Oracle創建只讀賬號的詳細步驟
更新時間:2021年06月05日 16:16:36 作者:Lexsaints
本文介紹了Oracle創建只讀賬號的詳細步驟,有此需求的朋友可以參考下過程
需求說明
現有數據庫賬號:HEPSUSR:具有完整權限,增刪改查。
需要創建一個數據庫賬號:HTREADER,對HEPSUSR賬號下所有的表具有只讀權限。
第一步:創建只讀賬號
1
2
|
--創建只讀賬號 第一步
CREATE
USER
htreader identified
by
123456;
|
第二步:賦予賬號連接數據庫等基本權限
1
2
3
4
5
|
--賦予htreader連接等常規權限
grant
connect
to
htreader;
grant
create
view
to
htreader;
grant
create
session
to
htreader;
grant
create
synonym
to
htreader;
|
第三步:獲取原賬號的查詢權限
1
2
3
4
5
6
7
|
獲取原賬號HEPSUSR用戶的所有查詢表權限
select
'grant select on '
||owner||
'.'
||object_name||
' to htreader;'
from
dba_objects
where
owner
in
(
'HEPSUSR'
)
and
object_type=
'TABLE'
;
--查詢結果為新賬號的賦值語句,如下圖
|
第四步:將原賬號權限賦值為新賬號
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
在原賬號HEPSUSR下執行,將原賬號的查詢權限 賦值給新賬號
-------
grant
select
on
HEPSUSR.ENTRY_CERT
to
htreader;
grant
select
on
HEPSUSR.SUB_MESSAGE_INFO
to
htreader;
grant
select
on
HEPSUSR.ENTRY_CERT_RELATION
to
htreader;
grant
select
on
HEPSUSR.ENTRY_CERT_RELATION
to
htreader;
grant
select
on
HEPSUSR.ENTRY_DECL_TAX
to
htreader;
grant
select
on
HEPSUSR.ENTRY_DOCU
to
htreader;
grant
select
on
HEPSUSR.ENTRY_FEES
to
htreader;
grant
select
on
HEPSUSR.ENTRY_GOODS_TAX
to
htreader;
grant
select
on
HEPSUSR.ENTRY_HEAD
to
htreader;
grant
select
on
HEPSUSR.ENTRY_LIST
to
htreader;
grant
select
on
HEPSUSR.ENTRY_WORKFLOW
to
htreader;
grant
select
on
HEPSUSR.IQ_APPEND
to
htreader;
grant
select
on
HEPSUSR.IQ_CERT
to
htreader;
grant
select
on
HEPSUSR.SUB_SWAP
to
htreader;
grant
select
on
HEPSUSR.VIN_LIST
to
htreader;
|
第五步:在新賬號端創建同位顯示表
因為新創建的只讀賬號,Tables欄中顯示為空,我們需要在PL/SQL顯示欄中為新賬號登錄界面添加顯示同位元素,如下:
1
2
3
4
5
|
--在原賬號HEPSUSR端執行,獲取需要顯示的表名稱
select
'create or replace SYNONYM htreader.'
||object_name||
' for '
||owner||
'.'
||object_name||
';'
from
dba_objects
where
owner
in
(
'HEPSUSR'
)
and
object_type=
'TABLE'
|
第六步:查詢結果在新賬號端執行
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
在只讀賬號HTREADER端執行:添加顯示各個表信息;在SYSNONYM目錄下,tables目錄下無顯示
create
or
replace
SYNONYM htreader.VIN_LIST
for
HEPSUSR.VIN_LIST;
create
or
replace
SYNONYM htreader.SUB_SWAP
for
HEPSUSR.SUB_SWAP;
create
or
replace
SYNONYM htreader.SUB_MESSAGE_INFO
for
HEPSUSR.SUB_MESSAGE_INFO;
create
or
replace
SYNONYM htreader.IQ_CERT
for
HEPSUSR.IQ_CERT;
create
or
replace
SYNONYM htreader.IQ_APPEND
for
HEPSUSR.IQ_APPEND;
create
or
replace
SYNONYM htreader.ENTRY_WORKFLOW
for
HEPSUSR.ENTRY_WORKFLOW;
create
or
replace
SYNONYM htreader.ENTRY_LIST
for
HEPSUSR.ENTRY_LIST;
create
or
replace
SYNONYM htreader.ENTRY_HEAD
for
HEPSUSR.ENTRY_HEAD;
create
or
replace
SYNONYM htreader.ENTRY_GOODS_TAX
for
HEPSUSR.ENTRY_GOODS_TAX;
create
or
replace
SYNONYM htreader.ENTRY_FEES
for
HEPSUSR.ENTRY_FEES;
create
or
replace
SYNONYM htreader.ENTRY_DOCU
for
HEPSUSR.ENTRY_DOCU;
create
or
replace
SYNONYM htreader.ENTRY_DECL_TAX
for
HEPSUSR.ENTRY_DECL_TAX;
create
or
replace
SYNONYM htreader.ENTRY_CONTAINER
for
HEPSUSR.ENTRY_CONTAINER;
create
or
replace
SYNONYM htreader.ENTRY_CERT_RELATION
for
HEPSUSR.ENTRY_CERT_RELATION;
create
or
replace
SYNONYM htreader.ENTRY_CERT
for
HEPSUSR.ENTRY_CERT;
|
第七步:執行完成之后 登錄新賬號,查看結果
新賬號可以查詢原賬號的所有表結構,但是無法執行 增刪改相關操作
第八步:執行刪除、修改sql語句測試
附錄:Oracle查詢賬號及權限詳細語句
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
1.查看所有用戶:
select
*
from
dba_users;
select
*
from
all_users;
select
*
from
user_users;
2.查看用戶或角色系統權限(直接賦值給用戶或角色的系統權限):
select
*
from
dba_sys_privs;
select
*
from
user_sys_privs;
3.查看角色(只能查看登陸用戶擁有的角色)所包含的權限
sql>
select
*
from
role_sys_privs;
4.查看用戶對象權限:
select
*
from
dba_tab_privs;
select
*
from
all_tab_privs;
select
*
from
user_tab_privs;
5.查看所有角色:
select
*
from
dba_roles;
6.查看用戶或角色所擁有的角色:
select
*
from
dba_role_privs;
select
*
from
user_role_privs;
|
以上就是Oracle創建只讀賬號的詳細步驟的詳細內容,更多關於Oracle創建只讀賬號的資料請關注腳本之家其它相關文章!