(1) --建立一個user名稱test01(CREATE USER test01)密碼預設為test01(語法:IDENTIFIED BY test01)
CREATE USER TEST01 IDENTIFIED BY test01 ;
(2) --賦予test01可以連接資料庫的權限
GRANT CREATE SESSION TO test01;
(3) --建立一個user test02,且賦予連線權限
CREATE USER TEST02 IDENTIFIED BY test02 ;
GRANT CREATE SESSION TO test02;
2.login user: hr (練習建立public synonyms與權限)
(1) --將hr下面的table:departments建立成為公用synonyms:dep_p
create public synonym dep_p for hr.departments;
(2) --賦予user:test01可以讀取(select)hr裡面的table:departments的權限
grant select on departments to test01;
3.login user: test01 (測試是否能讀取public synonyms)
(1) --測試是否能讀取公用synonyms(以下語法執行若不成功表示上述範例1與2的設定有問題)
select * from dep_p ;
4.login user: test02 (測試是否能讀取public synonyms)
(1) --測試是否能讀取公用synonyms(以下語法執行會出現錯誤ORA-00942: 表格或視觀表不存在
--,因為雖然dep_p為public,但是在範例2-(2)中沒有設定test02的讀取權限)
select * from dep_p ;
5.login user: hr (練習建立權限)
(1) --賦予user:test02可以讀取(select)hr裡面的table:departments的權限
grant select on departments to test02;
6.login user: test02 (測試是否能讀取public synonyms)
(1) --測試是否能讀取公用synonyms(以下語法執行若不成功表示上述範例5的設定有問題)
select * from dep_p ;
7.login user: hr (練習with grant option)
(1) --先將之前建立的權限移除
revoke select on departments from test02;
revoke select on departments from test01;
(2) --賦予test01有with grant option的權限
grant select on departments to test01
with grant option;
(2) --賦予user:test01可以讀取(select)hr裡面的table:departments的權限
grant select on departments to test01;
8.login user: test01 (測試是否能讀取public synonyms)
(1) --測試是否能讀取公用synonyms(以下語法執行若不成功表示上述範例7的設定有問題)
select * from dep_p ;
9.login user: test02 (測試是否能讀取public synonyms)
(1) --測試是否能讀取公用synonyms(應該會無法讀取才對)
select * from dep_p ;
10.login user: test01 (練習with grant option)
(1) --練習由user:test01去指定賦予user:test02讀取user:hr的table:departments的權限
grant select on hr.departments to test02;
11.login user: test02 (測試是否能讀取public synonyms)
(1) --測試是否能讀取公用synonyms(應該會可以讀取才對)
select * from dep_p ;
12.login user: hr (練習移除with grant option)
(1) --直接由hr撤銷test01對department的select權限
revoke select on departments from test01;
13.login user: test01 (測試是否能讀取public synonyms)
(1) --測試是否能讀取公用synonyms(應該會無法讀取才對,因範例12已經撤銷權限)
select * from dep_p ;
14.login user: test02 (測試是否能讀取public synonyms)
(1) --測試是否能讀取公用synonyms(應該會無法讀取才對,因為範例12已經撤銷父層權限)
select * from dep_p ;
15.login user: hr (練習建立private synonyms與權限)
(1) --將hr下面的table:departments建立成為user:test02私用synonyms:dept
create synonym test02.dept for hr.departments;
(2) --賦予user:test02可以讀取(select)hr裡面的table:departments的權限
grant select on departments to test02;
16.login user: test02 (測試是否能讀取private synonyms)
(1) --測試是否能讀取私用synonyms(應該會可以讀取才對)
select * from dept ;
