-- ============================================================================ -- PUBLIC GRANTS FOR ROA APPLICATION -- ============================================================================ -- Grants necessary permissions on CONTAFIN_ORACLE objects to PUBLIC -- and configures network ACLs for CONTAFIN_ORACLE -- -- Usage: -- @grants-public.sql -- -- Connect as: SYSTEM or SYS as SYSDBA -- Must run AFTER: -- 1. CONTAFIN_ORACLE schema objects are imported -- 2. synonyms-public.sql has been executed -- ============================================================================ SET ECHO OFF SET FEEDBACK ON SET SERVEROUTPUT ON WHENEVER SQLERROR CONTINUE PROMPT PROMPT ======================================== PROMPT Granting Permissions to PUBLIC PROMPT ======================================== PROMPT -- ============================================================================ -- SECTION 1: GRANTS ON CORE USER/PROGRAM TABLES -- ============================================================================ PROMPT [1/9] Granting SELECT/REFERENCES on core tables... -- DEF_GRUP GRANT SELECT ON SYN_DEF_GRUP TO PUBLIC; GRANT REFERENCES ON SYN_DEF_GRUP TO PUBLIC; -- DEF_PROGRAME GRANT SELECT ON SYN_DEF_PROGRAME TO PUBLIC; GRANT REFERENCES ON SYN_DEF_PROGRAME TO PUBLIC; -- VDEF_PROGRAME GRANT SELECT ON SYN_VDEF_PROGRAME TO PUBLIC; GRANT REFERENCES ON SYN_VDEF_PROGRAME TO PUBLIC; -- LUNILEAN GRANT SELECT ON SYN_LUNILEAN TO PUBLIC; GRANT REFERENCES ON SYN_LUNILEAN TO PUBLIC; -- NOM_FIRME GRANT SELECT ON SYN_NOM_FIRME TO PUBLIC; GRANT REFERENCES ON SYN_NOM_FIRME TO PUBLIC; -- NOM_PROGRAME GRANT SELECT ON SYN_NOM_PROGRAME TO PUBLIC; GRANT REFERENCES ON SYN_NOM_PROGRAME TO PUBLIC; -- UTILIZATORI GRANT SELECT ON SYN_UTILIZATORI TO PUBLIC; GRANT REFERENCES ON SYN_UTILIZATORI TO PUBLIC; -- VDEF_UTIL_PROGRAME GRANT SELECT ON SYN_VDEF_UTIL_PROGRAME TO PUBLIC; -- VDEF_UTIL_FIRME GRANT SELECT ON SYN_VDEF_UTIL_FIRME TO PUBLIC; GRANT REFERENCES ON SYN_VDEF_UTIL_FIRME TO PUBLIC; -- VDEF_UTIL_OBIECTE GRANT SELECT ON SYN_VDEF_UTIL_OBIECTE TO PUBLIC; GRANT REFERENCES ON SYN_VDEF_UTIL_OBIECTE TO PUBLIC; -- VUTILIZATORI GRANT SELECT ON SYN_VUTILIZATORI TO PUBLIC; GRANT REFERENCES ON SYN_VUTILIZATORI TO PUBLIC; -- VDEF_UTIL_GRUP GRANT SELECT ON SYN_VDEF_UTIL_GRUP TO PUBLIC; GRANT REFERENCES ON SYN_VDEF_UTIL_GRUP TO PUBLIC; -- DEF_GRUP_DREPT GRANT SELECT ON SYN_DEF_GRUP_DREPT TO PUBLIC; GRANT REFERENCES ON SYN_DEF_GRUP_DREPT TO PUBLIC; -- OPTIUNI_PROGRAME GRANT SELECT ON SYN_OPTIUNI_PROGRAME TO PUBLIC; -- HELPCONT GRANT SELECT ON SYN_HELPCONT TO PUBLIC; -- V_NOM_FIRME GRANT SELECT ON SYN_V_NOM_FIRME TO PUBLIC; -- ============================================================================ -- SECTION 2: GRANTS ON UTILITY TYPES AND FUNCTIONS -- ============================================================================ PROMPT [2/9] Granting EXECUTE on utility types/functions... GRANT EXECUTE ON STRINGAGG TO PUBLIC; GRANT EXECUTE ON CONTAFIN_ORACLE.STRINGAGGTYPE TO PUBLIC; GRANT EXECUTE ON CHAR_ROW TO PUBLIC; GRANT EXECUTE ON CHAR_TAB TO PUBLIC; GRANT EXECUTE