Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How can i create read only database link in oracle

Tags:

oracle

Consider the following scenerio....

I have a master user MASTER.

I have a test user TEST.

For both users the table structure are same. Both user can be on different oracle servers.

then I create a database link as master_link by logging in as test user to sql plus using the following command

CREATE DATABASE LINK master_link CONNECT TO MASTER IDENTIFIED BY password USING (DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP) (HOST =192.168.9.139)(PORT = 1521))) (CONNECT_DATA = (SERVICE_NAME = orcl)))

By loggin in as test user and using the database link name i can modify the tables in master user. for example

update table1@master_link set display_title = 'PONDS' ;

This query updates the table table1 of master user.

My requirement is i want to give read only permission to database link (master_link) so that test user can't modify or insert into any table in master user by using database link.

like image 726
ponds Avatar asked Dec 28 '22 06:12

ponds

1 Answers

On whatever database the MASTER schema resides, you would need to create a new user (i.e. MASTER_READ_ONLY). Grant the MASTER_READ_ONLY user SELECT access on all of MASTER's tables (most likely via a role). Optionally, create either public synonyms or private synonyms in the MASTER_READ_ONLY schema that reference the objects in MASTER. Then, when you create the database link, use the MASTER_READ_ONLY account rather than the MASTER account.

Something like

As a DBA

CREATE USER master_read_only
  IDENTIFIED BY password2;

GRANT create session, create synonym
   TO master_read_only;

CREATE ROLE master_ro_role;

GRANT master_ro_role
   TO master_read_only;

As MASTER

BEGIN
  FOR x IN (SELECT * FROM user_tables)
  LOOP
    EXECUTE IMMEDIATE 
      'GRANT SELECT ON master.' || x.table_name || 
        ' TO master_ro_role';
  END LOOP;
END;

As MASTER_READ_ONLY

BEGIN
  FOR x IN (SELECT * FROM all_tables WHERE owner='MASTER')
  LOOP
    EXECUTE IMMEDIATE 
      'CREATE SYNONYM ' || x.table_name || 
        ' FOR master.' || x.table_name;
  END LOOP;
END;

On the database where the TEST user has been created

CREATE DATABASE LINK master_link 
  CONNECT TO master_read_only 
  IDENTIFIED BY password2 
  USING (DESCRIPTION = 
          (ADDRESS_LIST = 
            (ADDRESS = 
              (PROTOCOL = TCP) 
              (HOST =192.168.9.139)
              (PORT = 1521))) 
            (CONNECT_DATA = (SERVICE_NAME = orcl)))
like image 142
Justin Cave Avatar answered Jan 28 '23 11:01

Justin Cave
Sign in to Comment

Related questions

Oracle joins ( left outer, right, etc. :S )
Performance of dynamic SQL vs stored procedures on Oracle
Why I cannot cast oracle BLOB from native java Blob
Oracle: Variable number of parameters to a stored procedure
Oracle performance using functions in where clause
Error with NHibernate 2.1 and Oracle 10g client
Modeling One-to-Constant Relationship
What do references to OLD evaluate to in the WHEN cause of an Oracle insert trigger?
What is the use of TNS_ADMIN variable in Oracle?
Hibernate > CLOB > Oracle :(
Need help in tuning a sql-query
Global Temporary Table Concurrency
Is there a way to rollback and exit a psql script on error?
Oracle function always returning null
Why would this query cause a Merge Cartesian Join in Oracle
Adding a unique constraint on calculated value of a column
Oracle: How do I grab a default value when a more specific value is null from within the same query?
Convert date from one format to another using SQL*Loader control file
SQL query to get group by and distinct values at the same time
Oracle rename columns from select automatically?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!