开发说在用dwetl下执行调用shop用户下的表的时候提示没有权限操作,google了查了下,发现oracle账户没法直接赋予对某个表的truncate权限,那要怎么来实现呢?
在shop用户下面,准备测试数据
SQL> create table Z_TRUNCATE_T(ID number);
Table created.
SQL> insert into Z_TRUNCATE_T select 1 from dual;
1 row created.
SQL> commit;
Commit complete.
SQL> select * from Z_TRUNCATE_T;
ID
----------
1
SQL>
通常赋予truncate的常规做法,是直接赋值drop any table给一个用户
SQL> grant drop any table to dwetl;
Grant succeeded.
SQL>
SQL> grant select,insert,delete,update on Z_TRUNCATE_T to dwetl;
Grant succeeded.
SQL>
干完活,需要赶紧马上收回权限因为drop any table权限是在太大了,一不小心就会造成误删除,到时候哭都来不及啊
SQL> revoke drop any table from dwetl;
Revoke succeeded.
SQL> revoke select,insert,delete,update on shop.PLAN6_TEMPLET_NODE_EDIT from dwetl;
Revoke succeeded.
SQL>
建立一个存储过程p_truncate,在存储过来里面执行truncate table Z_TRUNCATE_T;然后赋予另外一个用户dwetl对这个存储过程的执行权限。
存储过程p_truncate如下:
create or replace procedure p_truncate as
begin
execute immediate 'truncate table Z_TRUNCATE_T';
end;
建立存储过程:
SQL>
create or replace procedure p_truncate as
begin
execute immediate 'truncate table Z_TRUNCATE_T';
4 end;
5 /
Procedure created.
SQL>
赋予存储过程的执行权限给dwetl,并且赋予表的增删改查权限,因为truncate后,紧接着的基本就是insert、update、delete了
SQL> grant execute on p_truncate to dwetl;
Grant succeeded.
SQL>
SQL> grant select,insert,delete,update on Z_TRUNCATE_T to dwetl;
Grant succeeded.
SQL>
通过dwetl账号登陆,执行存储过程查看效果,看到shop用户下的表Z_TRUNCATE_T已经被清空了,ok,如此也证明了通过存储过程这种方案是可行的,可以对别的用户下的表进行truncate table操作。
–查看
SQL> call shop.p_truncate();
Call completed.
SQL> select * from shop.Z_TRUNCATE_T;
no rows selected
SQL> 参考文档:https://asktom.oracle.com/pls/asktom/f?p=100:11:::::P11_QUESTION_ID:1458414958491