Hello,

I am trying to create a materialized view that is governed by a label
security policy. Here is a summary of the issue:

1. I created a materialized view under sgadmin schema. The table
references a table under the sgapp schema.

2. The table in the sgapp schema has a label policy applied to it with
an unhidden labelcol which stores the label value

3. The sgadmin schema has full rights to the entire table.

4. After creating the materialized view, I applied the same label
policy to the materialized view as was applied to the master table.

5. This works and when sgapp schema queries the sgadmin materialized
view, only the data corresponding to the current label setting is
show.

6. However, when I try to issue an update statement on the master
table, I get ORA-30372.

Does anyone know what this is all about? Thanks a lot for your help.

Sal

On May 8, 3:07 pm, Sal <salmansyed2@gmail.com> wrote:

30372, 00000, "fine grain access policy conflicts with materialized
view"
// *Cause:  A fine grain access control procedure has applied a non-
null policy
//          to the query for the materialized view.
//
// *Action: In order for the materialized view to work correctly, any
fine
//          grain access control procedure in effect for the query
must
//          return a null policy when the materialized view is being
//          created or refreshed.  This may be done by ensuring that
the
//          usernames for the creator, owner, and invoker of refresh
//          procedures for the materialized view all receive a null
policy
//          by the user-written fine grain access control procedures.

In other words, refreshing the materialized view is outside the policy
and requires a more global viewpoint.  This is supposed to be
explained in the application developers guide, but do they?

jg
--
@home.com is bogus.
"'Tonight we eat Chinese!' mother exclaimed.  But we never did.
Mother was funny that way." - Congress of Wonders