The last tab in the role definition screen concerns Package Privileges. These allow a given user to access those objects in a package.

In our example, the package is called book, so if we add the book package to our role in the Package Privileges tab, we will see the following result:

Assigning package privileges is similar to assigning SQL privileges we saw earlier. We first add the required object (here our book package), then we need to indicate exactly which rights we give to the role. As we can see in the preceding screenshot, we have a series of checkboxes on the right-hand side of the window. At least one of these checkboxes must be checked in order to save the role.

The individual rights have names which are fairly self-explanatory. REPO.READ gives access to read the package, whereas REPO.EDIT_NATIVE_OBJECTS allows modification of objects, for example.

The role we are creating is destined for an end user who will need to see the data in a role, but should not need...