MT0*_*MT0 6 oracle plsql grant
As User1 I have the table:
CREATE TABLE USER1.test ( id NUMBER );
As User2 I have the procedure:
CREATE PROCEDURE USER2.passInATestId(
in_id USER1.TEST.ID%TYPE
)
IS
BEGIN
NULL;
END;
/
However, this fails to compile with:
PLS-00201: identifier 'USER1.TEST' must be declared
If I grant the REFERENCES permissions
GRANT REFERENCES ON USER1.TEST TO USER2;
Then I get:
PLS-00904: insufficient privilege to access object USER1.TEST
If I grant the SELECT privilege then it will compile - however, User2 can then perform selects on the table and I do not want them to do this directly. Is there a privilege I can use that allows me to reference the type of a column without also granting the ability to SELECT from the table?
SUBTYPE一种可能的解决方案是在 拥有的包中创建USER1:
CREATE PACKAGE USER1.TYPE_DEFINITIONS
AS
SUBTYPE TYPE__TEST__ID IS USER1.TEST.ID%TYPE;
END;
/
然后:
GRANT EXECUTE ON USER1.TYPE_DEFINITIONS TO USER2;
然后该过程可以重写为:
CREATE PROCEDURE USER2.passInATestId(
in_id USER1.TYPE_DEFINITIONS.TYPE__TEST__ID
)
IS
BEGIN
NULL;
END;
/
我更喜欢一种允许变量类型声明直接引用列类型的解决方案,而不是通过一定程度的间接访问(但这似乎不可能)。