Experiment - 10

USER ACCOUNT CREATION AND GRANTING PRIVILEGE

Design a case study for Company Database System./ Hospital Management System/ Railway Reservation
System.

NAME Hritvik Mathur

UID 20BCS6760
SECTION PH20AML2-B
SUBJECT DBMS LAB (20CSP-233)
CREATE USER : Use the CREATE USER statement to create and configure a database user, which is an
account through which you can log in to the database, and to establish the means by which Oracle Database
permits access by the user.

Ø CREATE USER username IDENTIFIED BY psw

PROVIDING ROLES

Typically, you’ll first want to assign privileges to the user through attaching the account to various roles,
starting with the CONNECT role:

Ø GRANT CONNECT TO alice;

In some cases to create a more powerful user, you may also consider adding the RESOURCE role (allowing
the user to create named types for custom schemas) or even the DBA role, which allows the user to not only
create custom named types but alter and destroy them as well.

Ø GRANT CONNECT, RESOURCE, DBA TO books_admin;

GRANTING/ASSIGNING PRIVILEGE

GRANT statement
Use the GRANT statement to give privileges to a specific user or role, or to all users, to perform actions on
database objects. You can also use the GRANT statement to grant a role to a user.

The following types of privileges can be granted:

· Delete data from a specific table.

· Insert data into a specific table.

· Create a foreign key reference to the named table or to a subset of columns from a table.

· Select data from a table, view, or a subset of columns in a table.

· Create a trigger on a table.

· Update data in a table or in a subset of columns in a table.

· Run a specified function or procedure.

· Use a sequence generator, a user-defined type, or a user-defined aggregate.

Syntax for tables

Ø GRANT <privilege> ON <table> TO <user>

Example:

GRANT select, insert, update, delete ON emp TO user1

GRANT ALL PRIVILEGES to alice;

GRANT UNLIMITED TABLESPACE TO books_admin;

DISPLAY THE PRIVILEGE

Ø SELECT * FROM USER_SYS_PRIVS;

Ø SELECT * FROM USER_TAB_PRIVS;

Ø SELECT * FROM USER_ROLE_PRIVS;

REVOKE statement

Use the REVOKE statement to remove privileges from a specific user or role, or from all users, to perform
actions on database objects. You can also use the REVOKE statement to revoke a role from a user, from
PUBLIC, or from another role.

Syntax for tables

Ø REVOKE privilegeType ON [ TABLE ] { tableName | viewName } FROM revokes/username

Example:-

Ø REVOKE select, insert, update, delete ON emp TO user1

Ø REVOKE ALL PRIVILEGES FROM alice;

REVOKING ROLES:

Ø REVOKE DBA FROM ABHISHEK

ALTER USER

Use the ALTER USER statement:

· To change the authentication or database resource characteristics of a database user

· To permit a proxy server to connect as a client without authentication

 ALTER USER usename IDENTIFIED BY psw REPLACE oldpsw

DROP USER:

Use the DROP USER statement to remove a database user and optionally remove the user's objects.

Ø DROP USER username [CASCADE]

Specify CASCADE to drop all objects in the user's schema before dropping the user. You must specify this
clause to drop a user whose schema contains any objects.

· If the user's schema contains tables, then Oracle Database drops the tables and automatically drops any
referential integrity constraints on tables in other schemas that refer to primary and unique keys on these
tables.

· If this clause results in tables being dropped, then the database also drops all domain indexes created
on columns of those tables and invokes appropriate drop routines.