Product User Profile - Restrict User From Running Queries On DB From Third Party Tools
Apr 25, 2011
There is a requirement in my database that I want to restrict the user from directly running queries on database from third party tools such as pl/sql developer and toad.
There is a utility in SQL product_user_profile through which this can be done but it is only restricted if you run the query through sql plus. If I want to restrict and (give suppose select,insert) to a user for directly running queries through PL/SQL.
Data block 1- master_blk : For date/customer of sale invoice Data block 2- detail_blk1 (detail of the master block - For products and qty) Data block 3- detail_blk2 (detail of DETAIL_BLK1 For entering serial numbers of products)
My requirement is that whatever quantity user enter in data block 2 against each product he must enter equal number of serial numbers of that product in data block 3.
For this I have created on item (cnt_iteml : to count product's serial numbers in block3 ) in data block 2, and on summary item (t_serial_no ) in block3.
Whenever user changes in quantity, cnt_iteml: item is populated with t_serial_no in block3 of that product by following trigger on quantity column.
Following trigger is written on block level at data block-3 to populate cnt_iteml with t_serial_no. PRE-RECORD
IF GET_BLOCK_PROPERTY('SERIAL_NUMBERS',STATUS) IN ('CHANGED') THEN :stock_transactions.cnt_itl:=:serial_numbers.t_serial_no; END IF;
Above triggers are fulfilling my requirement except following condition.
If user after entering serial numbers in block 3 and without saving goes back to block2 and try to navigate to another record he gets a message asking him to save changes by forms. At this time if user presses no then cnt_itl item is not been populated with t_serial_no item's value.
What I want in above condition is that if user was inserting new record cnt_it item should be populated with 0, so that he shouldn't be able to save this record. And If he was updating then cnt_itl item should be populated with actual no of records in database against that product.
An user is running some queries and that's making database hang. I want to view what queries this user is running. Can this be done by session auditing turning on?
When you drop a user profile, Oracle automatically assigns the default profile to that user - knowing that no other profile has been assigned to that user. Does this happen in the same session or after a restart?
A user must have a profile at all times, so if a profile is dropped, then the default profile should be assigned in the same session because if not, then during that session the user has no assigned profile which shouldn't happen?
I am trying to expire all user accounts belonging to a particular profile my_profile.
The first option was to utilise the utlpwdmg.sql script to update the PASSWORD_LIFE_TIME for my_profile, this worked in Oracle (11g) but caused issues with the change password feature of several applications linking to the database - this option then had to be abandoned.
The next option is to therefore to select all users in my_profile and expire the accounts, what I require is a statement to combine:
- Select USERNAME from DBA_USERS where PROFILE='my_profile'; & - Alter USER my_user PASSWORD EXPIRE;
So that all users in my_profile have their passwords expired, not just one user my_user.
The Scenario is that we have to restrict clients to write file on C drive for which we have to grant admin privileges(OS) which we don't wanna give. Rather they can write on their own profile.
In CMD we can find their profile with %userprofile% command,but i am confused of using it in oracle form. so is there any possibilities to redirect O/P to userprofileyour_file.txt
Just for an instance ,code is like this which is currently writing in C: drive
Suppose there is customers table and the user (Scott) is having select,update,insert privelege on the customers table.
a.)From the form i.e GUI he is having all the access,we want that when he logs on with sql plus directly then he would only be able to run select query only.
b.)When we are using third party tools such as pl/sql developer tools and toad then we are not able to restrict the user by running only the select queries.The utility which was used previously was only used for SQL Plus.
Resolution:
a.)I am able to restrict the user when he logs on with sqlplus and he is able to run anly select queries. b.)How we can restrict the user so that in pl/sql he is able to issue only the select query.
Trigger the user when logs on session id is captured and user can be restricted in logging in to the plsql developer and toad applications
I have table in Oracle with one column PRODUCT. Column PRODUCT have following values -
Account Management Active Directory Adobe Acrobat Reader NT Account Application Security
[code]....
I am designing application where I need to search for PRODUCT based upon user's input. Lets say user wants search on 'Laptop Account Broken'. I want to search for all products which contains any of words in user's input. So based upon user's input I want output like below.