ON NUM_ROW TO PUBLIC; GRANT EXECUTE ON NUM_TAB TO PUBLIC; GRANT EXECUTE ON UW_SEL_ROW TO PUBLIC; GRANT EXECUTE ON UW_SEL_TAB TO PUBLIC; GRANT EXECUTE ON VALOARETAG TO PUBLIC; GRANT EXECUTE ON GETWORDCOUNT TO PUBLIC; GRANT EXECUTE ON GETWORDNUM TO PUBLIC; GRANT EXECUTE ON CHARC2COLLECTION TO PUBLIC; GRANT EXECUTE ON CHARN2COLLECTION TO PUBLIC; -- ============================================================================ -- SECTION 3: GRANTS ON NOMENCLATURE TABLES -- ============================================================================ PROMPT [3/9] Granting SELECT/REFERENCES on nomenclature tables... -- Legal forms GRANT SELECT ON SYN_NOM_FORME_JURIDICE TO PUBLIC; GRANT REFERENCES ON SYN_NOM_FORME_JURIDICE TO PUBLIC; GRANT SELECT ON SYN_NOM_FORME_ORGANIZARE TO PUBLIC; GRANT REFERENCES ON SYN_NOM_FORME_ORGANIZARE TO PUBLIC; GRANT SELECT ON SYN_NOM_TIP_SOCIETATE TO PUBLIC; GRANT REFERENCES ON SYN_NOM_TIP_SOCIETATE TO PUBLIC; GRANT SELECT ON SYN_NOM_FORME_PROPRIETATE TO PUBLIC; GRANT REFERENCES ON SYN_NOM_FORME_PROPRIETATE TO PUBLIC; -- Geography GRANT SELECT ON SYN_NOM_CETATENII TO PUBLIC; GRANT REFERENCES ON SYN_NOM_CETATENII TO PUBLIC; GRANT SELECT ON SYN_NOM_TARI TO PUBLIC; GRANT REFERENCES ON SYN_NOM_TARI TO PUBLIC; GRANT SELECT ON SYN_NOM_JUDETE TO PUBLIC; GRANT REFERENCES ON SYN_NOM_JUDETE TO PUBLIC; GRANT SELECT ON SYN_NOM_LOCALITATI TO PUBLIC; GRANT REFERENCES ON SYN_NOM_LOCALITATI TO PUBLIC; GRANT SELECT ON SYN_VNOM_JUDETE TO PUBLIC; GRANT SELECT ON SYN_VNOM_LOCALITATI TO PUBLIC; GRANT SELECT ON SYN_VNOM_TARI TO PUBLIC; GRANT SELECT ON SYN_NOM_CODURI_CAEN TO PUBLIC; GRANT REFERENCES ON SYN_NOM_CODURI_CAEN TO PUBLIC; GRANT SELECT ON SYN_NOM_TIPAPATRID TO PUBLIC; GRANT REFERENCES ON SYN_NOM_TIPAPATRID TO PUBLIC; -- ============================================================================ -- SECTION 4: GRANTS ON CURRENCY/EXCHANGE TABLES -- ============================================================================ PROMPT [4/9] Granting SELECT/REFERENCES on currency tables... GRANT SELECT ON SYN_VNOM_VALUTE_ISO TO PUBLIC; GRANT SELECT ON SYN_NOM_VALUTE_ISO TO PUBLIC; GRANT REFERENCES ON SYN_NOM_VALUTE_ISO TO PUBLIC; GRANT SELECT ON SYN_CURS_COTATII TO PUBLIC; GRANT REFERENCES ON SYN_CURS_COTATII TO PUBLIC; GRANT SELECT ON SYN_CURS_ACTUALIZARI TO PUBLIC; GRANT REFERENCES ON SYN_CURS_ACTUALIZARI TO PUBLIC; GRANT SELECT, REFERENCES ON SYN_VNOM_UM_ISO TO PUBLIC; GRANT SELECT, REFERENCES ON CONTAFIN_ORACLE.NOM_UM_ISO TO PUBLIC; -- ============================================================================ -- SECTION 5: GRANTS ON SALARY MODULE TABLES AND TYPES -- ============================================================================ PROMPT [5/9] Granting permissions on salary module objects... -- Nomenclature tables GRANT SELECT ON SYN_SAL_NOM_TEMEI TO PUBLIC; GRANT REFERENCES ON SYN_SAL_NOM_TEMEI TO PUBLIC; GRANT SELECT ON SYN_SAL_NOM_TIPAUTORIZATIE TO PUBLIC; GRANT REFERENCES ON SYN_SAL_NOM_TIPAUTORIZATIE TO PUBLIC; GRANT SELECT ON SYN_SAL_NOM_TIP_SPOR TO PUBLIC; GRANT REFERENCES ON SYN_SAL_NOM_TIP_SPOR TO