oragrant – Printing permissions for a schema
Purpose
oragrant prints all existing grants in an Oracle database schema. It can also be used to execute these grant statements directly.
Options
oragrant supports the following options:
- -v <flag>, --verbose <flag>
Produces output (on stderr) while the database is read or written. (Valid flag values are
false,no,0,true,yesor1)
- -c <mode>, --color <mode>
Should the output (when the
-voption is used) be colored? Ifautois specified (the default) then the output is colored if stderr is a terminal. Valid modes areyes,noorauto.
- -x <connectstring>, --execute <connectstring>
When the
-xargument is given the SQL script isn’t printed on stdout, but executed in the database specfied as the-xargument.
- -k <flag>, --keepjunk <flag>
If false (the default), database objects that have
$orSYS_EXPORT_SCHEMA_in their name will be skipped (otherwise these objects will be included in the output). (Valid flag values arefalse,no,0,true,yesor1)
- -i <flag>, --ignore <flag>
If true, any exception that occurs while the database is read or written will be ignored. (Valid flag values are
false,no,0,true,yesor1)
- -m <expr>, --mapgrantee <expr>
A Python
dictorlistliteral which will be evaluated. If the grantee is not in this list (or dictionary) no grant statement will be returned. If it’s a dictionary and the grantee exists as a key, the privilege will be granted to the user specified as the value instead of the original one. The default is to grant all privileges to the original grantee.
- --format <format>
If
--executeis not given, this determines the output format: Plain SQL (formatsql), or PySQL (formatpysql) which can be piped intoll.pysql.
Example
Grant all privileges that alice has in the schema user@db to bob in
user2@db2:
$ oragrant user/pwd@db -x user2/pwd2@db2 -m '{"alice": "bob"}' -v