Privilege Hierarchy

Some privileges confer other privileges. For example, ADMIN privilege confers all other privileges. The CREATE ANY TABLE system privilege confers the CREATE TABLE object privilege. Table 7-3 shows the privilege hierarchy.

Table 7-3 Privilege hierarchy

Privilege	Confers these privileges
`ADMIN`	All other privileges including `CACHE_MANAGER`
`CREATE ANY INDEX`	`INDEX` (any table or materialized view)
`CREATE ANY MATERIALIZED VIEW`	`CREATE MATERIALIZED VIEW`
`CREATE ANY PROCEDURE`	`CREATE PROCEDURE`
`CREATE ANY SEQUENCE`	`CREATE SEQUENCE`
`CREATE ANY SYNONYM`	`CREATE SYNONYM`
`CREATE ANY TABLE`	`CREATE TABLE`
`CREATE ANY VIEW`	`CREATE VIEW`
`DELETE ANY TABLE`	`DELETE` (any table)
`EXECUTE ANY PROCEDURE`	`EXECUTE` (any procedure)
`INSERT ANY TABLE`	`INSERT` (any table)
`SELECT ANY SEQUENCE`	`SELECT` (any sequence)
`SELECT ANY TABLE`	`SELECT` (any table, view or materialized view)
`UPDATE ANY TABLE`	`UPDATE` (any table)

Cache group privileges have a separate hierarchy except that ADMIN confers the CACHE_MANAGER privilege.

The CACHE_MANAGER privilege confers these privileges:

CREATE ANY CACHE GROUP
ALTER ANY CACHE GROUP
DROP ANY CACHE GROUP
FLUSH ANY CACHE GROUP
LOAD ANY CACHE GROUP
UNLOAD ANY CACHE GROUP
REFRESH ANY CACHE GROUP
FLUSH (object)
LOAD (object)
UNLOAD (object)
REFRESH (object)

The CACHE_MANAGER privilege also includes the ability to start and stop the cache agent and the replication agent.

CREATE ANY CACHE GROUP confers the CREATE CACHE GROUP privilege for any cache group.