I'm using Oracle 11.2.0.2.0:
As user u1:
create table t(a int);
grant select on t to u2;
As user u2:
create view v as select * from u1.t;
create trigger tr instead of update on v for each row begin null; end;
update v set a = null;
Result of executing the update statement as u2:
Expected: 0 rows updated.
Actual: ORA-01031: insufficient privileges
Why does u2 get ORA-01031? It's not attempting to update data in t. What is my workaround? I don't want u2 to have update pivileges on t.
Thanks, Al
http://psoug.org/definition/authid.htm
Note that for an invoker rights routine referred to in a VIEW or TRIGGER, the owner of these objects is always considered to be the invoker, not the user triggering it.
Meaning if you use a trigger then the procedure will be called with current_user authid. The update trigger itself needs an update priv, because it examines update for table in user1.
For me this is a bug, cause in the end the instead of trigger of the view in schema of user2 has necessaryly nothing to do with the update priv of user1.