在 Oracle Developer 中撤销多个用户
Revoke Multiple Users in Oracle Developer
我想根据 select 语句从用户列表中删除角色。我的 select 语句工作正常,但是当我尝试执行撤销语句时,我得到“特权缺失或无效”。
我假设我缺少一些命令来读取用户列表,但不确定如何使它在列表中循环。
REVOKE ORACLE_ROLE FROM (SELECT GRANTEE
FROM DBA_ROLE_PRIVS
JOIN SYS.DBA_USERS ON DBA_ROLE_PRIVS.GRANTEE = DBA_USERS.USERNAME
WHERE DBA_ROLE_PRIVS.GRANTED_ROLE = 'ROLE_1'
AND DBA_USERS.ACCOUNT_STATUS != 'OPEN'
AND EXISTS (SELECT * FROM DBA_ROLE_PRIVS WHERE GRANTED_ROLE != 'ROLE_1'));
你可以这样做:
SELECT 'REVOKE ORACLE_ROLE FROM ' || GRANTEE || ' ;'
FROM DBA_ROLE_PRIVS
JOIN SYS.DBA_USERS ON DBA_ROLE_PRIVS.GRANTEE = DBA_USERS.USERNAME
WHERE DBA_ROLE_PRIVS.GRANTED_ROLE = 'ROLE_1'
AND DBA_USERS.ACCOUNT_STATUS != 'OPEN'
AND EXISTS (SELECT * FROM DBA_ROLE_PRIVS WHERE GRANTED_ROLE != 'ROLE_1');
然后执行输出。
如果您愿意,可以手动或在 execute immediate
中完成
我想根据 select 语句从用户列表中删除角色。我的 select 语句工作正常,但是当我尝试执行撤销语句时,我得到“特权缺失或无效”。
我假设我缺少一些命令来读取用户列表,但不确定如何使它在列表中循环。
REVOKE ORACLE_ROLE FROM (SELECT GRANTEE
FROM DBA_ROLE_PRIVS
JOIN SYS.DBA_USERS ON DBA_ROLE_PRIVS.GRANTEE = DBA_USERS.USERNAME
WHERE DBA_ROLE_PRIVS.GRANTED_ROLE = 'ROLE_1'
AND DBA_USERS.ACCOUNT_STATUS != 'OPEN'
AND EXISTS (SELECT * FROM DBA_ROLE_PRIVS WHERE GRANTED_ROLE != 'ROLE_1'));
你可以这样做:
SELECT 'REVOKE ORACLE_ROLE FROM ' || GRANTEE || ' ;'
FROM DBA_ROLE_PRIVS
JOIN SYS.DBA_USERS ON DBA_ROLE_PRIVS.GRANTEE = DBA_USERS.USERNAME
WHERE DBA_ROLE_PRIVS.GRANTED_ROLE = 'ROLE_1'
AND DBA_USERS.ACCOUNT_STATUS != 'OPEN'
AND EXISTS (SELECT * FROM DBA_ROLE_PRIVS WHERE GRANTED_ROLE != 'ROLE_1');
然后执行输出。
如果您愿意,可以手动或在 execute immediate