甲骨文特权矩阵
Oracle Privilege Matrix
我想在 Oracle 中制作一个权限矩阵。
这是我的查询:
SELECT
DTP.TABLE_NAME,
DECODE(DTP.PRIVILEGE, 'SELECT', 'YES', 'NO') "SELECT",
DECODE(DTP.PRIVILEGE, 'INSERT', 'YES', 'NO') "INSERT",
DECODE(DTP.PRIVILEGE, 'UPDATE', 'YES', 'NO') "UPDATE",
DECODE(DTP.PRIVILEGE, 'DELETE', 'YES', 'NO') "DELETE",
DECODE(DTP.PRIVILEGE, 'ALTER', 'YES', 'NO') "ALTER",
DECODE(DTP.PRIVILEGE, 'EXECUTE', 'YES', 'NO') "EXECUTE"
FROM
SYS.DBA_TAB_PRIVS DTP
WHERE
DTP.GRANTEE = 'SUPPLIER'
OR DTP.GRANTEE IN (SELECT DRP.GRANTED_ROLE
FROM dba_role_privs DRP
START WITH grantee = 'SUPPLIER'
CONNECT BY PRIOR DRP.GRANTED_ROLE = DRP.GRANTEE)
ORDER BY
TABLE_NAME
结果如下所示:
TABLE_NAME | SELECT | INSERT | UPDATE | DELETE | ALTER | EXECUTE |
ACCOUNT | YES | NO | NO | NO | NO | NO |
ACCOUNT | NO | YES | NO | NO | NO | NO |
ACCOUNT | NO | no | YES | NO | NO | NO |
有什么方法可以让结果变成这样吗?
TABLE_NAME | SELECT | INSERT | UPDATE | DELETE | ALTER | EXECUTE |
ACCOUNT | YES | YES | YES | NO | NO | NO |
谢谢
使用 case 块 COUNT
SELECT DTP.TABLE_NAME,
CASE WHEN COUNT( CASE WHEN DTP.PRIVILEGE = 'SELECT' THEN 1 END ) >= 1 THEN 'YES' ELSE 'NO' END as "SELECT",
CASE WHEN COUNT( CASE WHEN DTP.PRIVILEGE = 'INSERT' THEN 1 END ) >= 1 THEN 'YES' ELSE 'NO' END as "INSERT",
CASE WHEN COUNT( CASE WHEN DTP.PRIVILEGE = 'UPDATE' THEN 1 END ) >= 1 THEN 'YES' ELSE 'NO' END as "UPDATE",
CASE WHEN COUNT( CASE WHEN DTP.PRIVILEGE = 'DELETE' THEN 1 END ) >= 1 THEN 'YES' ELSE 'NO' END as "DELETE",
..
..
GROUP BY DTP.TABLE_NAME
利用 "YES" 排序在 "NO" 之后的事实并将其更改为:
SELECT
DTP.TABLE_NAME,
MAX(DECODE(DTP.PRIVILEGE, 'SELECT', 'YES', 'NO')) "SELECT",
MAX(DECODE(DTP.PRIVILEGE, 'INSERT', 'YES', 'NO')) "INSERT",
MAX(DECODE(DTP.PRIVILEGE, 'UPDATE', 'YES', 'NO')) "UPDATE",
MAX(DECODE(DTP.PRIVILEGE, 'DELETE', 'YES', 'NO')) "DELETE",
MAX(DECODE(DTP.PRIVILEGE, 'ALTER', 'YES', 'NO')) "ALTER",
MAX(DECODE(DTP.PRIVILEGE, 'EXECUTE', 'YES', 'NO')) "EXECUTE"
FROM
SYS.DBA_TAB_PRIVS DTP
WHERE
DTP.GRANTEE = 'SUPPLIER'
OR DTP.GRANTEE IN (SELECT DRP.GRANTED_ROLE
FROM dba_role_privs DRP
START WITH grantee = 'SUPPLIER'
CONNECT BY PRIOR DRP.GRANTED_ROLE = DRP.GRANTEE)
GROUP BY DTP.TABLE_NAME
