Note
This view is available starting with V4.1.0.
Purpose
This view displays the access control policies for all tables or views in the current tenant. Multiple policies can be created for a single table.
Columns
| Column | Type | Nullable | Description |
|---|---|---|---|
| OBJECT_OWNER | VARCHAR2(128) | YES | The owner of the object controlled by the policy. |
| OBJECT_NAME | VARCHAR2(128) | YES | The name of the object controlled by the policy. |
| POLICY_GROUP | VARCHAR2(128) | NO | The name of the policy group. |
| POLICY_NAME | VARCHAR2(128) | NO | The name of the policy. |
| PF_OWNER | VARCHAR2(128) | NO | The owner of the policy function. |
| PACKAGE | VARCHAR2(128) | NO | The name of the package containing the policy function. |
| FUNCTION | VARCHAR2(128) | NO | The name of the policy function. |
| SEL | VARCHAR2(3) | NO | Indicates whether the Select operation on the object is affected: YES or NO. |
| INS | VARCHAR2(3) | NO | Indicates whether the Insert operation on the object is affected: YES or NO. |
| UPD | VARCHAR2(3) | NO | Indicates whether the Update operation on the object is affected: YES or NO. |
| DEL | VARCHAR2(3) | NO | Indicates whether the Delete operation on the object is affected: YES or NO. |
| IDX | VARCHAR2(3) | NO | Indicates whether the Index operation on the object is affected: YES or NO. |
| CHK_OPTION | VARCHAR2(3) | NO | Indicates whether the values are checked during Insert or Update operations: YES or NO. |
| ENABLE | VARCHAR2(3) | NO | Indicates whether the policy is enabled: YES or NO. |
| STATIC_POLICY | VARCHAR2(3) | NO | Indicates whether the policy is static: YES or NO. |
| POLICY_TYPE | VARCHAR2(24) | NO | The type of the policy:
|
| LONG_PREDICATE | VARCHAR2(3) | NO | Indicates whether the predicate returned by the policy function exceeds 4000. |
| COMMON | VARCHAR2(3) | NO | Reserved for compatibility. The value is fixed to NO. |
| INHERITED | VARCHAR2(3) | NO | Reserved for compatibility. The value is fixed to NO. |
Sample query
Query the access control policies for all tables or views in the current tenant.
obclient [SYS]> SELECT * FROM SYS.DBA_POLICIES;
The query result is as follows:
+--------------+----------------+--------------+----------------+----------+---------+----------------------+------+------+------+------+------+------------+--------+---------------+-------------+----------------+--------+-----------+
| OBJECT_OWNER | OBJECT_NAME | POLICY_GROUP | POLICY_NAME | PF_OWNER | PACKAGE | FUNCTION | SEL | INS | UPD | DEL | IDX | CHK_OPTION | ENABLE | STATIC_POLICY | POLICY_TYPE | LONG_PREDICATE | COMMON | INHERITED |
+--------------+----------------+--------------+----------------+----------+---------+----------------------+------+------+------+------+------+------------+--------+---------------+-------------+----------------+--------+-----------+
| SYS | EMP | SYS_DEFAULT | SAL_POLICY | SYS | NULL | F_POLICY | YES | NO | YES | NO | NO | NO | YES | NO | DYNAMIC | NO | NO | NO |
| SYS | V_SALES_SECURE | GROUP_SALES | POLICY_REGION | SYS | NULL | POLICY_GROUP_FUNC | YES | NO | YES | NO | NO | YES | YES | NO | DYNAMIC | NO | NO | NO |
| SYS | V_SALES_SECURE | GROUP_SALES | POLICY_DEPT | SYS | NULL | POLICY_GROUP_FUNC | YES | NO | NO | NO | NO | NO | YES | NO | DYNAMIC | NO | NO | NO |
| SYS | V_ORDERS_CTX | GROUP_REGION | POLICY_DYNAMIC | SYS | NULL | POLICY_SELECTOR_FUNC | YES | NO | YES | NO | NO | YES | YES | NO | DYNAMIC | NO | NO | NO |
+--------------+----------------+--------------+----------------+----------+---------+----------------------+------+------+------+------+------+------------+--------+---------------+-------------+----------------+--------+-----------+
4 rows in set
References
Query the access control policies for all tables or views accessible to the current user: ALL_POLICIES
Query the access control policies for tables or views owned by the current user: USER_POLICIES