Importing the AGLBASERELEASE.DMP file to set up the Oracle Server creates an Oracle schema owner with following default privileges. This will help you finalize the privileges for additional schema user that you might create to perform routine tasks.
| Privilege | Description |
|---|---|
| ALTER USER <schemaowner> QUOTA UNLIMITED ON agldata; | Sets unlimited quota on the agldata tablespace. |
| ALTER USER <schemaowner> QUOTA UNLIMITED ON aglindex; | Sets unlimited quota on the aglindex tablespace. |
| GRANT CREATE SESSION TO <schemaowner>; | Allows connecting the database to create a user session. |
| GRANT CREATE TABLE TO <schemaowner>; | Allows creating tables in the database. |
| GRANT CREATE TRIGGER TO <schemaowner>; | Allows creating triggers in the database. The aglt_alertrule_trg1 and aglt_incidentdetail_trg1 are the two table level triggers in the RiskVision. |
| GRANT CREATE VIEW TO <schemaowner>; | Allows creating views in the database. |
| GRANT CREATE SEQUENCE TO <schemaowner>; | Allows creating sequences in the database. The HIBERNATE_SEQUENCE is the only sequence available in the database. |
| GRANT CREATE PROCEDURE TO <schemaowner>; | Allows creating procedures in the database. |
| GRANT CREATE TYPE TO <schemaowner>; | Allows creating types in the database. This privilege is required to create user-defined aggregate functions. |
| GRANT QUERY REWRITE TO <schemaowner>; | Enables with query rewrite. Oracle database offers an extremely powerful process called query rewrite to quickly answer a query using the materialized views. However, using query rewrite requires permissions to create materialized views and to enable the query rewrite. |
| GRANT READ, WRITE ON DIRECTORY <directory_name> TO <schemaowner> ; | Assigns READ/WRITE permission on directories. For example, import and export schema on the data pump directory. |
You may want to assign the SELECT ANY DICTIONARY privilege to Oracle Schema users. This provides additional debug options and allows users to query other schemas that are not relevant to their job function. However, users can to perform their jobs efficiently without the SELECT ANY DICTIONARY privilege, so provide only the necessary privileges to Oracle Schema users and to secure the database.
