Skip Headers
Previous
Previous
 
Next
Next

Granting Privileges to DBAs and Application Developers

Anyone who creates or manages dimensional objects in Oracle Database must have the necessary privileges. These privileges are different from those needed just to query the data stored in dimensional objects. The security system is discussed in "About the Security of Dimensional Data in Oracle Database".

Required Roles and Privileges

DBAs and application developers need the following roles and privileges.

To create dimensional objects in the user's own schema: 

To create dimensional objects in different schemas: 

To administer data security: 

Users also need an unlimited quota on the tablespace in which the dimensional objects are stored. The tablespaces should be defined specifically for OLAP use, as described in "Creating Tablespaces for OLAP".

If the source tables are in a different schema, then the owner of the dimensional objects needs SELECT object privileges on those tables.

Creating the GLOBAL User

Suppose you want to create the GLOBAL user with full privileges to create dimensional objects in the GLOBAL schema and to manage security.

To create the GLOBAL user: 

  1. Create the GLO permanent tablespace. See "Creating a Permanent Tablespace for an Analytic Workspace".

  2. Create the GLOTMP temporary tablespaces. See "Creating a Temporary Tablespace for an Analytic Workspace"

  3. Create the GLOBAL user:

    CREATE USER "GLOBAL" IDENTIFIED BY password
       DEFAULT TABLESPACE glo 
       TEMPORARY TABLESPACE glotmp
       QUOTA UNLIMITED ON glo
       PASSWORD EXPIRE;
    
    GRANT CREATE SESSION TO GLOBAL;
    GRANT OLAP_USER TO GLOBAL;
    GRANT OLAP_XS_ADMIN TO GLOBAL;