In Oracle databases, user permissions are divided into two types (here we do not discuss dba or dbopr permissions, but only the permissions of common users ), system Privilege System permission and User Table Privilege User data Table permission.
1. First, create a user. The following commands can be used to create a user, provided that you must Log On As a dba (if you are not a DBA, do not check it ):
Create user DB_USER identified by DB_USER_PW 'create user DB_USER with the password DB_USER_PW
Grant create session to DB_USER permission to create a session for the user
Grant resource to DB_USER
2. after a user is created, Scheme of the user is automatically generated in the Oracle database system (it can be understood as all tables belonging to the user, view .... object set ).
This user can grant access permissions to these objects to other system users.
3. After the user logs on with sqlplus, the following command shows the user's permissions (this part is taken from the CNOUG website ):
This user's permission to read other user objects:
Select * from user_tab_privs;
System permissions of the User:
Select * from user_sys_privs;
4. System Privilege list
PRIVILEGE NAME PROPERTY
------------------------------------------------------------
-228 administer database trigger 0
-227 administer resource manager 1
-161 alter profile 0
-189 create any library 0
-201 create any operator 0
-224 create any outline 0-141 create any procedure 0
-120 create public database link 0
-90 create view 0
-50 delete any table 0
-220 dequeue any queue 1
-63 drop any cluster 0
-223 drop any context 0
-217 drop any dimension 0
-178 drop any directory 0
-73 drop any index 0
-208 drop any indextype 0
-191 drop any library 0
-203 drop any operator 0
-226 drop any outline 0
-209 extends any type 0-186 extends type 0
-139 force any transaction 0
-138 force transaction 0
-199 WRITEUP 0
-196 WRITEUP DBHIGH
......
......
-- Determine the role Permissions
Select * from role_tab_privs; the data dictionary view contains the object permissions granted to the role.
Select * from role_role_privs; contains the role assigned to another role
Select * from role_sys_privs; includes the system permissions granted to the role
-- Determine the permissions granted to the user account
Select * from DBA_tab_privs; grant the object permission of the user account directly.
Select * from DBA_role_privs; role granted to the user account
Select * from DBA_sys_privs; grant the system permission of the user account
View Current User Permissions:
SQL> select * from session_privs;
PRIVILEGE
----------------------------------------
CREATE SESSION
CREATE TABLE
CREATE CLUSTER
CREATE SYNONYM
CREATE VIEW
CREATE SEQUENCE
CREATE PROCEDURE
CREATE TRIGGER