Object permissions and System permissions
Creating a table and creating a session is a system privilege;
The system administrator has permission to access other tables
Log in with Sys
Sqlplus Sys/on_change_install as SYSDBA;
Create User Wangwu
Create user Wangwu identified by WANGWU;
System permissions
Grant create session to WANGWU;
Grant CREATE table to Wangwu;
Grant unlimited tablespace to Wangwu;
Grant CREATE table to public;//the permission to create tables to all users;
Revoke system permissions
Revoke create session from WANGWU;
Revoke CREATE table from WANGWU;
Revoke unlimited tablespace from WANGWU;
View System Permissions
select * from User_sys_privs;
Log in as Wangwu
Sqlplus Wangwu/wangwu;
Create a table Mytab
CREATE TABLE Mytab (ID int,name varchar (20));
Object permissions
Grant All/select/insert/update/delete on Mytab to Lisi;
Revoke object permissions
Revoke all/select/insert/update/delete on Mytab from Lisi;
View Object Permissions
select * from User_tab_privs;
Object permissions can be controlled to columns
Grant update (name) on Mytab to Lisi;
Grant Insert (ID) on Mytab to Lisi;
View Column Permissions
select * from User_col_privs;
Note:
Queries and deletions cannot be controlled to columns
Note the point:
1, each table belongs to a specific user;
2, if you want to manipulate the table of other users, you need to grant the appropriate permissions;
3, when accessing other users ' tables, prefix user names, such as wangwu.mytable, should be added.
4, the other user's table is inserted, the update operation, the need to commit (commit), or the table owner can not modify the table structure;
who owns who authorized, which means that only the owner of the table can grant permissions to the table operation to other people
Public users are referring to all users
The ORACL permission can control the column,
Note: However, only inserts and updates can be controlled to columns, and queries and deletions cannot be controlled to columns.
disconnecting/connecting to a database
Disconn/conn
ALTER TABLE MyTable add name varchar (10)