oracle禁止用户做DDL操作
CREATE OR REPLACE TRIGGER trg_dropdenyBEFORE DROP ON DATABASE BEGINIF LOWER (ora_dict_obj_name ()) = 'test'THENraise_application_error (num => -20000,msg => '你疯了,想删除表 '|| ora_dict_obj_name ()|| ' ?!!!!!'|| '你完了,警察已在途中.....');END IF; END; /
测试效果:SQL> connect scott/tigerConnected.SQL> create table test as select * from dba_users;Table created.SQL> connect / as sysdbaConnected.SQL> create or replace trigger trg_dropdeny 2 before drop on database 3 begin 4 if lower(ora_dict_obj_name()) = 'test' 5 then 6 raise_application_error( 7 num => -20000, 8 msg => '你疯了,想删除表 ' || ora_dict_obj_name() || ' ?!!!!!' ||'你完了,警察已在途中.....'); 9 end if; 10 end; 11 /Trigger created.SQL> connect scott/tigerConnected.SQL> drop table test;drop table test*ERROR at line 1:ORA-00604: error occurred at recursive SQL level 1ORA-20000: 你疯了,想删除表 TEST ?!!!!!你完了,警察已在途中.....ORA-06512: at line 4
Oracle从Oracle8i开始,允许实施DDL事件trigger,可是实现对于DDL的监视及控制,以下是一个进一步的例子:
create or replace trigger ddl_deny before create or alter or drop or truncate on database declarel_errmsg varchar2(100):= 'You have no permission to this operation'; beginif ora_sysevent = 'CREATE' thenraise_application_error(-20001, ora_dict_obj_owner || '.' || ora_dict_obj_name || ' ' || l_errmsg);elsif ora_sysevent = 'ALTER' thenraise_application_error(-20001, ora_dict_obj_owner || '.' || ora_dict_obj_name || ' ' || l_errmsg);elsif ora_sysevent = 'DROP' thenraise_application_error(-20001, ora_dict_obj_owner || '.' || ora_dict_obj_name || ' ' || l_errmsg);elsif ora_sysevent = 'TRUNCATE' thenraise_application_error(-20001, ora_dict_obj_owner || '.' || ora_dict_obj_name || ' ' || l_errmsg);end if;exceptionwhen no_data_found thennull; end; /
我们看一下效果:
[oracle@jumper tools]$ sqlplus "/ as sysdba" SQL*Plus: Release 9.2.0.4.0 - Production on Sun Oct 31 11:38:25 2004 Copyright (c) 1982, 2002, Oracle Corporation. All rights reserved. Connected to: Oracle9i Enterprise Edition Release 9.2.0.4.0 - Production With the Partitioning option JServer Release 9.2.0.4.0 - Production SQL> set echo on SQL> @ddlt SQL> create or replace trigger ddl_deny 2 before create or alter or drop or truncate on database 3 declare 4 l_errmsg varchar2(100):= 'You have no permission to this operation'; 5 begin 6 if ora_sysevent = 'CREATE' then 7 raise_application_error(-20001, ora_dict_obj_owner || '.' || ora_dict_obj_name || ' ' || l_errmsg); 8 elsif ora_sysevent = 'ALTER' then 9 raise_application_error(-20001, ora_dict_obj_owner || '.' || ora_dict_obj_name || ' ' || l_errmsg); 10 elsif ora_sysevent = 'DROP' then 11 raise_application_error(-20001, ora_dict_obj_owner || '.' || ora_dict_obj_name || ' ' || l_errmsg); 12 elsif ora_sysevent = 'TRUNCATE' then 13 raise_application_error(-20001, ora_dict_obj_owner || '.' || ora_dict_obj_name || ' ' || l_errmsg); 14 end if; 15 16 exception 17 when no_data_found then 18 null; 19 end; 20 / Trigger created. SQL> SQL> SQL> connect scott/tiger Connected. SQL> create table t as select * from test; create table t as select * from test * ERROR at line 1: ORA-00604: error occurred at recursive SQL level 1 ORA-20001: SCOTT.T You have no permission to this operation ORA-06512: at line 5 SQL> alter table test add (id number); alter table test add (id number) * ERROR at line 1: ORA-00604: error occurred at recursive SQL level 1 ORA-20001: SCOTT.TEST You have no permission to this operation ORA-06512: at line 7 SQL> drop table test; drop table test * ERROR at line 1: ORA-00604: error occurred at recursive SQL level 1 ORA-20001: SCOTT.TEST You have no permission to this operation ORA-06512: at line 9 SQL> truncate table test; truncate table test * ERROR at line 1: ORA-00604: error occurred at recursive SQL level 1 ORA-20001: SCOTT.TEST You have no permission to this operation ORA-06512: at line 11
我们可以看到,ddl语句都被禁止了,如果你不是禁止,可以选择把执行这些操作的用户及时间记录到另外的临时表中.以备查询.
