Oracle PL/SQL Tutorial/User Privilege/Object Privileges

Материал из SQL эксперт
Перейти к: навигация, поиск

Grant a procedure to public and then execute it

SQL>
SQL> CREATE TABLE EMP (EMPNO NUMBER(4) NOT NULL,
  2                    ENAME VARCHAR2(10),
  3                    JOB VARCHAR2(9),
  4                    MGR NUMBER(4),
  5                    HIREDATE DATE,
  6                    SAL NUMBER(7, 2),
  7                    COMM NUMBER(7, 2),
  8                    DEPTNO NUMBER(2));
SQL>
SQL> INSERT INTO EMP VALUES (7369, "SMITH", "CLERK",    7902, TO_DATE("17-DEC-1980", "DD-MON-YYYY"), 800, NULL, 20);
1 row created.
SQL> INSERT INTO EMP VALUES (7499, "ALLEN", "SALESMAN", 7698, TO_DATE("20-FEB-1981", "DD-MON-YYYY"), 1600, 300, 30);
1 row created.
SQL> INSERT INTO EMP VALUES (7521, "WARD",  "SALESMAN", 7698, TO_DATE("22-FEB-1981", "DD-MON-YYYY"), 1250, 500, 30);
1 row created.
SQL> INSERT INTO EMP VALUES (7566, "JONES", "MANAGER",  7839, TO_DATE("2-APR-1981",  "DD-MON-YYYY"), 2975, NULL, 20);
1 row created.
SQL> INSERT INTO EMP VALUES (7654, "MARTIN", "SALESMAN", 7698,TO_DATE("28-SEP-1981", "DD-MON-YYYY"), 1250, 1400, 30);
1 row created.
SQL> INSERT INTO EMP VALUES (7698, "BLAKE", "MANAGER", 7839,TO_DATE("1-MAY-1981", "DD-MON-YYYY"), 2850, NULL, 30);
1 row created.
SQL> INSERT INTO EMP VALUES (7782, "CLARK", "MANAGER", 7839,TO_DATE("9-JUN-1981", "DD-MON-YYYY"), 2450, NULL, 10);
1 row created.
SQL> INSERT INTO EMP VALUES (7788, "SCOTT", "ANALYST", 7566,TO_DATE("09-DEC-1982", "DD-MON-YYYY"), 3000, NULL, 20);
1 row created.
SQL> INSERT INTO EMP VALUES (7839, "KING", "PRESIDENT", NULL,TO_DATE("17-NOV-1981", "DD-MON-YYYY"), 5000, NULL, 10);
1 row created.
SQL> INSERT INTO EMP VALUES (7844, "TURNER", "SALESMAN", 7698,TO_DATE("8-SEP-1981", "DD-MON-YYYY"), 1500, 0, 30);
1 row created.
SQL> INSERT INTO EMP VALUES (7876, "ADAMS", "CLERK", 7788,TO_DATE("12-JAN-1983", "DD-MON-YYYY"), 1100, NULL, 20);
1 row created.
SQL> INSERT INTO EMP VALUES (7900, "JAMES", "CLERK", 7698,TO_DATE("3-DEC-1981", "DD-MON-YYYY"), 950, NULL, 30);
1 row created.
SQL> INSERT INTO EMP VALUES (7902, "FORD", "ANALYST", 7566,TO_DATE("3-DEC-1981", "DD-MON-YYYY"), 3000, NULL, 20);
1 row created.
SQL> INSERT INTO EMP VALUES (7934, "MILLER", "CLERK", 7782,TO_DATE("23-JAN-1982", "DD-MON-YYYY"), 1300, NULL, 10);
1 row created.
SQL>
SQL> CREATE TABLE DEPT (DEPTNO NUMBER(2),DNAME VARCHAR2(14),LOC VARCHAR2(13) );
Table created.
SQL>
SQL> INSERT INTO DEPT VALUES (10, "ACCOUNTING", "NEW YORK");
1 row created.
SQL> INSERT INTO DEPT VALUES (20, "RESEARCH", "DALLAS");
1 row created.
SQL> INSERT INTO DEPT VALUES (30, "SALES", "CHICAGO");
1 row created.
SQL> INSERT INTO DEPT VALUES (40, "OPERATIONS", "BOSTON");
1 row created.
SQL>
SQL>
SQL> create or replace procedure emp_dept_rpt
  2  AUTHID CURRENT_USER
  3  as
  4  begin
  5
  6    for x in ( select dept.deptno, sum(sal) sal, count(*) cnt
  7            from emp, dept
  8           where dept.deptno = emp.deptno
  9           group by dept.deptno )
 10    loop
 11        dbms_output.put_line( chr(9) ||
 12               to_char(x.deptno,"99999") || " " ||
 13               to_char(x.sal,"99,999") || " " ||
 14               to_char(x.cnt,"99,999") );
 15    end loop;
 16  end;
 17  /
Procedure created.
SQL>
SQL> grant execute on emp_dept_rpt to public
  2  /
Grant succeeded.
SQL>
SQL> set serveroutput on format wrapped
SQL> exec emp_dept_rpt;
            30  18,800      12
            20  21,750      10
            10  17,500       6
PL/SQL procedure successfully completed.
SQL>
SQL>
SQL> drop table emp;
Table dropped.
SQL>
SQL> drop table dept;
Table dropped.
SQL>


Granting Object Privileges to a User

GRANT SELECT, INSERT, UPDATE ON schemaName.objectName TO userName;
GRANT SELECT ON store.employees TO userName;
GRANT UPDATE (last_name, salary) ON store.employee TO userName;


Object Privileges

An object privilege allows a user to perform certain actions on database objects, such as executing DML statements on tables.

Commonly Used Object Privileges

Object Privilege Allows a User to SELECT Perform a select INSERT Perform an insert UPDATE Perform an update DELETE Perform a delete EXECUTE Execute a stored procedure

Procedure for current user

SQL>
SQL> create table t ( msg varchar2(25), c1 int, c2 int );
Table created.
SQL>
SQL> insert into t values ( "c1=1, c2=2", 1, 2 );
1 row created.
SQL>
SQL> create or replace procedure P
  2  authid current_user
  3  as
  4  begin
  5      for x in ( select * from t ) loop
  6                  dbms_output.put_line( "msg= " || x.msg );
  7                  dbms_output.put_line( "C1 = " || x.c1 );
  8                  dbms_output.put_line( "C2 = " || x.c2 );
  9      end loop;
 10  end;
 11  /
Procedure created.
SQL>
SQL> exec p
msg= c1=1, c2=2
C1 = 1
C2 = 2
PL/SQL procedure successfully completed.
SQL>


Revoking Object Privileges

REVOKE INSERT ON tableName FROM userName;
REVOKE SELECT ON schemaName.tableName FROM userName;


Use the GRANT option to enable a user to grant a privilege to another user

GRANT SELECT ON store.customers TO steve WITH GRANT OPTION;
Источник — «http://sqle.ru/index.php?title=Oracle_PL/SQL_Tutorial/User_Privilege/Object_Privileges&oldid=3229»