建立只讀帳號oracle

1.建立用戶，指定哪一個表空間
create user test2 identified by "123" default tablespace BDCDJ_XC temporary tablespace BDCDJ_XC_temp;

2.建立角色
CREATE ROLE SELECT_ROLE

3.給角色分配權限
grant connect to SELECT_ROLE;
grant create synonym to SELECT_ROLE;

4.分配某些表的select權限
如：
grant select on BDCDJ_XC.BDC_CF to SELECT_ROLE;

--能夠經過語句生成：
select 'grant select on '||owner||'.'||object_name||' to test2;'
from dba_objects
where owner in ('BDCDJ_XC') and object_type='TABLE'

5.建立同義詞給用戶
如：
create or replace SYNONYM test2.BDC_CF FOR BDCDJ_XC.BDC_CF;

--能夠經過語句生成全部表：
SELECT 'create or replace SYNONYM BDCDJ_XC.' || object_name|| ' FOR ' || owner || '.' || object_name|| ';'
from dba_objects
where owner in ('BDCDJ_XC') and object_type='TABLE';

 

6.把角色賦予指定帳戶
grant SELECT_ROLE to test2;

7.刪除角色
drop role SELECT_ROLE;

8.檢查角色的權限
select * from dba_sys_privs where grantee='SELECT_ROLE'
---------------------

這樣其餘人只有經過這個帳號登陸查詢，表名不列出來，表空間不列出來。
能夠建立database_link可是查詢時報「表或視圖不存在」
create database link to_bdcxc
connect to test2 identified by "123"
using '(DESCRIPTION = (ADDRESS_LIST = (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.xx.xxx)
(PORT = 1521)) ) (CONNECT_DATA = (SERVICE_NAME = orcl) ))'

select* from bdc_cf@to_bdcxc;

 

也就沒法經過create table ..select複製數據庫。
create table bdc_cf as select * from bdc_cf@to_bdcxc;

這樣辦法可行否，給個意見。