Friday, November 11, 2011

List of Users/Roles having privilege on TABLE


This script will display the list of users and roles  hving privileges on a specific table also showing privileges granted through roles.
SELECT     grantee || ' Through role ' || granted_role ge, 'SELECT' priv
      FROM dba_role_privs
START WITH granted_role IN (SELECT grantee
                              FROM dba_tab_privs
                             WHERE PRIVILEGE = 'SELECT')
CONNECT BY PRIOR grantee = granted_role
UNION
SELECT     grantee || ' Through role ' || granted_role ge, 'UPDATE' priv
      FROM dba_role_privs
START WITH granted_role IN (SELECT grantee
                              FROM dba_tab_privs
                             WHERE PRIVILEGE = 'UPDATE')
CONNECT BY PRIOR grantee = granted_role
UNION
SELECT     grantee || ' Through role ' || granted_role ge, 'INSERT' priv
      FROM dba_role_privs
START WITH granted_role IN (SELECT grantee
                              FROM dba_tab_privs
                             WHERE PRIVILEGE = 'INSERT')
CONNECT BY PRIOR grantee = granted_role
UNION
SELECT     grantee || ' Through role ' || granted_role ge, 'DELETE' priv
      FROM dba_role_privs
START WITH granted_role IN (SELECT grantee
                              FROM dba_tab_privs
                             WHERE PRIVILEGE = 'DELETE')
CONNECT BY PRIOR grantee = granted_role
UNION
SELECT     grantee || ' Through role ' || granted_role ge, 'INDEX' priv
      FROM dba_role_privs
START WITH granted_role IN (SELECT grantee
                              FROM dba_tab_privs
                             WHERE PRIVILEGE = 'INDEX')
CONNECT BY PRIOR grantee = granted_role
UNION
SELECT     grantee || ' Through role ' || granted_role ge, 'ALTER' priv
      FROM dba_role_privs
START WITH granted_role IN (SELECT grantee
                              FROM dba_tab_privs
                             WHERE PRIVILEGE = 'ALTER')
CONNECT BY PRIOR grantee = granted_role
UNION
SELECT     grantee || ' Through role ' || granted_role ge, 'REFERENCES' priv
      FROM dba_role_privs
START WITH granted_role IN (SELECT grantee
                              FROM dba_tab_privs
                             WHERE PRIVILEGE = 'REFERENCES')
CONNECT BY PRIOR grantee = granted_role
UNION
SELECT     grantee || ' Through role ' || granted_role ge, 'EXECUTE' priv
      FROM dba_role_privs
START WITH granted_role IN (SELECT grantee
                              FROM dba_tab_privs
                             WHERE PRIVILEGE = 'EXECUTE')
CONNECT BY PRIOR grantee = granted_role
UNION
SELECT   grantee || ' Direct' ge, PRIVILEGE priv
    FROM SYS.dba_tab_privs
   WHERE table_name = UPPER ('&TABLE_NAME')
ORDER BY 1, 2 

No comments: