Chinaunix首页 | 论坛 | 博客
  • 博客访问: 3693513
  • 博文数量: 715
  • 博客积分: 1860
  • 博客等级: 上尉
  • 技术积分: 7745
  • 用 户 组: 普通用户
  • 注册时间: 2008-04-07 08:51
个人简介

偶尔有空上来看看

文章分类

全部博文(715)

文章存档

2023年(75)

2022年(134)

2021年(238)

2020年(115)

2019年(11)

2018年(9)

2017年(9)

2016年(17)

2015年(7)

2014年(4)

2013年(1)

2012年(11)

2011年(27)

2010年(35)

2009年(11)

2008年(11)

分类: Oracle

2021-09-08 22:16:57

oracle 19c 版:

  1. set long 9999
  2. set pages 999

  3. 1、创建 profile脚本
  4. SELECT dbms_metadata.get_ddl('PROFILE',name) p FROM sys.profname$ WHERE flags!=8 order by name;

  5. 2、创建用户脚本
  6. select dbms_metadata.get_ddl('USER', username) u from dba_users where ORACLE_MAINTAINED='N' order by username;

  7. 3、创建表空间限额
  8. select dbms_metadata.get_granted_ddl('TABLESPACE_QUOTA',username) q from dba_users where username in(select username from dba_ts_quotas where username in (select username from dba_users where ORACLE_MAINTAINED='N')) order by username;

  9. 4、创建角色
  10. select dbms_metadata.get_granted_ddl ('ROLE_GRANT',username) r from dba_users where username in(SELECT grantee from dba_role_privs where username in (select username from dba_users where ORACLE_MAINTAINED='N')) order by username;

  11. 如果是业务创建的角色

  12. SELECT 'grant '||GRANTED_ROLE||' to '||role||';' r FROM ROLE_ROLE_PRIVS WHERE ROLE='APPROLE1';

    SELECT 'grant '||PRIVILEGE||' to '||role||';' r FROM ROLE_SYS_PRIVS WHERE ROLE='APPROLE1';

    SELECT 'grant '||PRIVILEGE||' on '||owner||'.'||TABLE_NAME||' to '||role||';' r FROM ROLE_TAB_PRIVS WHERE ROLE='APPROLE1';
    这里未考虑admin、字段权限等细节,也有可能创建的role没有给任何用户使用,
    这样的可以考虑放弃(扔了)。

  13. 5、系统权限
  14. select dbms_metadata.get_granted_ddl ('SYSTEM_GRANT', username) s from dba_users where username in(SELECT grantee from dba_sys_privs ) and username in (select username from dba_users where ORACLE_MAINTAINED='N') order by username;

  15. 6、对象权限
  16. select dbms_metadata.get_granted_ddl ('OBJECT_GRANT', username) t from dba_users where username in(SELECT grantee from dba_tab_privs) and username in (select username from dba_users where ORACLE_MAINTAINED='N') order by username;
Type Name Meaning Attributes Notes

AQ_QUEUE

queues

SND

Dependent on table

AQ_QUEUE_TABLE

additional metadata for queue tables

ND

Dependent on table

AQ_TRANSFORM

transforms

SN

None

ASSOCIATION

associate statistics

D

None

AUDIT

audits of SQL statements

DG

Modeled as dependent, granted object. The base object name is the statement audit option name (for example, ALTER SYSTEM). There is no base object schema. The grantee is the user or proxy whose statements are audited.

AUDIT_OBJ

audits of schema objects

D

None

CLUSTER

clusters

SN

None

COMMENT

comments

D

None

CONSTRAINT

constraints

SND

Constraints do not include the following:

  • Primary key constraint for IOT
  • Column NOT NULL constraints
  • Certain REF SCOPE and WITH ROWID constraints for tables with REF columns

CONTEXT

application contexts

N

None

DATABASE_EXPORT

all metadata objects in a database

H

Corresponds to a full database export

DB_LINK

database links

SN

Modeled as schema objects because they have owners. For public links, the owner is PUBLIC. For private links, the creator is the owner.

DEFAULT_ROLE

default roles

G

Granted to a user by ALTER USER

DIMENSION

dimensions

SN

None

DIRECTORY

directories

N

None

FGA_POLICY

fine-grained audit policies

D

Not modeled as named object because policy names are not unique.

FUNCTION

stored functions

SN

None

INDEX_STATISTICS

precomputed statistics on indexes

D

The base object is the index's table.

INDEX

indexes

SND

None

INDEXTYPE

indextypes

SN

None

JAVA_SOURCE

Java sources

SN

None

JOB

jobs

S

None

LIBRARY

external procedure libraries

SN

None

MATERIALIZED_VIEW

materialized views

SN

None

MATERIALIZED_VIEW_LOG

materialized view logs

D

None

OBJECT_GRANT

object grants

DG

None

ON_USER_GRANT

Grants

G

Modeled as user grants. Grants the privileges of one user to other user in the form GRANT ... ON USER .... The grantee is the user. Example:

GRANT INHERIT PRIVILEGES ON USER "USER1" TO "USER2".

