5

Situation is that user1 gives permision to user2:

GRANT CREATE ANY TABLE, SELECT ANY TABLE TO user2;

And after logging on user2, I'm trying to create table:

CREATE TABLE user1.test(id NUMBER PRIMARY KEY);

the result is ORA-01031 - insufficient privileges I can create table on own schema and select tables from other schemas. I thought that CREATE ANY TABLE solves the problem, but it looks other way. Ah, and both users have unlimited tablespace. What else should I guarantee?

Improve this question

3 Answers 3

Reset to default
6

Perhaps you need to also grant CREATE ANY INDEX? You are creating an index when you add the primary key. You can quickly test this by omitting the PK constraint.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

4

"create any table" is too powerful a privilege to be granting to non-DBA's. A better approach would be to create a "create table" procedure in the target schema that accepts sanitised components of the required DDL, and grant execute privilege on that to the required users.

A suitable interface would be something like ...

create procedure
  create_table(
    table_name varchar2,
    columns    varchar2,
    etc        varchar2)

... so that you can ...

begin
  user1.create_table(
    table_name => 'TEST',
    columns    => 'id NUMBER PRIMARY KEY',
    etc        => '');
end;

... and have the procedure construct and execute the DDL for you.

Improve this answer

Comments

-2

user GRANT CREATE ANY INDEX TO SCHEMA_NAME

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.