英文:
PLSQL Grant on Tables used on a package
问题
我有两个过程,一个定义并使用了一个从另一个模式中的表中获取数据的游标,并出现了权限不足的错误;另一个过程通过动态SQL创建一个表,引用相同的表,但没有错误。
第一个过程如下:
CREATE SCHEMA1.PROCEDURE proc1 AS
TYPE Record1 IS RECORD (v_one VARCHAR2(20), v_two VARCHAR2(20));
CURSOR procCursor RETURN Record1 IS
SELECT P.CODE, R.DESCRIPTION
FROM SCHEMA2.ROLES771 R, SCHEMA2.ROLEP773 P
WHERE ...;
BEGIN
...
END SCHEMA1.PROCEDURE;
另一个没有错误的过程如下:
CREATE SCHEMA1.PROCEDURE proc1 AS
TYPE Record1 IS RECORD (v_one VARCHAR2(20), v_two VARCHAR2(20));
CURSOR procCursor RETURN Record1 IS
SELECT P.CODE, R.DESCRIPTION
FROM TMP_TBL;
BEGIN
EXECUTE IMMEDIATE ('TRUNCATE TABLE TMP_TBL');
EXECUTE IMMEDIATE ('
INSERT INTO TMP_TBL (ONE, TWO)
SELECT P.CODE, R.DESCRIPTION
FROM SCHEMA2.ROLES771 R, SCHEMA2.ROLEP773 P');
...
END SCHEMA1.PROCEDURE;
英文:
I have two procedures one defines and uses a CURSOR with table from another schema and it gives me an error of insufficient privileges; the other one, creates a table with a dynamic SQL, referencing the same tables, but goes without error,
why so?
First procedure is as follows:
CREATE SCHEMA1.PROCEDURE proc1 AS
TYPE Record1 IS RECORD (v_one VARCHAR2(20), v_two VARCHAR2(20));
CURSOR procCursor RETURN Record1 IS
SELECT P.CODE, R.DESCRIPTION
FROM SCHEMA2.ROLES771 R, SCHEMA2.ROLEP773 P
WHERE ...;
BEGIN
...
END SCHEMA1.PROCEDURE;
The other one, without error is this:
CREATE SCHEMA1.PROCEDURE proc1 AS
TYPE Record1 IS RECORD (v_one VARCHAR2(20), v_two VARCHAR2(20));
CURSOR procCursor RETURN Record1 IS
SELECT P.CODE, R.DESCRIPTION
FROM TMP_TBL;
BEGIN
EXECUTE IMMEDIATE ('TRUNCATE TABLE TMP_TBL');
EXECUTE IMMEDIATE ('
INSERT INTO TMP_TBL (ONE, TWO)
SELECT P.CODE, R.DESCRIPTION
FROM SCHEMA2.ROLES771 R, SCHEMA2.ROLEP773 P');
...
END SCHEMA1.PROCEDURE;
答案1
得分: 1
正如您所说,表格是由其他人(即另一个用户)拥有的。
您描述的问题通常是由于您通过角色获得了权限而导致的。这些权限在SQL级别或匿名的PL/SQL块中起作用,但在具名的PL/SQL过程(函数、过程、包、触发器)中不起作用。
<a href="https://docs.oracle.com/cd/B13789_01/appdev.101/b10807/13_elems017.htm">文档</a>说
> EXECUTE IMMEDIATE语句执行动态SQL语句或匿名的PL/SQL块
(是的,我知道,这是10g文档;后续版本说它“构建并运行一个动态SQL语句,一次性完成”,这并不太具体)。
基本上,这就是为什么execute immediate可以正常运行。
要怎么做呢?让另一个用户直接授予您权限,而不是通过角色授予。
英文:
As you said, tables are owned by someone else (i.e. another user).
Problem you described is often result of you being granted privileges via role. Such privileges work at SQL level or in anonymous PL/SQL blocks, but won't work in named PL/SQL procedures (functions, procedures, packages, triggers).
<a href="https://docs.oracle.com/cd/B13789_01/appdev.101/b10807/13_elems017.htm">Documentation</a> says
> The EXECUTE IMMEDIATE statement executes a dynamic SQL statement or anonymous PL/SQL block
(yes, I know, this is 10g document; later versions say that it "builds and runs a dynamic SQL statement in a single operation" which isn't that descriptive).
Basically, that's why execute immediate runs OK.
What to do? Let another user grant privileges directly to you, not via role.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论