请尝试:
create [public] synonym books on schema.books;
desc books;
Boy , you granted whole lot of things to that user, vast majority of the privileges are unnecessary, some of them being even dangerous (you shouldn't really grant DBA like that).男孩,您授予该用户很多东西,绝大多数权限是不必要的,其中一些甚至是危险的(您不应该真正授予 DBA 这样的权限)。 Also, you should try to post what you really did, and not make up stuff (you are trying to describe table , while Oracle responded that enfermeria doesn't exist)?此外,您应该尝试发布您真正做过的事情,而不是编造东西(您正在尝试描述table ,而 Oracle 回应说enfermeria不存在)?
Here's a suggestion you might, or might not accept.这是您可能接受或不接受的建议。
I'm going to connect to my XE database as a privileged user (SYS in this case; if there's another one you use for administration purposes, use it) in order to create the read user .我将作为特权用户连接到我的 XE 数据库(在本例中为 SYS;如果您使用另一个用于管理目的,请使用它)以创建read user 。
C:\>sqlplus sys@xe as sysdba
SQL*Plus: Release 11.2.0.2.0 Production on Uto Lis 23 21:32:36 2018
Copyright (c) 1982, 2014, Oracle. All rights reserved.
Enter password:
Connected to:
Oracle Database 11g Express Edition Release 11.2.0.2.0 - 64bit Production
SQL> create user read_user identified by ru
2 default tablespace users
3 temporary tablespace temp
4 quota unlimited on users;
User created.
SQL> grant create session to read_user;
Grant succeeded.
Notice what I granted to read_user: create session only.请注意我授予 read_user 的内容:仅创建会话。 So far, it is the only privilege it needs.到目前为止,这是它唯一需要的特权。 If it turns out that it needs something else, grant it, but refrain from granting roles like connect, resource, dba - that's not in the fashion any more.如果事实证明它需要其他东西,请授予它,但不要授予诸如连接、资源、dba 之类的角色——这不再流行了。
Now, connecting as user who owns a table I'd like to let read_user to select from.现在,作为拥有表的用户进行连接,我想让 read_user 从中进行选择。
SQL> connect scott/tiger@xe
Connected.
SQL> grant select on dept to read_user;
Grant succeeded.
Finally, connect as read_user and check what it sees:最后,以 read_user 身份连接并检查它看到的内容:
SQL> connect read_user/ru@xe
Connected.
SQL> desc dept
ERROR:
ORA-04043: object dept does not exist
Ah!啊! The same error you got!你得到了同样的错误! This is because read_user doesn't have DEPT table available - it doesn't exist in his schema, there's no public synonym for it, so - he should precede table name with table's owner name (and that's Scott):这是因为 read_user 没有可用的 DEPT 表 - 它不存在于他的模式中,没有公共同义词,所以 - 他应该在表名之前加上表的所有者名称(这就是 Scott):
SQL> desc scott.dept
Name Null? Type
----------------------------------------- -------- ----------------------------
DEPTNO NOT NULL NUMBER(2)
DNAME VARCHAR2(14)
LOC VARCHAR2(13)
SQL> select * from scott.dept;
DEPTNO DNAME LOC
---------- -------------- -------------
10 ACCOUNTING NEW YORK
20 RESEARCH DALLAS
30 SALES CHICAGO
40 OPERATIONS BOSTON
SQL>
Much better, don't you think?好多了,你不觉得吗?
In order not to specify owner's name, create a synonym to that table (still connected as the read_user):为了不指定所有者的名称,请创建该表的同义词(仍作为 read_user 连接):
SQL> create synonym dept for scott.dept;
create synonym dept for scott.dept
*
ERROR at line 1:
ORA-01031: insufficient privileges
Oops!哎呀! Can't do that, I don't have that privilege.不能那样做,我没有那个特权。 So - back to SYS, grant read_user a privilege so that he could create synonyms, back to read_user again and repeat the statement:所以 - 返回 SYS,授予 read_user 权限,以便他可以创建同义词,再次返回 read_user 并重复该语句:
SQL> connect sys@xe as sysdba
Enter password:
Connected.
SQL> grant create synonym to read_user;
Grant succeeded.
SQL> connect read_user/ru@xe
Connected.
SQL> create synonym dept for scott.dept;
Synonym created.
SQL> select * from dept;
DEPTNO DNAME LOC
---------- -------------- -------------
10 ACCOUNTING NEW YORK
20 RESEARCH DALLAS
30 SALES CHICAGO
40 OPERATIONS BOSTON
SQL>
I'd suggest you to read what I've written and apply that to your situation.我建议您阅读我写的内容并将其应用于您的情况。 Hopefully, you'll make it work.希望你能成功。 Good luck!祝你好运!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.