Clear Sky - Kuru

     
 
« 庐山图记 | Main | emca删除或重建Repository引... »

17 十月 · 星期五 2008

禁止特定数据库用户DDL权限-简单范例


以system用户登录数据库,创建trigger,以实现禁止test用户登录执行alter,drop,truncate test.objects:

--connected as system user

CREATE OR REPLACE TRIGGER trig_prevent_ddl

   BEFORE ALTER OR DROP OR TRUNCATE ON test.SCHEMA

BEGIN

   raise_application_error (num      => -20000,

                            msg      => 'Cannot alter,drop,truncate object'

                           );

END;

/

此时system用户可以执行alter,drop,truncate test.objects:

SQL> truncate table test.test2;

Table truncated.

 

以test用户登录数据库

--connected as test user

SQL> truncate table test2;
truncate table test2
               *
ERROR at line 1:
ORA-00604: error occurred at recursive SQL level 1
ORA-20000: Cannot alter,drop,truncate object
ORA-06512: at line 2

 

 

Posted by 枯荣长老 @ 09:35 上午 CST [ Comments [0] ]
 
 
 
 
Comments:

Post a Comment:
  • HTML Syntax: Allowed
 

« 五月 2012
星期日星期一星期二星期三星期四星期五星期六
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
  
       
Today

Valid XHTML or CSS?

[This is a Roller site]
Theme by Rowell Sotto.
 
© 枯荣长老