ORDER BY
TABLE_NAME
我想在 Oracle 中制作一个权限矩阵。
这是我的查询:
SELECT
DTP.TABLE_NAME,
DECODE(DTP.PRIVILEGE, 'SELECT', 'YES', 'NO') "SELECT",
DECODE(DTP.PRIVILEGE, 'INSERT', 'YES', 'NO') "INSERT",
DECODE(DTP.PRIVILEGE, 'UPDATE', 'YES', 'NO') "UPDATE",
DECODE(DTP.PRIVILEGE, 'DELETE', 'YES', 'NO') "DELETE",
DECODE(DTP.PRIVILEGE, 'ALTER', 'YES', 'NO') "ALTER",
DECODE(DTP.PRIVILEGE, 'EXECUTE', 'YES', 'NO') "EXECUTE"
FROM
SYS.DBA_TAB_PRIVS DTP
WHERE
DTP.GRANTEE = 'SUPPLIER'
OR DTP.GRANTEE IN (SELECT DRP.GRANTED_ROLE
FROM dba_role_privs DRP
START WITH grantee = 'SUPPLIER'
CONNECT BY PRIOR DRP.GRANTED_ROLE = DRP.GRANTEE)
ORDER BY
TABLE_NAME
结果如下所示:
TABLE_NAME | SELECT | INSERT | UPDATE | DELETE | ALTER | EXECUTE |
ACCOUNT | YES | NO | NO | NO | NO | NO |
ACCOUNT | NO | YES | NO | NO | NO | NO |
ACCOUNT | NO | no | YES | NO | NO | NO |
有什么方法可以让结果变成这样吗?
TABLE_NAME | SELECT | INSERT | UPDATE | DELETE | ALTER | EXECUTE |
ACCOUNT | YES | YES | YES | NO | NO | NO |
谢谢
使用 case 块 COUNT
SELECT DTP.TABLE_NAME,
CASE WHEN COUNT( CASE WHEN DTP.PRIVILEGE = 'SELECT' THEN 1 END ) >= 1 THEN 'YES' ELSE 'NO' END as "SELECT",
CASE WHEN COUNT( CASE WHEN DTP.PRIVILEGE = 'INSERT' THEN 1 END ) >= 1 THEN 'YES' ELSE 'NO' END as "INSERT",
CASE WHEN COUNT( CASE WHEN DTP.PRIVILEGE = 'UPDATE' THEN 1 END ) >= 1 THEN 'YES' ELSE 'NO' END as "UPDATE",
CASE WHEN COUNT( CASE WHEN DTP.PRIVILEGE = 'DELETE' THEN 1 END ) >= 1 THEN 'YES' ELSE 'NO' END as "DELETE",
..
..
GROUP BY DTP.TABLE_NAME
利用 "YES" 排序在 "NO" 之后的事实并将其更改为:
SELECT
DTP.TABLE_NAME,
MAX(DECODE(DTP.PRIVILEGE, 'SELECT', 'YES', 'NO')) "SELECT",
MAX(DECODE(DTP.PRIVILEGE, 'INSERT', 'YES', 'NO')) "INSERT",
MAX(DECODE(DTP.PRIVILEGE, 'UPDATE', 'YES', 'NO')) "UPDATE",
MAX(DECODE(DTP.PRIVILEGE, 'DELETE', 'YES', 'NO')) "DELETE",
MAX(DECODE(DTP.PRIVILEGE, 'ALTER', 'YES', 'NO')) "ALTER",
MAX(DECODE(DTP.PRIVILEGE, 'EXECUTE', 'YES', 'NO')) "EXECUTE"
FROM
SYS.DBA_TAB_PRIVS DTP
WHERE
DTP.GRANTEE = 'SUPPLIER'
OR DTP.GRANTEE IN (SELECT DRP.GRANTED_ROLE
FROM dba_role_privs DRP
START WITH grantee = 'SUPPLIER'
CONNECT BY PRIOR DRP.GRANTED_ROLE = DRP.GRANTEE)
GROUP BY DTP.TABLE_NAME
ORDER BY
TABLE_NAME