CREATE USER statement

CREATE USER statement

• The CREATE USER statement creates a database account that
allows you to log into the Oracle database.
• Syntax
CREATE USER user_name
IDENTIFIED BY password
[ PASSWORD EXPIRE ];
CREATE USER statement
• Example 1

CREATE USER Dawit

IDENTIFIED BY pwd4dawit;
CREATE USER statement
• Example 2

CREATE USER Hana

IDENTIFIED BY pwd4hana
PASSWORD EXPIRE;
Change a user's password
Change a user's password
• To change a user's password in Oracle, you need to execute the alter
user command.

• Syntax
ALTER USER user_name IDENTIFIED BY new_password;
Change a user's password
• Example

ALTER USER Dawit IDENTIFIED BY dawit123;

Grant/Revoke Privileges
1. Grant Privileges on create DB objects
• You can grant users various privileges to create database objects.
• These privileges can be any combination of CREATE SESSION,
CREATE TABLE,CREATE VIEW,CREATE SYNONYM e.t.c .
Syntax
GRANT privileges TO user;
Cont’d
Example 1

GRANT CREATE SESSION, CREATE TABLE TO hana;

Example 2

GRANT CREATE VIEW, CREATE TABLE TO dawit,g3SE;

2. Grant Privileges on Table
• You can grant users various privileges to tables.
• These privileges can be any combination of SELECT, INSERT,
UPDATE, DELETE, REFERENCES, ALTER, INDEX, or ALL.
Syntax
GRANT privileges ON object_name TO user;
Cont’d
privileges
The privileges to assign. It can be any of the following values:
Privilege Description
SELECT Ability to perform SELECT statements on the table.
INSERT Ability to perform INSERT statements on the table.
UPDATE Ability to perform UPDATE statements on the table.
DELETE Ability to perform DELETE statements on the table.
REFERENCES Ability to create a constraint that refers to the table.
ALTER Ability to perform ALTER TABLE statements to change the table definition.
INDEX Ability to create an index on the table with the create index statement.
ALL All privileges on table.
Cont’d
Example 1

GRANT SELECT, INSERT, UPDATE, DELETE ON

department,employee TO dawit,hana;

Example 2

GRANT SELECT ON department TO hana WITH GRANT OPTION;

Cont’d
• You can also use the ALL keyword to indicate that you wish ALL
permissions to be granted for a user named dawit.

For example:

GRANT ALL ON department TO dawit;

Cont’d
• If you wanted to grant only SELECT access on your table to all users,
you could grant the privileges to the public keyword. For

Example:

GRANT SELECT ON department TO public;

3. Revoke Privileges on Table

• Once you have granted privileges, you may need to revoke some or all
of these privileges. To do this, you can run a revoke command.
• You can revoke any combination of SELECT, INSERT, UPDATE,
DELETE, REFERENCES, ALTER, INDEX, or ALL.
Syntax
REVOKE privileges ON object FROM user;
Cont’d
• For example, if you wanted to revoke DELETE privileges on a table
called department from a user named dawit, you would run the
following REVOKE statement:

REVOKE DELETE ON department FROM dawit;

Cont’d
• For example, If you wanted to revoke ALL privileges on a table for a
user named dawit, you could use the ALL keyword as follows:

REVOKE ALL ON department FROM dawit;

Cont’d
• For example, If you had granted ALL privileges to public (all users)
on the department table and you wanted to revoke these privileges,
you could run the following REVOKE statement:

REVOKE ALL ON department FROM public;

Roles
Cont’d
• A role is a set or group of privileges that can be granted to users or
another role. This is a great way for database administrators to save
time and effort.
Create Role
Syntax

CREATE ROLE role_name[ NOT IDENTIFIED |IDENTIFIED BY

password];
Cont’d
Example 1:
CREATE ROLE test_role;
This example creates a role called test_role.

Example 2:

CREATE ROLE test2_role IDENTIFIED BY test123;

This example creates a role called test2_role, but now it is password

protected with the password of test123.
Grant TABLE Privileges to Role

• Once you have created the role in Oracle, your next step is to grant
privileges to that role.
• Just as you granted privileges to users, you can grant privileges to a
role.
Syntax
The syntax for granting table privileges to a role in Oracle is:

GRANT privileges ON object TO role_name

Cont’d
Example 1:
if you wanted to grant SELECT, INSERT, UPDATE, and DELETE
privileges on a table called department to a role named test_role, you
would run the following GRANT statement:
GRANT select, insert, update, delete ON department TO test_role;
Cont’d
You can also use the ALL keyword to indicate that you wish all
permissions to be granted.

For example:
GRANT all ON suppliers TO test_role;
Revoke Table Privileges from Role
• Once you have granted table privileges to a role, you may need to
revoke some or all of these privileges.
• To do this, you can execute a revoke command.
• You can revoke any combination of SELECT, INSERT, UPDATE,
DELETE, REFERENCES, ALTER, INDEX, or ALL
Syntax

REVOKE privileges ON object FROM role_name;

Cont’d
• For example, if you wanted to revoke DELETE privileges on a table
called suppliers from a role named test_role, you would run the following
REVOKE statement:

REVOKE delete ON suppliers FROM test_role;

• If you wanted to revoke ALL privileges on the table called suppliers from a role
named test_role, you could use the ALL keyword.
For example:

REVOKE all ON suppliers FROM test_role;

Grant Role to User

• Now, that you've created the role and assigned the privileges to the
role, you'll need to grant the role to specific users.
Syntax
The syntax to grant a role to a user in Oracle is:

GRANT role_name TO user_name;

Cont’d
Example:

GRANT test_role TO dawit;

• This example would grant the role called test_role to the user
named dawit.
Thank You!