Oracle Role Privileges Report

Displays roles, system privileges, and object privileges granted to a specified role (or all roles). Useful for auditing role-based access control and reviewing privilege inheritance.

oraclesqlsecurity-auditingv1.0.0
0 stars0 downloads17 views0 comments
By OracleDba • Created

Code

(44 lines)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
-- -----------------------------------------------------------------------------------
-- File Name    : https://oracle-base.com/dba/monitoring/role_privs.sql
-- Author       : Tim Hall
-- Description  : Displays a list of all roles and privileges granted to the specified role.
-- Requirements : Access to the USER views.
-- Call Syntax  : @role_privs (role-name, ALL)
-- Last Modified: 15/07/2000
-- -----------------------------------------------------------------------------------
SET SERVEROUTPUT ON
SET VERIFY OFF

SELECT a.role,
       a.granted_role,
       a.admin_option
FROM   role_role_privs a
WHERE  a.role = DECODE(UPPER('&1'), 'ALL', a.role, UPPER('&1'))
ORDER BY a.role, a.granted_role;

SELECT a.grantee,
       a.granted_role,
       a.admin_option,
       a.default_role
FROM   dba_role_privs a
WHERE  a.grantee = DECODE(UPPER('&1'), 'ALL', a.grantee, UPPER('&1'))
ORDER BY a.grantee, a.granted_role;

SELECT a.role,
       a.privilege,
       a.admin_option
FROM   role_sys_privs a
WHERE  a.role = DECODE(UPPER('&1'), 'ALL', a.role, UPPER('&1'))
ORDER BY a.role, a.privilege;

SELECT a.role,
       a.owner,
       a.table_name, 
       a.column_name, 
       a.privilege,
       a.grantable
FROM   role_tab_privs a
WHERE  a.role = DECODE(UPPER('&1'), 'ALL', a.role, UPPER('&1'))
ORDER BY a.role, a.owner, a.table_name;
               
SET VERIFY ON

General Comments(0)

Tip: Click on a line number in the code to add a line-specific comment

No general comments yet. Be the first to comment!