'RO user with full access to ALL_OBJECTS table
I wish to create a read_only user. I have granted him these privileges:
grant SELECT_CATALOG_ROLE to ro_user;
grant select any dictionary to ro_user;
grant select any table to ro_user;
For me it is important, that this user has an (full) access to ALL_OBJECTS table. However the permissions above seem to give him a restricted access only.
When I execute SELECT * FROM ALL_OBJECTS; as ro_user I get smaller result set as when I execute it with user, which has all privileges. Query is simplified but the types and procedures are missing.
Which permission should I grant, so that the ro_user would get a full access to ALL_OBJECTS?
Thanks!
Solution 1:[1]
Well, GRANTs you posted aren't all privileges that RO user has. Obviously, it lacks in CREATE SESSION privilege (otherwise it wouldn't be able to connect to the database at all). Consider posting more information about it, i.e. the way you created that RO user and all its privileges.
As of ALL_OBJECTS: it contains information about objects available to you because you're
- their owner (that's in
USER_OBJECTS) - were granted privileges from other users so that you could use their objects
Saying that "user which has all privileges" sees more information is - probably - irrelevant, because we have no evidence that other users granted your RO user the same privileges on their objects (types, procedures you mentioned) as to user which sees them.
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Littlefoot |