问题描述
基本上在TEST环境中,如何获取用户拥有的所有对象的特权备份和来生成授予语句,除非数据库中的默认值从PROD刷新到TEST,否则oracle中的默认对象
因此,我们可以在刷新后恢复到那些特权,以避免出现任何权限被拒绝问题。
,并且还在寻找“ dbms_Metadata.get_dependent_ddl ”和“ dbms_Metadata.get_granted_ddl ”软件包的替代解决方案。因为要花费很多时间,并且会生成很多重复的语句。
解决方法
生成除默认帐户外的所有架构的Grant Code语句脚本
set long 20000 longchunksize 20000 pagesize 0 linesize 1000 feedback off verify off trimspool on
spool file_name.sql
select 'grant '||granted_role||' to '||grantee||';' from DBA_ROLE_PRIVS where grantee in (SELECT usr.username FROM sys.dba_users usr WHERE usr.created > (SELECT created FROM sys.v_$database))
union all
select 'grant '||privilege||' on '||owner||'.'||table_name||' to '||grantee||';' from DBA_TAB_PRIVS where grantee in (SELECT usr.username FROM sys.dba_users usr WHERE usr.created > (SELECT created FROM sys.v_$database))
union all
select 'grant '||privilege||' to '||grantee||';' from DBA_SYS_PRIVS where grantee in (SELECT usr.username FROM sys.dba_users usr WHERE usr.created > (SELECT created FROM sys.v_$database))
union all
select 'grant '||privilege||' ('||column_name||') '||' on '||owner||'.'||table_name||' to '||grantee||';' from DBA_COL_PRIVS where grantee in (SELECT usr.username FROM sys.dba_users usr WHERE usr.created > (SELECT created FROM sys.v_$database));
spool off
查看分配的角色列表。
select granted_role from DBA_ROLE_PRIVS where grantee in (SELECT usr.username FROM sys.dba_users usr WHERE usr.created > (SELECT created FROM sys.v_$database));
生成角色的授予特权声明。
set long 20000 longchunksize 20000 pagesize 0 linesize 1000 feedback off verify off trimspool on
spool file_name.sql
select 'grant '||privilege||' on '||owner||'.'||table_name||' to '||grantee||';' from DBA_TAB_PRIVS where grantee in (select granted_role from DBA_ROLE_PRIVS where grantee in (SELECT usr.username FROM sys.dba_users usr WHERE usr.created > (SELECT created FROM sys.v_$database)));
spool off