PUBLIC; GRANT SELECT ON SYN_SAL_NOM_TIP_NORME TO PUBLIC; GRANT REFERENCES ON SYN_SAL_NOM_TIP_NORME TO PUBLIC; GRANT SELECT ON SYN_SAL_NOM_STARI_CTR TO PUBLIC; GRANT REFERENCES ON SYN_SAL_NOM_STARI_CTR TO PUBLIC; GRANT SELECT ON SYN_SAL_NOM_DURATA_MUNCA TO PUBLIC; GRANT REFERENCES ON SYN_SAL_NOM_DURATA_MUNCA TO PUBLIC; GRANT SELECT ON SYN_SAL_NOM_REPARTIZARE_MUNCA TO PUBLIC; GRANT REFERENCES ON SYN_SAL_NOM_REPARTIZARE_MUNCA TO PUBLIC; GRANT SELECT ON SYN_SAL_NOM_INTERVALE_MUNCA TO PUBLIC; GRANT REFERENCES ON SYN_SAL_NOM_INTERVALE_MUNCA TO PUBLIC; GRANT SELECT ON SYN_SAL_COR TO PUBLIC; GRANT REFERENCES ON SYN_SAL_COR TO PUBLIC; GRANT SELECT ON SYN_SAL_ACTUALIZARE_COR TO PUBLIC; GRANT REFERENCES ON SYN_SAL_ACTUALIZARE_COR TO PUBLIC; -- Salary types GRANT EXECUTE ON CONTAFIN_ORACLE.SAL_CONTRACT_M TO PUBLIC; GRANT EXECUTE ON CONTAFIN_ORACLE.CONTRACT_M TO PUBLIC; GRANT EXECUTE ON SAL_CONTRACT_M TO PUBLIC; GRANT EXECUTE ON CONTRACT_M TO PUBLIC; GRANT EXECUTE ON SAL_RED TO PUBLIC; GRANT EXECUTE ON SAL_CAMPURI_RED TO PUBLIC; GRANT EXECUTE ON TABSTERS TO PUBLIC; GRANT EXECUTE ON SAL_TABELESTERS TO PUBLIC; -- ============================================================================ -- SECTION 6: GRANTS ON ATTACHMENT TABLES -- ============================================================================ PROMPT [6/9] Granting permissions on attachment tables... GRANT SELECT ON SYN_ATAS_ATASAMENTE TO PUBLIC; GRANT REFERENCES ON SYN_ATAS_ATASAMENTE TO PUBLIC; GRANT SELECT ON SYN_ATAS_REFERINTE TO PUBLIC; GRANT REFERENCES ON SYN_ATAS_REFERINTE TO PUBLIC; -- ============================================================================ -- SECTION 7: GRANTS ON PACKAGES AND ADDITIONAL TYPES -- ============================================================================ PROMPT [7/9] Granting EXECUTE on packages and types... -- Packages GRANT EXECUTE ON SYN_PACK_DREPTURI TO PUBLIC; GRANT EXECUTE ON PACK_UPDATE TO PUBLIC; GRANT EXECUTE ON PACK_UTILS TO PUBLIC; GRANT EXECUTE ON PACK_UTILS_FILE TO PUBLIC; GRANT EXECUTE ON SYN_PACK_DEF_CO TO PUBLIC; GRANT EXECUTE ON PACK_ROARTVAI TO PUBLIC; -- Additional types GRANT EXECUTE ON FF_SUME TO PUBLIC; GRANT EXECUTE ON FF_PERSINTRET TO PUBLIC; GRANT EXECUTE ON VANZARI_DETALII_TAB TO PUBLIC; GRANT EXECUTE ON PIVOT_TABLE TO PUBLIC; GRANT EXECUTE ON PIVOT_ROW TO PUBLIC; GRANT EXECUTE ON TABINCHIDERETVA TO PUBLIC; GRANT EXECUTE ON TABELAVALORITAGURI TO PUBLIC; GRANT EXECUTE ON RANDINCHIDERETVA TO PUBLIC; -- SERVER_INFO table GRANT SELECT, UPDATE ON SERVER_INFO TO PUBLIC; -- RTVAI module GRANT SELECT ON RTVAI_AGENTI TO PUBLIC; GRANT SELECT ON RTVAI_ISTORIC TO PUBLIC; -- License view synonym GRANT SELECT ON CONTAFIN_ORACLE.VDEF_PROGRAME_SERII TO CONTAFIN_ORACLE; -- ============================================================================ -- SECTION 8: DIRECTORY AND SYSTEM GRANTS -- ============================================================================ PROMPT [8/9] Granting directory and system permissions... -- Create DMPDIR directory if it doesn't exist (adjust path as needed) BEGIN EXECUTE IMMEDIATE 