Home > Getting Started with Oracle... > Granting Privileges to DBAs...
![]() Previous |
![]() Next |
Anyone who creates or manages dimensional objects in Oracle Database must have the necessary privileges. These privileges are different from those needed just to query the data stored in dimensional objects. The security system is discussed in "About the Security of Dimensional Data in Oracle Database".
DBAs and application developers need the following roles and privileges.
To create dimensional objects in the user's own schema:
OLAP_USER
role
CREATE SESSION
privilege
To create dimensional objects in different schemas:
OLAP_DBA
role
CREATE SESSION
privilege
To administer data security:
OLAP_XS_ADMIN
role
Users also need an unlimited quota on the tablespace in which the dimensional objects are stored. The tablespaces should be defined specifically for OLAP use, as described in "Creating Tablespaces for OLAP".
If the source tables are in a different schema, then the owner of the dimensional objects needs SELECT
object privileges on those tables.
Suppose you want to create the GLOBAL
user with full privileges to create dimensional objects in the GLOBAL
schema and to manage security.
To create the GLOBAL user:
Create the GLO
permanent tablespace. See "Creating a Permanent Tablespace for an Analytic Workspace".
Create the GLOTMP
temporary tablespaces. See "Creating a Temporary Tablespace for an Analytic Workspace"
Create the GLOBAL
user:
CREATE USER "GLOBAL" IDENTIFIED BY password
DEFAULT TABLESPACE glo
TEMPORARY TABLESPACE glotmp
QUOTA UNLIMITED ON glo
PASSWORD EXPIRE;
GRANT CREATE SESSION TO GLOBAL;
GRANT OLAP_USER TO GLOBAL;
GRANT OLAP_XS_ADMIN TO GLOBAL;