oragrant – Printing permissions for a schema
Purpose
oragrant prints all existing grants in an Oracle database schema. It can also be used to execute these grant statements directly.
Options
oragrant supports the following options:
- -v <flag>, --verbose <flag>
Produces output (on stderr) while the database is read or written. (Valid flag values are
false
,no
,0
,true
,yes
or1
)
- -c <mode>, --color <mode>
Should the output (when the
-v
option is used) be colored? Ifauto
is specified (the default) then the output is colored if stderr is a terminal. Valid modes areyes
,no
orauto
.
- -x <connectstring>, --execute <connectstring>
When the
-x
argument is given the SQL script isn’t printed on stdout, but executed in the database specfied as the-x
argument.
- -k <flag>, --keepjunk <flag>
If false (the default), database objects that have
$
orSYS_EXPORT_SCHEMA_
in their name will be skipped (otherwise these objects will be included in the output). (Valid flag values arefalse
,no
,0
,true
,yes
or1
)
- -i <flag>, --ignore <flag>
If true, any exception that occurs while the database is read or written will be ignored. (Valid flag values are
false
,no
,0
,true
,yes
or1
)
- -m <expr>, --mapgrantee <expr>
A Python
dict
orlist
literal which will be evaluated. If the grantee is not in this list (or dictionary) no grant statement will be returned. If it’s a dictionary and the grantee exists as a key, the privilege will be granted to the user specified as the value instead of the original one. The default is to grant all privileges to the original grantee.
- --format <format>
If
--execute
is not given, this determines the output format: Plain SQL (formatsql
), or PySQL (formatpysql
) which can be piped intoll.pysql
.
Example
Grant all privileges that alice
has in the schema user@db
to bob
in
user2@db2
:
$ oragrant user/pwd@db -x user2/pwd2@db2 -m '{"alice": "bob"}' -v