Table access among Oracle database users

Oracle The database has a user concept , I understand different users as different libraries .

Simply speaking , I call the trading pool TRADE user , I call the customer management library ACCOUNT user .

Under normal circumstances , Each user accesses its own table , But when cross user access is required , We have three choices .

One . The transaction library gives the customer library the authority to query the transaction table , We call it authorization , Keyword is grant.

Now let's simulate from A user , hold ableName The operation authority of is given to B user , The following authorization statement should be in A Library execution .

1. SELECT * FROM  dba_users; -- Query all users in the database

2.GRANT SELECT ON tableName to B;-- Authorization inquiry ( Will table tableName The right of inquiry is granted to B)

GRANT INSERT ON tableName to B;-- Authorization to insert ( Will table tableName The right to insert is granted to B)

GRANT UPDATE ON tableName to B;-- Authorization update ( Will table tableName The right to renew is granted to B)

GRANT UPDATE ON tableName to Bwith grant option; -- The authority to update is transferred to the user , The user can continue to authorize other users ;

GRANT EXECUTE  ON ProceDureName to B;-- Authorization stored procedure

3.Revoke select on tableName from B; -- Revoke the permission of query table ;

Revoke all on tableName from B;-- Withdrawal form tableName All permissions of ;

4.SELECT  * from dba_tab_privs where grantee=upper('DC_CH');-- Query the object permissions given to a user

SELECT * from dba_sys_privs where grantee=upper('DC_CH');-- Query the system permissions owned by a user

SELECT*  from session_privs ;-- Valid system permissions for the current session

such , We can directly from B The user action A User tableName This watch , The corresponding statement is

SELECT * from A.tableName;

UPDATE A.tableName set... wait

Two . Increase the granularity of operations , send B Users operate like their own tables A Tables in users , Introduce the concept of synonyms

The benefits of synonyms

1、 No memory space , Save a lot of database space

2、 Simplified access to database objects

3、 Improve the security of database object access

4、 The use scope of the extended database , Can achieve seamless interaction between different database users ; Synonyms can be created on a different database server , Connect through the network

1. stay A Create private synonyms in the user

CREATE SYNONYM TB FOR tableName;

such SELECT * FROM TB= SELECT * FROM tableName.  

Suppose we have granted different permissions to this table B user , Then we can start from B China and Israel SELECT * FROM A.TB In the form of tableName.

2. stay A Create common synonyms among users

CREATE PUBLIC SYNONYM TB FOR tableName;

In this way, all users under this library can directly SELECT * FROM TB Mode of access tableName.

--  Delete public synonyms ：
drop public synonym TB ;

--  Delete private synonyms ：
drop synonym TB ;

3、 ... and . A little more granular ,B The user can operate A All the tables below the user , introduce DB Link.

1. Establish database connection through interface tools .

2. adopt SQL Statement to establish a database connection

  create database link DS
  connect to DS_CH identified by ds
  using '192.168.1.244/orch';

from B User access A The user's table is SELECT * FROM [email protected]

This completes the introduction of the three library user access methods , How to choose , It should be decided according to the actual situation .