Skip to main content
Version: 1.320.x

Creating and Authorizing Roles

You can create custom roles in DbRunner and assign different privileges to each user on each project. Once these roles are defined, users will be able to perform operations within the defined permissions.

You can also create these roles within databases and grant object-based authorization. (This feature only works with Oracle databases.) For example, you can create an existing X role in the Oracle database and grant specific authorizations to this role on a table or object-by-table basis.

Creating a new role

To create a new role, go to the Role Management page under the Administrative heading and click the "+" button.

Adding users to roles

To authorize predefined roles, click Edit role on the Role Management page, then go to the "Members" tab and click the "Add user" button. The authorizations granted to this role will then be active for the user.

Creating and Authorizing Roles in the Database

You can also create the roles you created in dbRunner in the Oracle database and authorize them on an object-by-object basis. To do this, click the Permissions in Database tab after editing any role. If this role hasn't been created in the database before, you'll see a screen like the one below. Clicking the Active Feature button will automatically create this role in the database.

To create roles in the database, you need to have an authorized user defined in dbrunner that you can use to log in to the relevant database. If not, you can define your user on the Password Vault page.

After activating the feature, a screen like the one below will appear, where you can grant or revoke the role. As shown in the title, the role's name is DBRUNNER_ROLE_X. You can also view this role when you connect to the database.

Roles are created on a database basis! For example, if you create role A in a project connected to database X, this role must also be created in a project connected to database Y.

Bulk Granting a Role Permissions on All Databases

For example, if you want to grant the SUPER_USER_ROLE role INSERT permissions to the TEST table in all databases, you can do so in bulk. After clicking the role you want to grant permissions, click the "Use Grant/Revoke Wizard" button. In the window that opens, select the projects, select the permissions you want to grant to each object, and click the Submit button. Once the process is complete, the SUPER_USER_ROLE role will have INSERT permissions on the TEST table in all databases.

⚠️ This feature is only available for Oracle databases.

Assigning an existing role to users

You can assign roles you've created in DbRunner to users on a project-by-project basis. You can assign multiple roles to a user. In this case, the roles will be combined and assigned to the user. If they want to perform an action, and if this action is permitted within any given role, they will be able to perform it without any authorization issues.

To assign a role to a user for a project, you can edit the relevant project on the Project page and then grant authorization under the User Roles tab.

Removing an existing role

To remove an existing role, click "Edit role" on the Role Management page, then go to the Remove tab, click the relevant role, and then click the "Remove Role" button.