Note
This view is available starting with V4.1.0.
Purpose
This view displays the access control policies that are owned by the current user. You can create multiple policies for a table when you want to control access to the table.
Columns
| Column | Type | Nullable | Description |
|---|---|---|---|
| OBJECT_OWNER | VARCHAR2(128) | YES | The owner of the object that is controlled by the policy. |
| OBJECT_NAME | VARCHAR2(128) | NO | The name of the object that is controlled by the policy. |
| POLICY_GROUP | VARCHAR2(128) | NO | The name of the policy group. |
| POLICY_NAME | VARCHAR2(128) | NO | The name of the policy. |
| PF_OWNER | VARCHAR2(128) | NO | The owner of the policy function. |
| PACKAGE | VARCHAR2(128) | NO | The name of the package to which the policy function belongs. |
| FUNCTION | VARCHAR2(128) | NO | The name of the policy function. |
| SEL | VARCHAR2(3) | NO | YES or NO. Indicates whether the Select operation is affected by the policy. |
| INS | VARCHAR2(3) | NO | YES or NO. Indicates whether the Insert operation is affected by the policy. |
| UPD | VARCHAR2(3) | NO | YES or NO. Indicates whether the Update operation is affected by the policy. |
| DEL | VARCHAR2(3) | NO | YES or NO. Indicates whether the Delete operation is affected by the policy. |
| IDX | VARCHAR2(3) | NO | YES or NO. Indicates whether the Index operation is affected by the policy. |
| CHK_OPTION | VARCHAR2(3) | NO | YES or NO. Indicates whether the values are checked during the Insert or Update operation. |
| ENABLE | VARCHAR2(3) | NO | YES or NO. Indicates whether the policy is enabled. |
| STATIC_POLICY | VARCHAR2(3) | NO | YES or NO. Indicates whether the policy is static. |
| POLICY_TYPE | VARCHAR2(24) | NO | The type of the policy. Valid values:
|
| LONG_PREDICATE | VARCHAR2(3) | NO | YES or NO. Indicates whether the predicate returned by the policy function exceeds 4000 characters. |
| COMMON | VARCHAR2(3) | NO | This column is reserved for compatibility. The value is always NO. |
| INHERITED | VARCHAR2(3) | NO | This column is reserved for compatibility. The value is always NO. |
Sample query
Query the access control policies that are owned by the current user.
obclient [SYS]> SELECT * FROM SYS.USER_POLICIES;
The return result is as follows:
+----------------+--------------+----------------+----------+---------+----------------------+------+------+------+------+------+------------+--------+---------------+-------------+----------------+--------+-----------+
| OBJECT_NAME | POLICY_GROUP | POLICY_NAME | PF_OWNER | PACKAGE | FUNCTION | SEL | INS | UPD | DEL | IDX | CHK_OPTION | ENABLE | STATIC_POLICY | POLICY_TYPE | LONG_PREDICATE | COMMON | INHERITED |
+----------------+--------------+----------------+----------+---------+----------------------+------+------+------+------+------+------------+--------+---------------+-------------+----------------+--------+-----------+
| EMP | SYS_DEFAULT | SAL_POLICY | SYS | NULL | F_POLICY | YES | NO | YES | NO | NO | NO | YES | NO | DYNAMIC | NO | NO | NO |
| V_SALES_SECURE | GROUP_SALES | POLICY_REGION | SYS | NULL | POLICY_GROUP_FUNC | YES | NO | YES | NO | NO | YES | YES | NO | DYNAMIC | NO | NO | NO |
| V_SALES_SECURE | GROUP_SALES | POLICY_DEPT | SYS | NULL | POLICY_GROUP_FUNC | YES | NO | NO | NO | NO | NO | YES | NO | DYNAMIC | NO | NO | NO |
| V_ORDERS_CTX | GROUP_REGION | POLICY_DYNAMIC | SYS | NULL | POLICY_SELECTOR_FUNC | YES | NO | YES | NO | NO | YES | YES | NO | DYNAMIC | NO | NO | NO |
+----------------+--------------+----------------+----------+---------+----------------------+------+------+------+------+------+------------+--------+---------------+-------------+----------------+--------+-----------+
4 rows in set
References
Query the access control policies that are accessible to the current user: ALL_POLICIES
Query all access control policies in the current tenant: DBA_POLICIES