Expected Output:
Account Management NT Account WebSite Account HP Laptop
I have a user ( for example Scott) and he doesn't belongs to DBA group i want to restrict accessing data dictionaries like dba_% to this Scott user. how to restrict Data dictionaries to this user.
Is it possible that we restrict user at data level? For Example 'A' user can only query employeess of deptno 10 only. He can not query employees of others dept.
I am using Forms 6i,Oracle Apps... I have database block.... generally we can retrieve the all the records by press F11 and Ctrl F11.... but my requirement is i have to restrict the user that they can access the records based on the condition ...
For example....let we take emp table....I have to restrict the user that they can query dept no 10 employees only.
SQL Plus version Oracle8 Enterprise Edition Release 8.0.5.0.0 - Production PL/SQL Release 8.0.5.1.0 Production Forms Version : 6i Reports Version: 6i O/S : Microsoft Windows Xp professional Version 2002 Service Pack 3
With reference to the above version details here is the requirement. How do I restrict user on key next item trigger i.e I want the cursor to move to next field only when user presses "ENTER" button on the key board any other key like mouse should not allow user to move to the next field.
I want to add a new validation to restrict concurrent user and/or session from a client. (we have almost 60 client firms using the software to enter daily trasnactions). All users from all clients are connecting to the database using a common functional ID.
What I did was: 1) Add a column 'user_logged_in' in the master table for client and update it as Y when user from that client logged on to the system, 2) Insert the application logon details (we can figure out the client details from this) into a global temp table, 3) Create a logoff trigger to update the 'user_logged_in'flag in client master table by using values from global temp table when session logged off and 4) Restrict the users from same client if the flag is 'Y'
But the problem in this case is logoff trigger will not be executed in case if the session got killed or terminated abnormally.
I have got 2 users as user1 and user2.I have used the following statements from user 'user1':
create role GENEVAOBJECTS; grant select, insert, update, delete on PRODUCT to GENEVAOBJECTS; grant GENEVAOBJECTS to user2;
In the above statements, product is a table. Now, I could able to access this table from user 'user2'. But however if I write a procedure in user2 schema accessing the table product, then the procedure is not getting compiled.
create or replace procedure test_prc as v_test number(9); begin select product_id into v_test from PRODUCT where rownum=1;
Need a code which prevents the User from entering more than 30 characters in a field. Although the variable can accept more than 30 characters. My requirement is to validate the field by restricting up to 30 characters.
We are using Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 and Oracle Discoverer 9i desktop & Administrator,We have configured a physical standby database. We have ask users to connect to standby thru discoverer thru a different tns entry, but user can also connect on primary db.
We want to restrict the specified users to connect on primary database thru discoverer.
i have master and detail form. In detail(tabular form) i want to restrict user to enter only 10 rows.if he tries to go for 11th row he shud get a message (Only 10 records can be created at a time).
I have this 3rd party tool, which are running SQL queries. I need to see what queries the tool is running and capture them. I enabled tracing but that's not working, as the tool doesn't establish connection, it connects when it has to run the query and then gets disconnected.
how to define user defined exceptions for cases like, ==> when anyone tries to insert string values without using single quotation marks " '...' "? ==> update the column which is not present in table.
how can I define user defined exceptions for such cases?
I have a view in schemaA called viewA for example. The view is quite complex, with multiple joins.I've granted ALL to schemaB to the view, and to all the referenced tables within the view.However, when I run execute the view from schemaB, I get a ORA-00942 table or view does not exist.
SQL> select * from schemaA.viewA; select * from schemaA.viewA * ERROR at line 1: ORA-00942: table or view does not exist
I suspect that Oracle is creating to temporary tables/views internally (or using something that is already there), and that I need to grant access to these temporary objects.
I'm looking for a basic password reset / unlock tool for use at a help desk. Environment is mixed 10 and 11G. Current procedure is log into specific database using SQL Plus and manually type out reset/unlock commands.
I would like to know if 'user creation definition' is exported in user mode export if export is done with DBA role..If it is Not, does it mean we always need to precreate the user before we import the dump created using 'user mode export'?