There are three kinds of permissions for Oracle:
Object Privileges Objects Permissions
Role Privileges Roles Permissions
System Privileges Systems Permissions
(i), object permissionsIn general, object permissions are for a user access to certain tables, views, functions, and stored procedures
Grant SELECT, INSERT, UPDATE, delete on test_table to Test_user; Give the user test_user to the table test_table additions and Deletions Change permissions grant execute on f_zsd_test to Test_user;
Grant execute on Pro_zsd_test to Test_user; Grants user Test_user Execute permissions on functions and stored Procedures grant SELECT, INSERT, UPDATE, delete on view_p_test to Test_user; View View_p_test additions and deletions Change permissions
(ii), role permissions, the most basic is the access to connect and resource
(1). Connect role:
-Is the typical right to grant the end user the most basic
Alter session--Modify sessions
Create CLUSTER--Build a cluster
Create DATABASE link
Create SEQUENCE-Create sequence
Create session--Set up sessions
Create synonym--create synonyms
Create View--Build the Views (2). RESOURCE role:--is granted to developers
Create CLUSTER--Build a cluster
Create PROCEDURE--build process
Create SEQUENCE-Create sequence
CREATE table--Build tables
Create TRIGGER--Create a trigger
Create type--build types can be found from dba_sys_privs (note that this must be logged in as a DBA role):
SELECT * from Dba_sys_privs t where t.grantee= ' RESOURCE ' ORDER by Priilege; You can view the permissions of the resource role
SELECT * from Dba_sys_privs t where t.grantee= ' CONNECT ' ORDER by Priilege; You can view the permissions of the Connect role so, generally in the enterprise, to the average user, will only give connect permissions, let him only a few look, and link database operation. Have a session of their own
For developers, connect and resource will be given, because, give developers the ability to create.
(c), System permissions
System permissions that restrict all objects (for example, stored procedures, tables, clusters, users, sequences, and so on)
Grant create any cluster to test;
Grant Create any index to test;
Grant create any procedure to test;
Grant create any role to test;
Grant Create rollback segment to test;
Grant create any sequence to test;
Grant create any synonym to test;
...... You can view the relevant System permission list usage scenarios:
When you configure a production library to have a user test, the user is just a read-only user, then
He would normally give him a select any table system permissions
Grant Select any table to test; is to give the user test query any table, the above for personal notes, learning.