'CREATE OR REPLACE DIRECTORY DMPDIR AS ''D:\Oracle\admin\ORCL\dpdump'''; EXCEPTION WHEN OTHERS THEN DBMS_OUTPUT.PUT_LINE('Note: DMPDIR directory may already exist or path needs adjustment'); END; / -- Grant directory access GRANT ALL ON DIRECTORY DMPDIR TO PUBLIC; -- Grant UTL packages to PUBLIC GRANT EXECUTE ON UTL_FILE TO PUBLIC; GRANT EXECUTE ON DBMS_LOCK TO PUBLIC; -- Grant UTL packages to CONTAFIN_ORACLE specifically GRANT EXECUTE ON UTL_INADDR TO CONTAFIN_ORACLE; GRANT EXECUTE ON UTL_TCP TO CONTAFIN_ORACLE; GRANT EXECUTE ON UTL_SMTP TO CONTAFIN_ORACLE; GRANT EXECUTE ON UTL_HTTP TO CONTAFIN_ORACLE; -- UTL_MAIL may not exist in all Oracle editions BEGIN EXECUTE IMMEDIATE 'GRANT EXECUTE ON UTL_MAIL TO CONTAFIN_ORACLE'; EXCEPTION WHEN OTHERS THEN DBMS_OUTPUT.PUT_LINE('Note: UTL_MAIL not available (requires configuration)'); END; / -- ============================================================================ -- SECTION 9: NETWORK ACL CONFIGURATION -- ============================================================================ PROMPT [9/9] Configuring Network ACL for CONTAFIN_ORACLE... -- Drop existing ACL (if exists) BEGIN DBMS_NETWORK_ACL_ADMIN.DROP_ACL(acl => 'roaupdate.xml'); DBMS_OUTPUT.PUT_LINE('Dropped existing roaupdate.xml ACL'); EXCEPTION WHEN OTHERS THEN DBMS_OUTPUT.PUT_LINE('Note: roaupdate.xml ACL did not exist (this is OK)'); END; / -- Create new ACL with permissions for CONTAFIN_ORACLE BEGIN DBMS_NETWORK_ACL_ADMIN.CREATE_ACL( acl => 'roaupdate.xml', description => 'Permissions for ROA application network access', principal => 'CONTAFIN_ORACLE', is_grant => TRUE, privilege => 'connect' ); DBMS_NETWORK_ACL_ADMIN.ADD_PRIVILEGE( acl => 'roaupdate.xml', principal => 'CONTAFIN_ORACLE', is_grant => TRUE, privilege => 'resolve' ); -- Allow all hosts (use specific hosts in production) DBMS_NETWORK_ACL_ADMIN.ASSIGN_ACL( acl => 'roaupdate.xml', host => '*' ); DBMS_OUTPUT.PUT_LINE('Network ACL created successfully for CONTAFIN_ORACLE'); END; / COMMIT; -- ============================================================================ -- VERIFICATION -- ============================================================================ PROMPT PROMPT ======================================== PROMPT Grants Complete - Verification PROMPT ======================================== PROMPT PROMPT Grants to PUBLIC on CONTAFIN_ORACLE objects: SELECT grantee, table_name, privilege FROM dba_tab_privs WHERE grantee = 'PUBLIC' AND grantor = 'SYS' AND table_name LIKE 'SYN_%' ORDER BY table_name, privilege; PROMPT PROMPT Network ACL assignments for CONTAFIN_ORACLE: SELECT host, lower_port, upper_port, acl FROM dba_network_acls WHERE acl LIKE '%roaupdate%'; PROMPT PROMPT ACL privileges: SELECT acl, principal, privilege, is_grant FROM dba_network_acl_privileges WHERE acl LIKE '%roaupdate%'; PROMPT PROMPT Directory permissions: SELECT grantee, table_name, privilege FROM dba_tab_privs WHERE table_name = 'DMPDIR'; PROMPT PROMPT ======================================== PROMPT Grant Configuration Complete PROMPT ======================================== PROMPT