Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Oracle - How to create a readonly user

Tags:

readonly

oracle

It's possible create a readonly database user at an Oracle Database? How?

like image 232
Guilherme Ferreira Avatar asked Sep 21 '11 15:09

Guilherme Ferreira

People also ask

How do I grant a read only access user?

To give the user access to the database from any host, type the following command: grant select on database_name. * to 'read-only_user_name'@'%' identified by 'password';

How do I create a read only database link in Oracle?

On whatever database the MASTER schema resides, you would need to create a new user (i.e. MASTER_READ_ONLY). Grant the MASTER_READ_ONLY user SELECT access on all of MASTER's tables (most likely via a role).

How do you make a view read only in Oracle?

Use the subquery_restriction_clause to restrict the defining query of the view in one of the following ways: WITH READ ONLY Specify WITH READ ONLY to indicate that the table or view cannot be updated.

How do I create a restricted mode in Oracle?

Start an instance (and, optionally, mount and open the database) in restricted mode by using the STARTUP command with the RESTRICT option: STARTUP RESTRICT; Later, use the ALTER SYSTEM statement to disable the RESTRICTED SESSION feature.

2 Answers

A user in an Oracle database only has the privileges you grant. So you can create a read-only user by simply not granting any other privileges.

When you create a user

CREATE USER ro_user  IDENTIFIED BY ro_user  DEFAULT TABLESPACE users  TEMPORARY TABLESPACE temp;

the user doesn't even have permission to log in to the database. You can grant that 

GRANT CREATE SESSION to ro_user

and then you can go about granting whatever read privileges you want. For example, if you want RO_USER to be able to query SCHEMA_NAME.TABLE_NAME, you would do something like

GRANT SELECT ON schema_name.table_name TO ro_user

Generally, you're better off creating a role, however, and granting the object privileges to the role so that you can then grant the role to different users. Something like

Create the role

CREATE ROLE ro_role;

Grant the role SELECT access on every table in a particular schema

BEGIN   FOR x IN (SELECT * FROM dba_tables WHERE owner='SCHEMA_NAME')   LOOP     EXECUTE IMMEDIATE 'GRANT SELECT ON schema_name.' || x.table_name ||                                    ' TO ro_role';   END LOOP; END;

And then grant the role to the user

GRANT ro_role TO ro_user;
like image 82
Justin Cave Avatar answered Oct 04 '22 00:10

Justin Cave

 
create user ro_role identified by ro_role; grant create session, select any table, select any dictionary to ro_role;
like image 29
Okloks Avatar answered Oct 04 '22 02:10

Okloks
Sign in to Comment

Related questions

Using Oracle XMLType column in hibernate
what is oradiag_<user> folder?
Find if a column in Oracle has a sequence
ORA-01799: a column may not be outer-joined to a subquery
What length can a network interface name have?
Does Oracle support full text search?
Pivoting rows into columns dynamically in Oracle
Setting Oracle size of row fetches higher makes my app slower?
Oracle PLS-00363: expression '' cannot be used as an assignment target
Get only date without time in Oracle
executing a function in sql plus
How do you select all columns, plus the result of a CASE statement in oracle 11g?
Split function in oracle to comma separated values with automatic sequence
Oracle SQL insert into with With clause
oracle varchar to number
How to see PL/SQL Stored Function body in Oracle
ORA-01031: insufficient privileges when selecting view
How to install Oracle Instant Client on a Mac?
Oracle SQL query for Date format
Oracle PL/SQL: how to get the stack trace, package name and procedure name

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!