Oracle Learning Operations (7) Users, permissions, roles

One, Oracle users:

Second, the Authority

1. System Permissions:

SYS login to create a C # #test用户后, to the User C # #test授权, and with the propagation of:

sql> Create User C # #test identified by 123456 default tablespace users;

sql> Create User C # #test2 identified by 123456 default tablespace users;

Sql> Grant Create session, CREATE table to C # #test with admin option;

Authorization is successful.

C # #test用户就可以给之前创建完毕的c # #test2用户, authorize the permissions just to propagate create session,create table:

Sql> Grant Create session to C # #test2;

Authorization is successful.

Sql> grant CREATE table to C # #test2;

Authorization is successful.

SELECT * FROM

2. Object permissions:

Now the SYS user creates a table AA; View this table is this: SELECT * FROM sys. AA; Use the test user to view the SELECT * FROM sys. AA is not authorized; The prompt table or view does not exist; sys logs in and gives the test user permission to view the table:Grant Select on AA to test;Test, test will now be able to view the Sys. AA This table, but not update:update sys.  AA set name= ' hehe ' where id = 1; insufficient prompt permission; sys, grant test to modify the permissions of Table AA:Grant Update on AA to test;Test can modify the AA table; One of the authorizations is too cumbersome, SYS can grant all the permissions of the AA table to test:Grant all on AA to test;The test user now has all operation Sys. AA table, test now propagates these permissions to test2, prompting for insufficient permissions because test does not have these permissions; Grant SELECT on sys. AA to Test2;sys gives Test authorization sys. All permissions for the AA table, and with propagation characteristics:Grant all on AA to test with GRANT option;Test will operate SYS again. The AA table has permission to grant Test2: it will succeed;Grant SELECT on sys. AA to Test2;SYS recycles test for sys. Update permissions for AA tables:revoke update on AA from test;SYS recycles test, test2 all permissions for the AA table:revoke all on AA from Test, test2;third, the role:

SYS view role,select * from Dba_roles;

To create a role:

Create role Role_aa;

Grant this role some permissions:

Grant SELECT, UPDATE, INSERT, delete on AA to ROLE_AA;

Assign this role to the test user:

Grant ROLE_AA to test;

Test User select * FROM sys. AA will be able to view the table;

For example, to create a new user, assign a DBA authority, the user has a lot of permissions; Create user Zhangsan identified by 123456 default Tablespace users;grant dba to Zhangs An

Oracle Learning Operations (7) Users, permissions, roles