AnsweredAssumed Answered

SDE FeatureClass Privilege Management with ArcObjects

Question asked by furier on Jul 4, 2013
Latest reply on Jul 16, 2013 by furier
I have searched through the ArcObjects 10 SDK API and googled my *** of, but haven't been able to find what I am looking for, so thats the reason for me posting this question.

Q1: How can I with ArcObjects list all Oracle privileges granted on SDE FeatureClasses to Roles?

The equivalent in normal Oracle would be something like this:

     SELECT dtp.PRIVILEGE,        dtp.grantable ADMIN,        dtp.grantee,        dtp.grantor,        dbo.owner,        dbo.object_type,        dbo.object_name,        dbo.status,        '' column_name   FROM ALL_TAB_PRIVS dtp, ALL_OBJECTS dbo  WHERE dtp.TABLE_SCHEMA = dbo.owner AND dtp.table_name = dbo.object_name        AND dbo.object_type IN ( 'TABLE', 'VIEW' ) UNION SELECT dcp.PRIVILEGE,        dcp.grantable ADMIN,        dcp.grantee,        dcp.grantor,        dbo.owner,        dbo.object_type,        dbo.object_name,        dbo.status,        dcp.column_name   FROM ALL_COL_PRIVS dcp, ALL_OBJECTS dbo  WHERE dcp.TABLE_SCHEMA = dbo.owner AND dcp.table_name = dbo.object_name        AND dbo.object_type IN ( 'TABLE', 'VIEW' )


The query would list out all object of the types in the list provided (in the example I have listed TABLE and VIEW) which privileges have been granted on them like SELECT, UPDATE etc... and to which Roles.

Now over to SDE FeatureClasses again, with that information at hand I would like to start and GRANT or REVOKE Privileges on the SDE FeatureClasses to/from Roles according to external configurations

Q2: How can I with ArcObjects GRANT or REVOKE Privileges like SELECT, UPDATE on SDE FeatureClasses to/from Roles?

The equivalent in normal Oracle would be something like this:

GRANT SELECT ON SCHEMA.TABLE TO SOME_ROLE; REVOKE SELECT ON SCHEMA.TABLE FROM SOME_ROLE;


I cant seem to find the interface to perform this task, and it may not exists?

My dream would be to have an Interface like this:

public interface IPrivilegeManager {     void Grant(string Privilege, string schemaOwnerName,                string featureClassName, string roleName);     void Revoke(string Privilege, string schemaOwnerName,                string featureClassName, string roleName); }

Outcomes