Finding Information About Access Control Lists ================================================================================================== DBA_NETWORK_ACLS : Shows the access control list assignments to the network hosts. The SELECT privilege on this view is granted to the SELECT_CATALOG_ROLE role only. DBA_NETWORK_ACL_PRIVILEGES :Shows the network privileges defined in all access control lists that are currently assigned to network hosts. The SELECT privilege on this view is granted to the SELECT_CATALOG_ROLE role only. USER_NETWORK_ACL_PRIVILEGES : Shows the status of the network privileges for the current user to access network hosts. The SELECT privilege on the view is granted to PUBLIC. ================================================================================================== ================================================================================================== ALL_COL_PRIVS : Describes all column object grants for which the current user or PUBLIC is the object owner, grantor, or grantee ALL_COL_PRIVS_MADE :Lists column object grants for which the current user is object owner or grantor. ALL_COL_PRIVS_RECD : Describes column object grants for which the current user or PUBLIC is the grantee ALL_TAB_PRIVS : Lists the grants on objects where the user or PUBLIC is the grantee ALL_TAB_PRIVS_MADE :Lists the all object grants made by the current user or made on the objects owned by the current user. ALL_TAB_PRIVS_RECD :Lists object grants for which the user or PUBLIC is the grantee DBA_COL_PRIVS :Describes all column object grants in the database DBA_TAB_PRIVS :Lists all grants on all objects in the database DBA_ROLES :This view lists all roles that exist in the database, including secure application roles. Note that it does not list the PUBLIC role. DBA_ROLE_PRIVS :Lists roles granted to users and roles DBA_SYS_PRIVS :Lists system privileges granted to users and roles SESSION_ROLES :Lists all roles that are enabled for the current user. Note that it does not list the PUBLIC role. ROLE_ROLE_PRIVS :This view describes roles granted to other roles. Information is provided only about roles to which the user has access. ROLE_SYS_PRIVS :This view contains information about system privileges granted to roles. Information is provided only about roles to which the user has access. ROLE_TAB_PRIVS :This view contains information about object privileges granted to roles. Information is provided only about roles to which the user has access. USER_COL_PRIVS :Describes column object grants for which the current user is the object owner, grantor, or grantee USER_COL_PRIVS_MADE: Describes column object grants for which the current user is the grantor USER_COL_PRIVS_RECD :Describes column object grants for which the current user is the grantee USER_ROLE_PRIVS :Lists roles granted to the current user USER_TAB_PRIVS :Lists grants on all objects where the current user is the grantee USER_SYS_PRIVS : Lists system privileges granted to the current user USER_TAB_PRIVS_MADE: Lists grants on all objects owned by the current user USER_TAB_PRIVS_RECD: Lists object grants for which the current user is the grantee SESSION_PRIVS: Lists the privileges that are currently enabled for the user SESSION_ROLES: Lists the roles that are currently enabled to the user ================================================================================================== Listing All System Privilege Grants The following query returns all system privilege grants made to roles and users: SELECT * FROM DBA_SYS_PRIVS; Listing All Role Grants The following query returns all the roles granted to users and other roles: SELECT * FROM DBA_ROLE_PRIVS; Listing Object Privileges Granted to a User The following query returns all object privileges (not including column-specific privileges) granted to the specified user: SELECT TABLE_NAME, PRIVILEGE, GRANTABLE FROM DBA_TAB_PRIVS WHERE GRANTEE = 'sojha'; To list all the column-specific privileges that have been granted, use the following query: SELECT GRANTEE, TABLE_NAME, COLUMN_NAME, PRIVILEGE FROM DBA_COL_PRIVS; Listing the Current Privilege Domain of Your Session The following query lists all roles currently enabled for the issuer: SELECT * FROM SESSION_ROLES; Listing Roles of the Database You can use the DBA_ROLES data dictionary view to list all roles of a database and the authentication used for each role. For example, the following query lists all the roles in the database: SELECT * FROM DBA_ROLES; Listing Information About the Privilege Domains of Roles The ROLE_ROLE_PRIVS, ROLE_SYS_PRIVS, and ROLE_TAB_PRIVS data dictionary views contain information about the privilege domains of roles. For example, the following query lists all the roles granted to the system_admin role: SELECT GRANTED_ROLE, ADMIN_OPTION FROM ROLE_ROLE_PRIVS WHERE ROLE = 'SYSTEM_ADMIN'; The following query lists all the system privileges granted to the security_admin role: SELECT * FROM ROLE_SYS_PRIVS WHERE ROLE = 'SECURITY_ADMIN'; The following query lists all the object privileges granted to the security_admin role: SELECT TABLE_NAME, PRIVILEGE FROM ROLE_TAB_PRIVS WHERE ROLE = 'SECURITY_ADMIN'; |
