Oracle DBMS_PRIV_CAPTURE
Version 26ai

General Information
Library Note Morgan's Library Page Header
The best Oracle News for FY2026

Oracle Database 26ai will be available on generic Linux platforms in January and soon on AIX and Windows
Purpose Capture privileges used in Oracle defined PL/SQL packages.

The purpose of this project, #32973, is to capture privileges used for an operation. Privileges checked in the kernel(e.g, through KZP layer) have been collected. However, many Oracle defined PL/SQL packages query privilege related dictionary tables/views(for example, session_privs, session_roles, sysauth$, objauth$, etc.) to check whether a user has a given privilege. For such cases, APIs in this package have been used to replace original check. For queries that cannot be replaced, privileges are collected directly by calling dbms_priv_capture.capture_privilege_use.
AUTHID CURRENT_USER
Dependencies SELECT name FROM dba_dependencies WHERE referenced_name = 'DBMS_PRIV_CAPTURE' UNION
SELECT referenced_name FROM dba_dependencies WHERE name = 'DBMS_PRIV_CAPTURE' ORDER BY 1;

Returns 61 objects
Documented No
First Available 12.1
Security Model Owned by SYS with EXECUTE granted to CTXSYS, LBACSYS, MDSYS, and XDB
Source {ORACLE_HOME}/rdbms/admin/catprofp.sql
Subprograms
CAPTURE_PRIVILEGE_USE SES_HAS_ROLE_PRIV SES_HAS_SYS_PRIV
SES_HAS_OBJ_PRIV SES_HAS_SCH_PRIV  
 
CAPTURE_PRIVILEGE_USE
Capture a privilege usage, if a privilege capture condition is met. This procedure is called when a privilege is used in PL/SQL or JAVA.

Overload 1		 dbms_priv_capture.capture_privilege_use(
userid     IN NUMBER,
syspriv    IN NUMBER         DEFAULT NULL,
role       IN VARCHAR2       DEFAULT NULL,
objpriv    IN NUMBER         DEFAULT NULL,
obj        IN NUMBER         DEFAULT NULL,
domain     IN role_array     DEFAULT NULL,
domain_str IN rolename_array DEFAULT NULL);
TBD
Overload 2 dbms_priv_capture.capture_privilege_use(
username   IN VARCHAR2,
syspriv    IN VARCHAR2       DEFAULT NULL,
role       IN VARCHAR2       DEFAULT NULL,
objpriv    IN VARCHAR2       DEFAULT NULL,
owner      IN VARCHAR2       DEFAULT NULL,
object     IN VARCHAR2       DEFAULT NULL,
domain     IN role_array     DEFAULT NULL,
domain_str IN rolename_array DEFAULT NULL);
TBD
 
SES_HAS_OBJ_PRIV
Checks whether the current user has a given object privilege dbms_priv_capture.ses_has_obj_priv(
objpriv  IN VARCHAR2,
objowner IN VARCHAR2,
objname  IN VARCHAR2,
nmspace  IN PLS_INTEGER DEFAULT 1)
RETURN BOOLEAN;
conn sys@pdbdev as sysdba

CREATE TABLE uwclass.test as select * from user_objects;

Table created.

BEGIN
  IF dbms_priv_capture.ses_has_obj_priv('SELECT', 'UWCLASS', 'TEST') THEN
    dbms_output.put_line('T');
  ELSE
    dbms_output.put_line('F');
  END IF;
END;
/
F

PL/SQL procedure successfully completed.

conn uwclass/uwclass@pdbdev

GRANT select ON uwclass.test TO sys;

Grant succeeded.

conn sys@pdbdev as sysdba

BEGIN
  IF dbms_priv_capture.ses_has_obj_priv('SELECT', 'UWCLASS', 'TEST') THEN
    dbms_output.put_line('T');
  ELSE
    dbms_output.put_line('F');
  END IF;
END;
/
T
 
SES_HAS_ROLE_PRIV
Determines whether the current user has a given role dbms_priv_capture.ses_has_role_priv(rolename IN VARCHAR2) RETURN PLS_INTEGER;
SELECT dbms_priv_capture.ses_has_role_priv('DBHADOOP');

DBMS_PRIV_CAPTURE.SES_HAS_ROLE_PRIV('DBHADOOP')
-----------------------------------------------
                                              0
 
SES_HAS_SCH_PRIV (new 23ai)
Determines whether the session user has been given a system privilege or a  schema privilege

Overload 1		 dbms_priv_capture.ses_has_sch_priv(
schpriv IN VARCHAR2,
ownerid IN NUMBER)
RETURN PLS_INTEGER;
TBD
Overload 2 dbms_priv_capture.ses_has_sch_priv(
schpriv   IN VARCHAR2,
ownername IN VARCHAR2)
RETURN PLS_INTEGER;
TBD
 
SES_HAS_SYS_PRIV
Determines whether the current user has a given system privilege dbms_priv_capture.ses_has_sys_priv(systempriv IN VARCHAR2) RETURN PLS_INTEGER;
SELECT dbms_priv_capture.ses_has_sys_priv('CREATE TABLE');

DBMS_PRIV_CAPTURE.SES_HAS_SYS_PRIV('CREATETABLE')
-------------------------------------------------
                                                1

Related Topics
Built-in Functions
Built-in Packages
Database Security
DBMS_PRIVILEGE_CAPTURE
Object Privileges
Profiles
Roles
Security
What's New In 21c
What's New In 26ai

Morgan's Library Page Footer
This site is maintained by Daniel Morgan. Last Updated: This site is protected by copyright and trademark laws under U.S. and International law. © 1998-2026 Daniel A. Morgan All Rights Reserved