To list the grants made for objects, a user can query the following data dictionary views:
Table of Content - Listing privilege and role information in Oracle DBA |
➤ Listing all system privilege grants ➤ Listing object privileges granted to a user |
For the following examples, assume that the following statements are issued:
Sql>create role security_admin identified by honcho;
Sql>grant create profile, alter profile, drop profile,
Create role, drop any role, grant any role, audit any,
Audit system, create user, become user, alter user, drop user
To security_admin with admin option;
Sql>grant select, delete on sys.aud$ to security_admin;
Sql>grant security_admin, create session to swilliams;
Sql>grant security_admin to system_administrator;
Sql>grant create session to jward;
Sql>grant select, delete on emp to jward;
Sql>grant insert (ename, job) on emp to swilliams, jward;
If you want to enrich your career and become a professional in Oracle DBA, then enroll in "Oracle DBA Certification Training" - This course will help you to achieve excellence in this domain. |
The following query indicates all system privilege grants made to ROLES AND USERS:
Sql>select * from sys.dba_sys_privs;
Grantee privilege adm
————- —————– ———————–
Security_admin alter profile yes
Security_admin alter user yes
Security_admin audit any yes
Security_admin audit system yes
Security_admin become user yes
Security_admin create profile yes
Security_admin create role yes
Security_admin create user yes
Security_admin drop any role yes
Security_admin drop profile yes
Security_admin drop user yes
Security_admin grant any role yes
Swilliams create session no
Jward create session no
The following query returns all the roles granted to users and other roles:
Sql>select * from sys.dba_role_privs;
Grantee privilege adm
———- ————- ——————
Swilliams security_admin no
Related Article: Oracle DBA Tutorial for Beginners with Examples |
The following query returns all OBJECT PRIVILEGES (not including column-specific privileges) granted to the specified user:
Sql>select table_name, privilege, grantable from sys.dba_tab_privs
Where grantee = 'jward';
Table_name privilege grantable
————- —————– ——————-
Emp select no
Emp delete no
To list all the column-specific privileges that have been granted, use the following query:
Sql>select grantee, table_name, column_name, privilege
From sys.dba_col_privs;
Grantee table_name column_name privilege
———- ————— ————————-
Swilliams emp ename insert
Swilliams emp job insert
Jward emp name insert
Jward emp job insert
The dba_roles data dictionary view can be used to list all roles of a database and the authentication used for each role. For example, the following query lists all the roles in the database:
Wish to make a career in the world of Oracle DBA? Sign up for this online Oracle DBA Training in Hyderabad to enhance your career!
Sql>select * from sys.dba_roles;
Role password
———- —————
Connect no
Resource no
Dba no
Security_admin yes
Related Article: Oracle DBA Interview Questions for Freshers |
The role_role_privs, role_sys_privs, and role_tab_privs data dictionary views contain information on the privilege domains of roles.
For example, the following query lists all the roles granted to the system_admin role:
Sql>select granted_role, admin_option from role_role_privs where role = 'system_admin';
Granted_role adm
————— ———
Security_admin no
The following query lists all the system privileges granted to the security_admin role:
Sql>select * from role_sys_privs where role = 'security_admin';
Related Article: Tablespaces in Oracle DBA |
Role privilege adm
——– ——————- ————
Security_admin alter profile yes
Security_admin alter user yes
Security_admin audit any yes
Security_admin audit system yes
Security_admin become user yes
Security_admin create profile yes
Security_admin create role yes
Security_admin create user yes
Security_admin drop any role yes
Security_admin drop profile yes
Security_admin drop user yes
Security_admin grant any role yes
The following query lists all the object privileges granted to the security_admin role:
Sql>select table_name, privilege from role_tab_privs where role = 'security_admin';
Table_name privilege
————— —————-
Aud$ delete
Aud$ select
Our work-support plans provide precise options as per your project tasks. Whether you are a newbie or an experienced professional seeking assistance in completing project tasks, we are here with the following plans to meet your custom needs:
Name | Dates | |
---|---|---|
Oracle DBA Training | Dec 21 to Jan 05 | View Details |
Oracle DBA Training | Dec 24 to Jan 08 | View Details |
Oracle DBA Training | Dec 28 to Jan 12 | View Details |
Oracle DBA Training | Dec 31 to Jan 15 | View Details |
I am Ruchitha, working as a content writer for MindMajix technologies. My writings focus on the latest technical software, tutorials, and innovations. I am also into research about AI and Neuromarketing. I am a media post-graduate from BCU – Birmingham, UK. Before, my writings focused on business articles on digital marketing and social media. You can connect with me on LinkedIn.