What GRANT privileges are required to use %TYPE in variable declaration

Question

As User1 I have the table:

CREATE TABLE USER1.test ( id NUMBER );

As User2 I have the procedure:

CREATE PROCEDURE USER2.passInATestId(
  in_id USER1.TEST.ID%TYPE
)
IS
BEGIN
  NULL;
END;
/

However, this fails to compile with:

PLS-00201: identifier 'USER1.TEST' must be declared

If I grant the REFERENCES permissions

GRANT REFERENCES ON USER1.TEST TO USER2;

Then I get:

PLS-00904: insufficient privilege to access object USER1.TEST

If I grant the SELECT privilege then it will compile - however, User2 can then perform selects on the table and I do not want them to do this directly. Is there a privilege I can use that allows me to reference the type of a column without also granting the ability to SELECT from the table?

Answer 1

One possible solution is to create a SUBTYPE in a package owned by USER1:

CREATE PACKAGE USER1.TYPE_DEFINITIONS
AS
  SUBTYPE TYPE__TEST__ID IS USER1.TEST.ID%TYPE;
END;
/

Then:

GRANT EXECUTE ON USER1.TYPE_DEFINITIONS TO USER2;

The procedure can then be rewritten as:

CREATE PROCEDURE USER2.passInATestId(
  in_id USER1.TYPE_DEFINITIONS.TYPE__TEST__ID
)
IS
BEGIN
  NULL;
END;
/

I would prefer a solution that allows a declaration of the variable's type to directly reference the column's type rather than going through a level of indirection (but that does not seem to be possible).