Oracle±íÖ»¶ÁȨÏÞµÄÖÎÀíÒªÁìÏê½â
Oracle±íÖ»¶ÁȨÏÞµÄÖÎÀíÒªÁìÏê½â
ÔÚOracleÊý¾Ý¿âÖУ¬¶Ô±í¾ÙÐÐÖ»¶ÁȨÏÞµÄÖÎÀíÊǺÜÊÇÖ÷ÒªµÄ£¬¿ÉÒÔÓÐÓõر£»¤Êý¾ÝµÄÍêÕûÐÔºÍÇå¾²ÐÔ¡£±¾ÎĽ«ÏêϸÏÈÈÝÔõÑùÔÚOracleÊý¾Ý¿âÖÐÖÎÀí±íµÄÖ»¶ÁȨÏÞ£¬²¢ÌṩÏêϸµÄ´úÂëʾÀý¡£
Ò»¡¢ÊÚȨֻ¶ÁȨÏÞ¸øÓû§
ʹÓÃGRANTÓï¾äÊÚȨֻ¶ÁȨÏÞ¸øÓû§£º
GRANT SELECT ON table_name TO user_name;
ʾÀý£º½«±íemployeeµÄÖ»¶ÁȨÏÞÊÚÓèÓû§jason
GRANT SELECT ON employee TO jason;
ʹÓýÇÉ«ÊÚÓèÖ»¶ÁȨÏÞ£º
½¨ÉèÖ»¶Á½ÇÉ«£º
CREATE ROLE read_only_role;
½«Ö»¶ÁȨÏÞÊÚÓè½ÇÉ«£º
GRANT SELECT ON table_name TO read_only_role;
½«½ÇÉ«¸¶ÓëÓû§£º
GRANT read_only_role TO user_name;
ʾÀý£º½¨ÉèÖ»¶Á½ÇÉ«read_only£¬²¢½«±íemployeeµÄÖ»¶ÁȨÏÞÊÚÓè¸Ã½ÇÉ«£¬È»ºó½«read_only½ÇÉ«¸¶ÓëÓû§jason
CREATE ROLE read_only_role;
GRANT SELECT ON employee TO read_only_role;
GRANT read_only_role TO jason;
¶þ¡¢×÷·ÏÖ»¶ÁȨÏÞ
ʹÓÃREVOKEÓï¾ä×÷·ÏÖ»¶ÁȨÏÞ£º
REVOKE SELECT ON table_name FROM user_name;
ʾÀý£º×÷·ÏÓû§jason¶Ô±íemployeeµÄÖ»¶ÁȨÏÞ
REVOKE SELECT ON employee FROM jason;
×÷·Ï½ÇÉ«µÄÖ»¶ÁȨÏÞ£º
REVOKE SELECT ON table_name FROM role_name;
REVOKE role_name FROM user_name;
ʾÀý£º×÷·Ïread_only½ÇÉ«¶Ô±íemployeeµÄÖ»¶ÁȨÏÞ£¬È»ºó´ÓÓû§jasonÖÐ×÷·Ïread_only½ÇÉ«
REVOKE SELECT ON employee FROM read_only_role;
REVOKE read_only_role FROM jason;
Èý¡¢Éó²é±íµÄȨÏÞ
ʹÓÃÒÔÏÂSQLÓï¾äÉó²éÓû§»ò½ÇÉ«¶Ô±íµÄȨÏÞ£º
SELECT * FROM user_tab_privs WHERE table_name = ‘table_name’;
ʾÀý£ºÉó²éÓû§jason¶Ô±íemployeeµÄȨÏÞ
SELECT * FROM user_tab_privs WHERE table_name = ’employee’;
Éó²é½ÇÉ«¶Ô±íµÄȨÏÞ£º
SELECT * FROM role_tab_privs WHERE table_name = ‘table_name’;
ʾÀý£ºÉó²éread_only½ÇÉ«¶Ô±íemployeeµÄȨÏÞ
SELECT * FROM role_tab_privs WHERE table_name = ’employee’;
ͨ¹ýÒÔÉÏÒªÁ죬¿ÉÒÔÔÚOracleÊý¾Ý¿âÖÐÎÞаÖÎÀí±íµÄÖ»¶ÁȨÏÞ£¬±£»¤Êý¾ÝµÄÍêÕûÐÔºÍÇå¾²ÐÔ¡£Ï£Íû±¾ÎÄÌṩµÄÏêϸµÄ´úÂëʾÀýÄܹ»×ÊÖú¶ÁÕ߸üºÃµØÃ÷È·ºÍÓ¦ÓÃÕâЩȨÏÞÖÎÀíÒªÁì¡£
ÒÔÉϾÍÊÇOracle±íÖ»¶ÁȨÏÞµÄÖÎÀíÒªÁìÏê½âµÄÏêϸÄÚÈÝ£¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