亚洲激情专区-91九色丨porny丨老师-久久久久久久女国产乱让韩-国产精品午夜小视频观看

溫馨提示×

溫馨提示×

您好,登錄后才能下訂單哦!

密碼登錄×
登錄注冊×
其他方式登錄
點擊 登錄注冊 即表示同意《億速云用戶服務條款》

Oracle中幾個常見的用于查權限的視圖

發布時間:2020-08-11 11:14:47 來源:ITPUB博客 閱讀:194 作者:xypincle 欄目:建站服務器
在Oracle中有很多用于查權限的視圖,但很多人在需要查權限時會很困惑,不知道該用哪個視圖去查,這里我列出幾個常見的用于查權限的視圖及其用法:
1. DBA_ROLE_PRIVS
Column Datatype NULL Description
GRANTEE VARCHAR2(30)   Name of the user or role receiving the grant
GRANTED_ROLE VARCHAR2(30) NOT NULL Granted role name
ADMIN_OPTION VARCHAR2(3)   Indicates whether the grant was with the ADMIN OPTION (YES) or not (NO)
DEFAULT_ROLE VARCHAR2(3)   Indicates whether the role is designated as a DEFAULT ROLE for the user (YES) or not (NO)
該視圖主要有以下2個作用:
1) 查某個user或role擁有哪些role:
select * from DBA_ROLE_PRIVS where GRANTEE='FIRGTRS';

GRANTEE                        GRANTED_ROLE                   ADM DEF
------------------------------ ------------------------------ --- ---
FIRGTRS                        GTRS_DMM_UPDATE_ROLE           NO  YES

2) 查看某個role賦給了哪些user或role:
select * from DBA_ROLE_PRIVS where GRANTED_ROLE='GTRS_DMM_UPDATE_ROLE';

GRANTEE                        GRANTED_ROLE                   ADM DEF
------------------------------ ------------------------------ --- ---
GTRSOSA                        GTRS_DMM_UPDATE_ROLE           NO  YES
FIRGTRS                        GTRS_DMM_UPDATE_ROLE           NO  YES
GTRSSUP                        GTRS_DMM_UPDATE_ROLE           NO  YES
SYSTEM                         GTRS_DMM_UPDATE_ROLE           YES YES

2. DBA_TAB_PRIVS
Column Datatype NULL Description
GRANTEE VARCHAR2(30) NOT NULL Name of the user to whom access was granted
OWNER VARCHAR2(30) NOT NULL Owner of the object
TABLE_NAME VARCHAR2(30) NOT NULL Name of the object. The object can be any object, including tables, packages, indexes, sequences, and so on.
GRANTOR VARCHAR2(30) NOT NULL Name of the user who performed the grant
PRIVILEGE VARCHAR2(40) NOT NULL Privilege on the object
GRANTABLE VARCHAR2(3)   Indicates whether the privilege was granted with the GRANT OPTION (YES) or not (NO)
HIERARCHY VARCHAR2(3)   Indicates whether the privilege was granted with the HIERARCHY OPTION (YES) or not (NO)
該視圖的名字包含‘TAB’,且其中有一個column叫TABLE_NAME容易造成誤解,其實該視圖是用于查詢在object上的權限,不僅僅table的權限。

select GRANTOR,GRANTEE,TABLE_NAME,PRIVILEGE from DBA_TAB_PRIVS where TABLE_NAME='PAYAGENT' order by GRANTEE;

GRANTOR         GRANTEE                                      TABLE_NAME                     PRIVILEGE
--------------- ------------------------------                            ------------------------------ ---------------
GTRS            DMM_ROLE                                        PAYAGENT                       INSERT
GTRS            DMM_ROLE                                        PAYAGENT                       UPDATE
GTRS            DMM_ROLE                                         PAYAGENT                       DELETE
GTRS            DMM_ROLE                                            PAYAGENT                       SELECT
GTRS            GTRS_DMM_READONLY_ROLE       PAYAGENT                       SELECT
GTRS            GTRS_DMM_UPDATE_ROLE           PAYAGENT                       INSERT
GTRS            GTRS_DMM_UPDATE_ROLE           PAYAGENT                       DELETE
GTRS            GTRS_DMM_UPDATE_ROLE           PAYAGENT                       UPDATE
GTRS            GTRS_DMM_UPDATE_ROLE           PAYAGENT                       SELECT
GTRS            GTRS_SUPPORT_READONLY_ROLE     PAYAGENT                       SELECT
GTRS            GTRS_SUPPORT_UPDATE_ROLE       PAYAGENT                       UPDATE
GTRS            GTRS_SUPPORT_UPDATE_ROLE       PAYAGENT                       INSERT
GTRS            GTRS_SUPPORT_UPDATE_ROLE       PAYAGENT                       DELETE
GTRS            GTRS_SUPPORT_UPDATE_ROLE       PAYAGENT                       SELECT
GTRS            SUPPORT_ROLE                                    PAYAGENT                       SELECT

