ORACLE中的default role,set role
oracle权限体系中有个default role,比较难以理解。下面用实例说明一下作用。 我们可以给某个用户分配一些角色,比如role r1,r2,r3,r4,而其中可以将某些角色比如r1设置为default role,其他的不设置成default role,这样,当该用户登录时,自动具有default
oracle权限体系中有个default role,比较难以理解。下面用实例说明一下作用。
我们可以给某个用户分配一些角色,比如role r1,r2,r3,r4,而其中可以将某些角色比如r1设置为default role,其他的不设置成default role,这样,当该用户登录时,自动具有default role中所包含的权限,其他的角色所具有的权限要通过set role 角色来获得。
下面我们举个例子:
(1)sys用户作为sysdba登录,创建4个角色:
create role r1;
create role r2 identified by r2;
create role r3 identified by r3;
create role r4 identified by r4;
(2)sys用户赋予这四个角色对应的权限:
grant create session to r1;
grant select on hr.test to r2;(这里hr.test是我新创建的一个表,里面有ID和name两列)
grant update(name) on hr.test to r3;
grant insert on hr.test to r3;
grant delete on hr.test to r4;
(3)sys用户创建一个用户u3
create user u3 identified by u3;
(4)将角色r1,r2,r3,r4赋予用户u3
grant r1,r2,r3,r4 to u3;
在修改用户u3的默认角色前,r1,r2,r3,r4 角色均为u3的 default role,以u3用户登录,查询、增删改hr.test,都没有问题。
(5)现在sys用户修改用户u3的default role,仅将r1作为u3的默认角色:
alter user u3 default role r1; --此时将覆盖原来的设置,u3 的default role =r1,仅仅有登录权限。
(6)用户u3 log off ,然后再log on,进去后发现,
查询、增删改hr.test都不能进行。
(7) 用户自己打开role权限
set role r2 identified by r2;
这时执行 select * from hr.test,发现没有问题。增删改不行。
将对应的角色打开:
set role r3 identified by r3;
此时修改和插入记录没有问题,但是select * from hr.test 确发现不行了。证明此时用户所属的角色仅仅是默认角色r1,和刚刚打开的角色r3,而r2被set role r3 identified by r3;覆盖掉了。
那要同时有r2,r3,r4的权限怎么办呢?
set role r2 identified by r2,r3 identified by r3,r4 identified by r4。此时就同时对hr.test可以进行查询,增删改了。
不过set role 的效果是临时的,只是当前session有效,其他的session无效,当结束当前session后再登录,又只有default role 的权限了。
参看:
oracle 查看 DEFAULT ROLE 谷歌
admin_option 是针对用户的每一个权限或是角色的,默认角色也是如此,在视图dba_role_privs;
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1376
52
How to import oracle database
Apr 11, 2025 pm 08:06 PM
Data import method: 1. Use the SQLLoader utility: prepare data files, create control files, and run SQLLoader; 2. Use the IMP/EXP tool: export data, import data. Tip: 1. Recommended SQL*Loader for big data sets; 2. The target table should exist and the column definition matches; 3. After importing, data integrity needs to be verified.
How to create a table in oracle
Apr 11, 2025 pm 08:00 PM
Creating an Oracle table involves the following steps: Use the CREATE TABLE syntax to specify table names, column names, data types, constraints, and default values. The table name should be concise and descriptive, and should not exceed 30 characters. The column name should be descriptive, and the data type specifies the data type stored in the column. The NOT NULL constraint ensures that null values are not allowed in the column, and the DEFAULT clause specifies the default values for the column. PRIMARY KEY Constraints to identify the unique record of the table. FOREIGN KEY constraint specifies that the column in the table refers to the primary key in another table. See the creation of the sample table students, which contains primary keys, unique constraints, and default values.
How to check tablespace size of oracle
Apr 11, 2025 pm 08:15 PM
To query the Oracle tablespace size, follow the following steps: Determine the tablespace name by running the query: SELECT tablespace_name FROM dba_tablespaces; Query the tablespace size by running the query: SELECT sum(bytes) AS total_size, sum(bytes_free) AS available_space, sum(bytes) - sum(bytes_free) AS used_space FROM dba_data_files WHERE tablespace_
How to add table fields to oracle
Apr 11, 2025 pm 07:30 PM
Use the ALTER TABLE statement, the specific syntax is as follows: ALTER TABLE table_name ADD column_name data_type [constraint-clause]. Where: table_name is the table name, column_name is the field name, data_type is the data type, and constraint-clause is an optional constraint. Example: ALTER TABLE employees ADD email VARCHAR2(100) Add an email field to the employees table.
What to do if the oracle can't be opened
Apr 11, 2025 pm 10:06 PM
Solutions to Oracle cannot be opened include: 1. Start the database service; 2. Start the listener; 3. Check port conflicts; 4. Set environment variables correctly; 5. Make sure the firewall or antivirus software does not block the connection; 6. Check whether the server is closed; 7. Use RMAN to recover corrupt files; 8. Check whether the TNS service name is correct; 9. Check network connection; 10. Reinstall Oracle software.
How to solve garbled code in oracle
Apr 11, 2025 pm 10:09 PM
Oracle garbled problems can be solved by checking the database character set to ensure they match the data. Set the client character set to match the database. Convert data or modify column character sets to match database character sets. Use Unicode character sets and avoid multibyte character sets. Check that the language settings of the database and client are correct.
How to re-query oracle
Apr 11, 2025 pm 07:33 PM
Oracle provides multiple deduplication query methods: The DISTINCT keyword returns a unique value for each column. The GROUP BY clause groups the results and returns a non-repetitive value for each group. The UNIQUE keyword is used to create an index containing only unique rows, and querying the index will automatically deduplicate. The ROW_NUMBER() function assigns unique numbers and filters out results that contain only line 1. The MIN() or MAX() function returns non-repetitive values of a numeric column. The INTERSECT operator returns the common values of the two result sets (no duplicates).
How to set up users of oracle
Apr 11, 2025 pm 08:21 PM
To create a user in Oracle, follow these steps: Create a new user using the CREATE USER statement. Grant the necessary permissions using the GRANT statement. Optional: Use the RESOURCE statement to set the quota. Configure other options such as default roles and temporary tablespaces.
