I have an Oracle database, which is written to by the user OWNER. The database is created with liquibase, and the DATABASECHANGELOG and DATABASECHANGELOGLOCK tables reside in the OWNER schema. So far, so good.
Now i'd like to create a read only user, READER. READER needs read access to the table OWNER.PERSON, but nothing else. Here's what i've done so far:
As database admin:
Then as OWNER:
and finally, as READER:
Now READER can connect to the database and
I'd like to liquify this. So in owner.xml i say:
This works without a hitch. Next, i add the synonym definitions:
Next i set --liquibaseSchemaName and --liquibaseCatalogName in the call:
The result is surprising: liquibase tries to locate the tables in the correct schema, fails to notice they are already there, and tries to create them:
and this fails because of insufficient privileges, because READER doesn't have create table permission.