oracle禁止用户做DDL操作相关推荐
- js禁止用户右键等操作
<script type="text/javascript"> document.οncοntextmenu=function(){return false}; doc ...
- Oracle存储过程中执行DDL操作
Create Or Replace Procedure My_Proc As Sqlddl Varchar2(1000); Begin Sqlddl := 'create table MyTable( ...
- oracle回收ddl权限,oracle禁止指定用户DDL操作触发器
出于安全性或避免影响性能的考虑,在产品数据库中有时候会禁止或者在一定时间段内限制DDL语句的发生.Oracle也提高了很多方法来实现这个功能,这个简单介绍一下. 这篇介绍利用触发器来限制DDL语句. ...
- oracle create user identified by,Oracle system用户忘记密码的解决方法
Oracle system用户是大家经常用到的,下面就为您介绍Oracle system用户在忘记密码情况下的解决方法,如果您在使用Oracle system用户时遇到过类似的问题,不妨一看. SQL ...
- mysql ddl 进度_MySQL5.7 慢查询+DDL操作堵塞查询
数据库版本: mysql> select @@version; +------------+ | @@version | +------------+ | 5.7.26-log | +----- ...
- oracle dblink 20001,解决ORA-02021: 不允许对远程数据库进行 DDL 操作下面通过DBLINK调用远程过程来执行这样的操作。...
一般情况下,当我们直接truncate一个远程的表的时候,通常会返回如下的错误信息: ORA-02021: DDL operations are not allowed on a remote dat ...
- Oracle数据库的DDL操作
2019独角兽企业重金招聘Python工程师标准>>> Oracle数据库的DDL操作 DDL(Data Definition Language)数据表的创建以及管理 Data De ...
- 如何在实验楼云平台上做Oracle踢用户进程实验
上周给大家布置查看登陆Oracle服务器上的用户进程信息,然后踢掉某些用户进程的的实验操作中,好多人小企鹅反馈,该实验无法做.是否无法操作该实验,答案在下面.以下内容将花费2-5分钟时间阅览. 实验楼 ...
- Oracle笔记 之 并行(parallel)操作(DQL,DML,DDL)
数据库的默认并行度 本例的测试环境: os:Windows 10 专业版 plsql:Version 14.0.1.1965 Oracle:Version 11.2.0.4.0 单实例数据库的并行度 ...
最新文章
- Linux之wget下载
- 软件战争中的小插曲:比较搜狗拼音和QQ拼音输入法
- python关闭csv文件_使用Python编辑csv文件时跳过标题
- ubuntu cmake交叉编译时报错:没有那个文件或目录
- WebApi 接口参数不再困惑:传参详解
- 《球球大作战》游戏优化之路(上)
- Linux Shell常用技巧(六)
- 文本监控 :oninput onchange onpropertychange 的区别
- 要鼓励周鸿祎做360搜索
- Windows环境下的Oracle数据库备份策略
- linux查看进程中的线程名,linux 怎么样查看一个进程的线程
- CentOS配置主机名和主机映射
- vsftpd配置好防火墙后从网页登录ftp却无法访问此页面
- linux生成手机号码字典,Linux下的字典生成工具Crunch 创造自己的专属字典
- 神州数码DCN交换机SNMP配置命令
- C++11创建线程的三种方式
- 人力资源管理系统HRMS 天下三分 煮酒论英雄
- 计算机毕业论文答辩教师评语,毕业论文答辩教师评语
- 利用scrapy工具,实现一键获取多个项目数据的功能
- マーケティング用語の英訳一覧(Glossary of marketing terms)