ALTER ROLE - Managing Database Link and DBMS_RLS Privileges v12
Advanced Server includes extra syntax (not offered by Oracle) for the ALTER ROLE
command. This syntax can be useful when assigning privileges related to creating and dropping database links compatible with Oracle databases, and fine-grained access control (using DBMS_RLS
).
CREATE DATABASE LINK
A user who holds the CREATE DATABASE LINK
privilege may create a private database link. The following ALTER ROLE
command grants privileges to an Advanced Server role that allow the specified role to create a private database link:
This command is the functional equivalent of:
Use the following command to revoke the privilege:
Note
The CREATEDBLINK
and NOCREATEDBLINK
keywords should be considered deprecated syntax; we recommend using the CREATE DATABASE LINK
and NO CREATE DATABASE LINK
syntax options.
CREATE PUBLIC DATABASE LINK
A user who holds the CREATE PUBLIC DATABASE LINK
privilege may create a public database link. The following ALTER ROLE
command grants privileges to an Advanced Server role that allow the specified role to create a public database link:
This command is the functional equivalent of:
Use the following command to revoke the privilege:
Note
The CREATEPUBLICDBLINK
and NOCREATEPUBLICDBLINK
keywords should be considered deprecated syntax; we recommend using the CREATE PUBLIC DATABASE LINK
and NO CREATE PUBLIC DATABASE LINK
syntax options.
DROP PUBLIC DATABASE LINK
A user who holds the DROP PUBLIC DATABASE LINK
privilege may drop a public database link. The following ALTER ROLE
command grants privileges to an Advanced Server role that allow the specified role to drop a public database link:
This command is the functional equivalent of:
Use the following command to revoke the privilege:
Note
The DROPPUBLICDBLINK
and NODROPPUBLICDBLINK
keywords should be considered deprecated syntax; we recommend using the DROP PUBLIC DATABASE LINK
and NO DROP PUBLIC DATABASE LINK
syntax options.
EXEMPT ACCESS POLICY
A user who holds the EXEMPT ACCESS POLICY
privilege is exempt from fine-grained access control (DBMS_RLS
) policies. A user who holds these privileges will be able to view or modify any row in a table constrained by a DBMS_RLS
policy. The following ALTER ROLE
command grants privileges to an Advanced Server role that exempt the specified role from any defined DBMS_RLS
policies:
This command is the functional equivalent of:
Use the following command to revoke the privilege:
Note
The POLICYEXEMPT
and NOPOLICYEXEMPT
keywords should be considered deprecated syntax; we recommend using the EXEMPT ACCESS POLICY
and NO EXEMPT ACCESS POLICY
syntax options.
See Also