3. DBA_SYS_PRIVS
Column Datatype NULL Description
GRANTEE VARCHAR2(30) NOT NULL Grantee name, user, or role receiving the grant
PRIVILEGE VARCHAR2(40) NOT NULL System privilege
ADMIN_OPTION VARCHAR2(3)   Grant was with the ADMIN option
該視圖用于查詢某個user擁有哪些系統權限:
select * from DBA_SYS_PRIVS where GRANTEE='FIRGTRS';

GRANTEE                        PRIVILEGE       ADM
------------------------------ --------------- ---
FIRGTRS                        CREATE SESSION  NO

4. ROLE_SYS_PRIVS
Column Datatype NULL Description
ROLE VARCHAR2(30) NOT NULL Name of the role
PRIVILEGE VARCHAR2(40) NOT NULL System privilege granted to the role
ADMIN_OPTION VARCHAR2(3)   Signifies the grant was with the ADMIN option
該視圖用于查詢某個role擁有哪些系統權限:
select * from ROLE_SYS_PRIVS where ROLE='DBA_SUPPORT';

ROLE                           PRIVILEGE                      ADM
------------------------------ ------------------------------ ---
DBA_SUPPORT                    SELECT ANY SEQUENCE            NO
DBA_SUPPORT                    SELECT ANY DICTIONARY          NO

5. SESSION_PRIVS
Column Datatype NULL Description
PRIVILEGE VARCHAR2(40) NOT NULL Name of the privilege
該視圖用于查詢當前user擁有哪些系統權限:
select * from SESSION_PRIVS;

PRIVILEGE
------------------------------
CREATE SESSION
SELECT ANY SEQUENCE
SELECT ANY DICTIONARY

6. SESSION_ROLES
Column Datatype NULL Description
ROLE VARCHAR2(30) NOT NULL Name of the role
該視圖用于查詢當前user擁有哪些role:
select * from SESSION_ROLES;

ROLE
------------------------------
DBA_SUPPORT
CONNECT
SELECT_CATALOG_ROLE
HS_ADMIN_ROLE

7. 附注: WITH ADMIN OPTION和WITH GRANT OPTION

WITH ADMIN OPTION
是針對系統權限的,它的作用可以用下面這句話說明:
Only users who have been granted a specific system privilege with the ADMIN OPTION or users with the system privileges GRANT ANY PRIVILEGE or GRANT ANY OBJECT PRIVILEGE can grant or revoke system privileges to other users.
也就是說,對于某些權限大的user來說(比如DBA,一般擁有GRANT ANY PRIVILEGE和GRANT ANY OBJECT PRIVILEGE),WITH ADMIN OPTION對它們沒有影響,因為它們本身就具有給其它user或role賦系統權限的權力;而對于一般的user來說,它們的權限都是DBA賦給它們的,如果在DBA賦給它們權限時加了WITH ADMIN OPTION, 則它們還可以把這些權限再賦給其它的user,否則不能,請看以下實驗:
1) 首先用DBA賬號(a105024)登陸數據庫,并創建兩個測試賬號(testuser1, testuser2):
A105024@O02DMS1>create user testuser1 identified by test1;

User created.

A105024@O02DMS1>create user testuser2 identified by test2;

User created.

2) 用DBA賬號把 create session權限賦給測試賬號1:

A105024@O02DMS1>grant CREATE SESSION to testuser1;

Grant succeeded.

3) 用測試賬號1登陸數據庫,并查看測試賬號1的系統權限:
TESTUSER1@O02DMS1>select * from user_sys_privs;

USERNAME                       PRIVILEGE                                ADM
------------------------------ ---------------------------------------- ---
TESTUSER1                       CREATE SESSION                           NO
4) 用測試賬號1嘗試把create session賦給其它user:
TESTUSER@O02DMS1>grant CREATE SESSION to testuser2;
grant CREATE SESSION to testuser2
*
ERROR at line 1:
ORA-01031: insufficient privileges
出現權限不足的錯誤,是因為ADM那列的值為NO.
5) 用DBA賬號把create session權限賦給測試賬號1,并加上with admin option:

A105024@O02DMS1>grant CREATE SESSION to testuser1 with admin option;

Grant succeeded.

6) 查看測試賬號1的系統權限:

TESTUSER1@O02DMS1>select * from user_sys_privs;

USERNAME                       PRIVILEGE                                ADM
------------------------------ ---------------------------------------- ---
TESTUSER1                       CREATE SESSION                           YES

7) 用測試賬號1把create session賦給其它user:

TESTUSER@O02DMS1>grant CREATE SESSION to testuser2;

Grant succeeded.

WITH GRANT OPTION類似,只是它是針對對象權限的。


向AI問一下細節

免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。

AI

东安县| 玉门市| 龙州县| 图木舒克市| 内江市| 丘北县| 临西县| 虹口区| 丹东市| 阿克苏市| 从江县| 老河口市| 兴化市| 凌海市| 英德市| 手游| 贵溪市| 中卫市| 左云县| 常州市| 隆回县| 孝义市| 固始县| 武隆县| 汽车| 华亭县| 盐源县| 云南省| 沂南县| 内江市| 祁阳县| 石狮市| 阳高县| 蕉岭县| 乐亭县| 克拉玛依市| 千阳县| 义马市| 鄂尔多斯市| 葵青区| 岱山县|