I am trying to modify this free script I have obtained but only require select access for the Sequence object but require insert,update,delete,select etc for all other object types such as tables, views , procedures etc. How can I amend this script so that it caters for both types of grants. At presnt i have had to comment out the sequence object but do require the select permission only for sequences. Please advise. I have tried declaring another for loop but not had much luck.
cursor get_obj is
select object_name,owner from all_objects
where owner = 'FLEET_DBA'
-- and object_type IN ('PACKAGE','FUNCTION','PROCEDURE','TABLE','VIEW','SEQUENCE','CLUSTER');
and object_type IN ('PACKAGE','FUNCTION','PROCEDURE','TABLE','VIEW','CLUSTER');
-- and object_name not in (select synonym_name
-- from all_synonyms
-- where owner='PUBLIC');
FOR obj_rec in get_obj LOOP
l_sql := 'GRANT UPDATE,SELECT,INSERT,DELETE on '||obj_rec.object_name||' to '||admrole;
t_sql := 'GRANT UPDATE,SELECT,INSERT,DELETE on '||obj_rec.object_name||' to '||userrole;
result := dbms_sql.execute(cursor_id);
Hm, I wonder how your database reacts when you try to grant SELECT privilege on PACKAGE,FUNCTION or PROCEDURE. Mine only allows me to grant EXECUTE on those type of objects.
Anyhow, a simple usage of an IF-ELSIF-ENDIF will solve your problem:
cursor get_obj is
select object_name,owner, object_type
IF obj_rec.object_type IN ('PACKAGE','FUNCTION','PROCEDURE') THEN
l_sql := 'GRANT EXECUTE';
ELSIF obj_rec.object_type = 'SEQUENCE' THEN
l_sql := 'GRANT SELECT';
l_sql := 'GRANT SELECT, INSERT, UPDATE, DELETE';
t_sql := l_sql || ' on '||obj_rec.object_name||' to '||userrole;
l_sql := l_sql || ' on '||obj_rec.object_name||' to '||admrole;
Jurij Modic ASCII a stupid question, get a stupid ANSI
24 hours in a day .... 24 beer in a case .... coincidence?