![]() ![]() Roles used in blocks named with the rights of the plaintiff and anonymous PL/SQL If a named PL/SQL block that runs with DEFINER SESSION_ROLES rights issues, the query returns no rows. The SESSION_ROLES view shows all roles that are currently enabled. The use of roles in a PL/SQL block depends on if it is an anonymous block, or a block named (stored procedure, function, or trigger), and if it runs with the rights of the author or the rights of the applicant. The database Security Guide has the information in the section "operation of the roles in PL/SQL blocks (which, of course, wouldln was necessary if they didn't work.). Roles are not used to privilege control, and you cannot define roles within the procedure of a DEFINER rights. Roles used in the appointed with rights to define blocksĪll roles are disabled in any PL/SQL block named (stored procedure, function, or trigger) that runs with the rights of the author. The Oracle documentation provides a very clear explanation - based restriction is for the NAMED PL/SQL blocks rights DEFINER of this use (the default): Roles are disabled in named PL/SQL blocks unless you use of the APPELLANT's rights by setting the code with AUTHID CURRENT_USER. This will work only if the procedure is defined for the APPELLANT's rights. I joined the call in an anonymous block above, but the error still exists. I get the error "Cannot run a DEFINED ROLE less stored proceduers". Among the statements in the procedure stored is of dbms_t_role ('HAVE') I'm trying to call a procedure from a function. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |