Privilege Hierarchy

Some privileges confer other privileges. For example, ADMIN privilege confers all other privileges. The CREATE ANY TABLE system privilege confers the CREATE TABLE object privilege. Table 7-3 shows the privilege hierarchy.

Table 7-3 Privilege hierarchy

Privilege Confers these privileges

ADMIN

All other privileges including CACHE_MANAGER

CREATE ANY INDEX

INDEX (any table or materialized view)

CREATE ANY MATERIALIZED VIEW

CREATE MATERIALIZED VIEW

CREATE ANY PROCEDURE

CREATE PROCEDURE

CREATE ANY SEQUENCE

CREATE SEQUENCE

CREATE ANY SYNONYM

CREATE SYNONYM

CREATE ANY TABLE

CREATE TABLE

CREATE ANY VIEW

CREATE VIEW

DELETE ANY TABLE

DELETE (any table)

EXECUTE ANY PROCEDURE

EXECUTE (any procedure)

INSERT ANY TABLE

INSERT (any table)

SELECT ANY SEQUENCE

SELECT (any sequence)

SELECT ANY TABLE

SELECT (any table, view or materialized view)

UPDATE ANY TABLE

UPDATE (any table)

Cache group privileges have a separate hierarchy except that ADMIN confers the CACHE_MANAGER privilege.

The CACHE_MANAGER privilege confers these privileges:

  • CREATE ANY CACHE GROUP

  • ALTER ANY CACHE GROUP

  • DROP ANY CACHE GROUP

  • FLUSH ANY CACHE GROUP

  • LOAD ANY CACHE GROUP

  • UNLOAD ANY CACHE GROUP

  • REFRESH ANY CACHE GROUP

  • FLUSH (object)

  • LOAD (object)

  • UNLOAD (object)

  • REFRESH (object)

The CACHE_MANAGER privilege also includes the ability to start and stop the cache agent and the replication agent.

CREATE ANY CACHE GROUP confers the CREATE CACHE GROUP privilege for any cache group.