Oracle PL/SQL Tutorial/User Privilege/Object Privileges

Материал из SQL эксперт
Перейти к: навигация, поиск

Grant a procedure to public and then execute it

   <source lang="sql">

SQL> SQL> CREATE TABLE EMP (EMPNO NUMBER(4) NOT NULL, 

 2                    ENAME VARCHAR2(10),
 3                    JOB VARCHAR2(9),
 4                    MGR NUMBER(4),
 5                    HIREDATE DATE,
 6                    SAL NUMBER(7, 2),
 7                    COMM NUMBER(7, 2),
 8                    DEPTNO NUMBER(2));

SQL> SQL> INSERT INTO EMP VALUES (7369, "SMITH", "CLERK", 7902, TO_DATE("17-DEC-1980", "DD-MON-YYYY"), 800, NULL, 20); 1 row created. SQL> INSERT INTO EMP VALUES (7499, "ALLEN", "SALESMAN", 7698, TO_DATE("20-FEB-1981", "DD-MON-YYYY"), 1600, 300, 30); 1 row created. SQL> INSERT INTO EMP VALUES (7521, "WARD", "SALESMAN", 7698, TO_DATE("22-FEB-1981", "DD-MON-YYYY"), 1250, 500, 30); 1 row created. SQL> INSERT INTO EMP VALUES (7566, "JONES", "MANAGER", 7839, TO_DATE("2-APR-1981", "DD-MON-YYYY"), 2975, NULL, 20); 1 row created. SQL> INSERT INTO EMP VALUES (7654, "MARTIN", "SALESMAN", 7698,TO_DATE("28-SEP-1981", "DD-MON-YYYY"), 1250, 1400, 30); 1 row created. SQL> INSERT INTO EMP VALUES (7698, "BLAKE", "MANAGER", 7839,TO_DATE("1-MAY-1981", "DD-MON-YYYY"), 2850, NULL, 30); 1 row created. SQL> INSERT INTO EMP VALUES (7782, "CLARK", "MANAGER", 7839,TO_DATE("9-JUN-1981", "DD-MON-YYYY"), 2450, NULL, 10); 1 row created. SQL> INSERT INTO EMP VALUES (7788, "SCOTT", "ANALYST", 7566,TO_DATE("09-DEC-1982", "DD-MON-YYYY"), 3000, NULL, 20); 1 row created. SQL> INSERT INTO EMP VALUES (7839, "KING", "PRESIDENT", NULL,TO_DATE("17-NOV-1981", "DD-MON-YYYY"), 5000, NULL, 10); 1 row created. SQL> INSERT INTO EMP VALUES (7844, "TURNER", "SALESMAN", 7698,TO_DATE("8-SEP-1981", "DD-MON-YYYY"), 1500, 0, 30); 1 row created. SQL> INSERT INTO EMP VALUES (7876, "ADAMS", "CLERK", 7788,TO_DATE("12-JAN-1983", "DD-MON-YYYY"), 1100, NULL, 20); 1 row created. SQL> INSERT INTO EMP VALUES (7900, "JAMES", "CLERK", 7698,TO_DATE("3-DEC-1981", "DD-MON-YYYY"), 950, NULL, 30); 1 row created. SQL> INSERT INTO EMP VALUES (7902, "FORD", "ANALYST", 7566,TO_DATE("3-DEC-1981", "DD-MON-YYYY"), 3000, NULL, 20); 1 row created. SQL> INSERT INTO EMP VALUES (7934, "MILLER", "CLERK", 7782,TO_DATE("23-JAN-1982", "DD-MON-YYYY"), 1300, NULL, 10); 1 row created. SQL> SQL> CREATE TABLE DEPT (DEPTNO NUMBER(2),DNAME VARCHAR2(14),LOC VARCHAR2(13) ); Table created. SQL> SQL> INSERT INTO DEPT VALUES (10, "ACCOUNTING", "NEW YORK"); 1 row created. SQL> INSERT INTO DEPT VALUES (20, "RESEARCH", "DALLAS"); 1 row created. SQL> INSERT INTO DEPT VALUES (30, "SALES", "CHICAGO"); 1 row created. SQL> INSERT INTO DEPT VALUES (40, "OPERATIONS", "BOSTON"); 1 row created. SQL> SQL> SQL> create or replace procedure emp_dept_rpt 

 2  AUTHID CURRENT_USER
 3  as
 4  begin
 5
 6    for x in ( select dept.deptno, sum(sal) sal, count(*) cnt
 7            from emp, dept
 8           where dept.deptno = emp.deptno
 9           group by dept.deptno )
10    loop
11        dbms_output.put_line( chr(9) ||
12               to_char(x.deptno,"99999") || " " ||
13               to_char(x.sal,"99,999") || " " ||
14               to_char(x.cnt,"99,999") );
15    end loop;
16  end;
17  /

Procedure created. SQL> SQL> grant execute on emp_dept_rpt to public 

 2  /

Grant succeeded. SQL> SQL> set serveroutput on format wrapped SQL> exec emp_dept_rpt; 

           30  18,800      12
           20  21,750      10
           10  17,500       6

PL/SQL procedure successfully completed. SQL> SQL> SQL> drop table emp; Table dropped. SQL> SQL> drop table dept; Table dropped. SQL></source>


Granting Object Privileges to a User

   <source lang="sql">

GRANT SELECT, INSERT, UPDATE ON schemaName.objectName TO userName; GRANT SELECT ON store.employees TO userName; GRANT UPDATE (last_name, salary) ON store.employee TO userName;</source>


Object Privileges

An object privilege allows a user to perform certain actions on database objects, such as executing DML statements on tables.

Commonly Used Object Privileges

Object Privilege Allows a User to SELECT Perform a select INSERT Perform an insert UPDATE Perform an update DELETE Perform a delete EXECUTE Execute a stored procedure

Procedure for current user

   <source lang="sql">

SQL> SQL> create table t ( msg varchar2(25), c1 int, c2 int ); Table created. SQL> SQL> insert into t values ( "c1=1, c2=2", 1, 2 ); 1 row created. SQL> SQL> create or replace procedure P 

 2  authid current_user
 3  as
 4  begin
 5      for x in ( select * from t ) loop
 6                  dbms_output.put_line( "msg= " || x.msg );
 7                  dbms_output.put_line( "C1 = " || x.c1 );
 8                  dbms_output.put_line( "C2 = " || x.c2 );
 9      end loop;
10  end;
11  /

Procedure created. SQL> SQL> exec p msg= c1=1, c2=2 C1 = 1 C2 = 2 PL/SQL procedure successfully completed. SQL></source>


Revoking Object Privileges

   <source lang="sql">

REVOKE INSERT ON tableName FROM userName; REVOKE SELECT ON schemaName.tableName FROM userName;</source>


Use the GRANT option to enable a user to grant a privilege to another user

   <source lang="sql">

GRANT SELECT ON store.customers TO steve WITH GRANT OPTION;</source>

Источник — «http://sqle.ru/index.php?title=Oracle_PL/SQL_Tutorial/User_Privilege/Object_Privileges&oldid=3229»