I have created a package and defined a type for collections as follows:
create or replace package <schema>.<package> as
-------------------------------------
type <type> is table of <something>;
-------------------------------------
...
function <func>(
...
<param> in <type>,
...
)
return pls_integer;
...
I have a user that has to call this function but can't because apparently they don't have the permission to execute type
collection. I could solve it by
GRANT EXECUTE ANY TYPE TO <user>;
but I am bound by security protocols that says no user has to have access to any data, schema, blueprint or object unless they certainly have to. So I want to give the user explicit grant on specific type <type>
, but calling the following statement results in error:
GRANT EXECUTE TYPE ON <schema>.<package>.<type> to <user>;
Error report -
SQL Error: ORA-00990: missing or invalid privilege
00990. 00000 - "missing or invalid privilege"
*Cause:
*Action:
Best Answer
You need to grant
EXECUTE
on package itself. If security is your main concern you may create a new package that has just types, but you cannot specify that a given user can access only some objects defined in package specification - either all or none.