OPERATOR

operators

SN

None

PACKAGE

stored packages

SN

By default, both package specification and package body are retrieved. See "".

PACKAGE_SPEC

package specifications

SN

None

PACKAGE_BODY

package bodies

SN

None

PROCEDURE

stored procedures

SN

None

PROFILE

profiles

N

None

PROXY

proxy authentications

G

Granted to a user by ALTER USER

REF_CONSTRAINT

referential constraint

SND

None

REFRESH_GROUP

refresh groups

SN

None

RESOURCE_COST

resource cost info

H

None

RLS_CONTEXT

driving contexts for enforcement of fine-grained access-control policies

D

Corresponds to the DBMS_RLS.ADD_POLICY_CONTENT procedure

RLS_GROUP

fine-grained access-control policy groups

D

Corresponds to the DBMS_RLS.CREATE_GROUP procedure

RLS_POLICY

fine-grained access-control policies

D

Corresponds to DBMS_RLS.ADD_GROUPED_POLICY. Not modeled as named objects because policy names are not unique.

RMGR_CONSUMER_GROUP

resource consumer groups

SN

Oracle Data Pump does not use these object types. Instead, it exports resource manager objects as procedural objects.

RMGR_INTITIAL_CONSUMER_GROUP

assign initial consumer groups to users

G

None

RMGR_PLAN

resource plans

SN

None

RMGR_PLAN_DIRECTIVE

resource plan directives

D

Dependent on resource plan

ROLE

roles

N

None

ROLE_GRANT

role grants

G

None

ROLLBACK_SEGMENT

rollback segments

N

None

SCHEMA_EXPORT

all metadata objects in a schema

H

Corresponds to user-mode export.

SEQUENCE

sequences

SN

None

SQL_DOMAIN

SQL domains

See notes

A domain is a high-level dictionary object that belongs to a schema and encapsulates a set of properties and constraints. The attributes and constraints are defined and managed only for the domain, and are automatically applied to all the columns of the given domain.

SYNONYM

synonyms

See notes

Private synonyms are schema objects. Public synonyms are not, but for the purposes of this API, their schema name is PUBLIC. The name of a synonym is considered to be the synonym itself. For example, in CREATE PUBLIC SYNONYM FOO FOR BAR, the resultant object is considered to have name FOO and schema PUBLIC.

SYSTEM_GRANT

system privilege grants

G

None

TABLE

tables

SN

None

TABLE_DATA

metadata describing row data for a table, nested table, or partition

SND

For partitions, the object name is the partition name.

For nested tables, the object name is the storage table name. The base object is the top-level table to which the table data belongs. For nested tables and partitioning, this is the top-level table (not the parent table or partition). For nonpartitioned tables and non-nested tables this is the table itself.

TABLE_EXPORT

metadata for a table and its associated objects

H

Corresponds to table-mode export

TABLE_STATISTICS

precomputed statistics on tables

D

None

TABLESPACE

tablespaces

N

None

TABLESPACE_QUOTA

tablespace quotas

G

Granted with ALTER USER

TRANSPORTABLE_EXPORT

metadata for objects in a transportable tablespace set

H

Corresponds to transportable tablespace export

TRIGGER

triggers

SND

None

TRUSTED_DB_LINK

trusted links

N

None

TYPE

user-defined types

SN

By default, both type and type body are retrieved. See "SET_FILTER Procedure". .

TYPE_SPEC

type specifications

SN

None

TYPE_BODY

type bodies

SN

None

USER

users

N

None

VIEW

views

SN

None

XMLSCHEMA

XML schema

SN

The object's name is its URL (which can be longer than 30 characters). Its schema is the user who registered it.

XS_USER

Real Application Security (RAS) user

N

Corresponds to RAS users

XS_ROLE

Real Application Security (RAS) role

N

Corresponds to RAS roles

XS_ROLESET

Real Application Security (RAS) rolesets

N

Corresponds to RAS rolesets

XS_ROLE_GRANT

Real Application Security (RAS) role grants

N

Corresponds to RAS role grants

XS_SECURITY_CLASS

Real Application Security (RAS) security class

SN

Corresponds to RAS security classes

XS_DATA_SECURITY

Real Application Security (RAS) data security policy

SN

Corresponds to RAS data security policies

XS_ACL

Real Application Security (RAS) ACL

SN

Corresponds to RAS access control lists (ACLs) and associated access control entries (ACEs)

XS_ACL_PARAM

Real Application Security (RAS) ACL parameter

N

Corresponds to RAS access control lists (ACL) parameters

XS_NAMESPACE

Real Application Security (RAS) namespace

N

Corresponds to RAS namespaces.


所有对象类型。

  1. https://docs.oracle.com/en/database/oracle/oracle-database/23/arpls/DBMS_METADATA.html#GUID-312AFC59-FD7B-4274-ADB6-3C1F752681C0


阅读(1196) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~