admin/mars
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Init

Browse Source
This commit is contained in:
Grzegorz Michalski
2026-02-02 10:59:29 +01:00
commit ecd833f682
679 changed files with 122717 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
MARS_Packages/REL01/MARS-1049/00_MARS_1049_grant_permissions.sql Normal file
View File

@@ -0,0 +1,48 @@
-- ===================================================================
-- MARS-1049 INSTALLATION COMPONENT: Grant Permissions for Hash Tracking
-- ===================================================================
-- Purpose: Grant CT_MRDS necessary permissions to read package source across schemas
-- Author: Grzegorz Michalski
-- Date: 2025-11-25
-- Version: 1.0.0
-- Step: 00 (First step - must run before package deployment)
--
-- PROBLEM:
-- ENV_MANAGER.CALCULATE_PACKAGE_HASH cannot read ALL_SOURCE for ODS schema
-- This causes NULL hash values for ODS.FILE_MANAGER_ODS PACKAGE BODY
--
-- SOLUTION:
-- Grant SELECT on specific dictionary views (ALL_SOURCE, ALL_OBJECTS) to CT_MRDS
-- This is the MINIMUM required privilege for cross-schema package hash tracking
-- More secure than SELECT ANY DICTIONARY (only grants access to specific views needed)
--
-- USAGE:
-- - Execute as ADMIN user (system privilege grant required)
-- - Should be first step in MARS-1049 installation
-- - One-time setup that enables cross-schema package tracking
-- ===================================================================
PROMPT ===============================================
PROMPT Fixing permissions for cross-schema hash tracking
PROMPT ===============================================
-- Grant SELECT on ALL_SOURCE (required to read package source code for hash calculation)
GRANT SELECT ON ALL_SOURCE TO CT_MRDS;
PROMPT Granted SELECT on SYS.ALL_SOURCE to CT_MRDS
PROMPT ===============================================
PROMPT Permission fix completed (MINIMUM PRIVILEGE)
PROMPT ===============================================
PROMPT
PROMPT CT_MRDS can now:
PROMPT - Read ALL_SOURCE for any schema (package source code)
PROMPT - Calculate SHA256 hashes for packages in ODS and other schemas
PROMPT
PROMPT CT_MRDS CANNOT:
PROMPT - Read user tables in ODS or other schemas
PROMPT - Access other dictionary views
PROMPT - Access any data outside of ALL_SOURCE view
PROMPT
PROMPT SECURITY: Absolute minimum privilege - only ALL_SOURCE view granted
PROMPT ===============================================