stackoom
  简体   繁体   中英

how to create table dynamically through procedure from another schema

 原文  2019-12-20 06:29:53       oracle/ plsql/ database-administration

Question

I have a requirement to create the tables dynamically through procedure from another schema. here are the details..

user1 -- table T1_YYYMM where YYYYMM= year,month e.g T1_201912 needs to be created on this schema.
user2 -- procedure X to create T1_YYYYMM is created on this schema.
user3 -- want to access the procedure X from user3 which should create the tables on user1.

user3 has been given execute permission on p1 but still i am getting permission denied.I dont have access to user1 and user2.All I can access through user3 only. I should not be able to create any table other than T1_YYYYMM on user1.

please advise on this.

from user2 i am able to execute p1 but when I am trying this from user3 i am getting the insufficient privelege error.

grant create any table to user2 -- done 

create or replace PROCEDURE USER2.x (owner_name in varchar2 , 
                                 table_name in varchar2 
                                     ) authid current_user
is
  sql_string VARCHAR2(4000);
  l_owner varchar2(30) := 'USER1';
  l_tab varchar2(100)  := 'T1'; 
  l_month varchar2(30) := to_char(add_months(sysdate),'YYYYMM');
BEGIN
IF  l_owner=owner_name AND l_tab = table_name then
  sql_string := 'CREATE TABLE '||l_owner||'.'||l_tab||'_'||l_month||' AS SELECT * FROM USER1.T2 WHERE 1=2';
  EXECUTE IMMEDIATE sql_string;
   dbms_output.put_line('Table created :'||l_tab||'_'||l_month);

 EXECUTE IMMEDIATE 'GRANT DELETE, INSERT, SELECT, UPDATE ON '||l_tab||'_'||l_month||' TO V_ROLE  ';
ELSE 
  dbms_output.put_line('Permission Denied...');
END IF;
EXCEPTION 
  WHEN OTHERS  THEN 
   DBMS_OUTPUT.PUT_LINE (SQLERRM);
END X;
/


grant execute on x to USER3 ;--DONE

/

EXEC USER3.X('USER1','T1');

ORA-01031: insufficient privileges


PL/SQL procedure successfully completed.

1 answers

solution1
 0  2019-12-20 07:04:14

You missing link is the privilege

 grant create any table to user2;

without it you observe

 ORA-01031: insufficient privileges

Full Setup

1) grant create any table to user2 -- done by DBA

2) create procedure in user2 

create procedure x as
begin
  execute immediate 'create table user1.tab1 (x number)';
end;
/

3) grant execute on x to USER3 

 grant execute on x to USER3;

4) USER3 runs the procedure 

begin 
  user2.x;
end;
/

See also here - simple CREATE TABLE privilege is not sufficient to create tables in other schemas.

Also note, that this privilege must be given direct to the user (ie not via a role ) to be able to be used in a procedure.

Alternatives

As pointed out in a comment, a more secure alternative is to move the procedure from user2 to user1 , ie the procedure and the table to be created would be in the same schema.

In that case only execute privilege on the procedure must be granted to USER3 .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Create stored procedure with table from another schema throws PLS-00201 oracle: populate a table from another schema using PL/sql procedure Create table on another schema Copy table from another schema doesn't work dynamically How do I create a table dynamically with dynamic datatype from a PL/SQL procedure How to Move a Stored Procedure in Oracle SQL from one Schema to Another? How to partition a table copied from another schema? Oracle schema user cannot create table in procedure Execute procedure dynamically from another procedure How to create procedure to select from table as parameter
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM