Show list of grantable object privileges
The list of grantable object privileges can be queried from the table
table_privilege_map
(which is created and populated by the
dsec.bsq
script).
Each privilege is associated with a numerical id (auditing number) which is also stored in this table.
select
privilege, -- The numerical id of the privilege
name
from
sys.table_privilege_map
order by
name;
ID | Name | Comment |
0 | ALTER | |
1 | AUDIT | |
2 | COMMENT | |
16 | CREATE | |
26 | DEBUG | |
3 | DELETE | |
21 | DEQUEUE | |
20 | ENQUEUE | |
12 | EXECUTE | |
27 | FLASHBACK | |
30 | FLASHBACK ARCHIVE | |
4 | GRANT | |
5 | INDEX | |
6 | INSERT | |
7 | LOCK | |
28 | MERGE VIEW | |
23 | ON COMMIT REFRESH | |
24 | QUERY REWRITE | |
17 | READ | Compare with WRITE and SELECT |
11 | REFERENCES | |
8 | RENAME | |
9 | SELECT | |
22 | UNDER | |
10 | UPDATE | |
29 | USE | |
18 | WRITE | Compare with READ , UPDATE , INSERT and DELETE |
A comment in dsec.bsq
asks, if the UPSERT
privilege is missing.
See also the four records in
user_privilege_map
which stores the privileges
- INHERIT PRIVILEGES
- TRANSLATE SQL
- INHERIT REMOTE PRIVILEGES
- DEBUG CONNECT