Академический Документы
Профессиональный Документы
Культура Документы
Two types of DCL commands are GRANT and REVOTE. Only Database Administrator's or owner's of the database object can provide/remove privileges on a databse object.
y y y y y y y
privilege_name is the access right or privilege granted to the user. Some of the access rights are ALL, EXECUTE, and SELECT. object_name is the name of an database object like TABLE, VIEW, STORED PROC and SEQUENCE. user_name is the name of the user to whom an access right is being granted. user_name is the name of the user to whom an access right is being granted. PUBLIC is used to grant access rights to all users. ROLES are a set of privileges grouped together. WITH GRANT OPTION - allows a user to grant access rights to other users. For Eample: GRANT SELECT ON employee TO user1;This command grants a SELECT permission on employee table to user1.You should use the WITH GRANT option carefully because for example if you GRANT SELECT privilege on employee table to user1 using the WITH GRANT option, then user1 can GRANT SELECT privilege on employee table to another user, such as user2 etc. Later, if you REVOKE the SELECT privilege on employee from user1, still user2 will have SELECT privilege on employee table.
privilege_name object_name
For Eample: REVOKE SELECT ON employee FROM user1;This commmand will REVOKE a SELECT privilege on employee table from user1.When you REVOKE SELECT privilege on a table from a user, the user will not be able to SELECT data from that table anymore. However, if the user has received SELECT privileges on that table from more than one users, he/she can SELECT from that table until everyone who granted the permission revokes it. You cannot REVOKE privileges if they were not initially granted by you.
Privileges: Privileges defines the access rights provided to a user on a database object. There are two types of privileges. 1) System privileges - This allows the user to CREATE, ALTER, or DROP database objects. 2) Object privileges - This allows the user to EXECUTE, SELECT, INSERT, UPDATE, or DELETE data from database objects to which the privileges apply. Few CREATE system privileges are listed below: System Privileges CREATE object CREATE ANY object
Description allows users to create the specified object in their own schema. allows users to create the specified object in any schema.
The above rules also apply for ALTER and DROP system privileges. Few of the object privileges are listed below: Object Privileges INSERT SELECT UPDATE EXECUTE
Description allows users to insert rows into a table. allows users to select data from a database object. allows user to update data in a table. allows user to execute a stored procedure or a function.
Roles: Roles are a collection of privileges or access rights. When there are many users in a database it becomes difficult to grant or revoke privileges to users. Therefore, if you define roles, you can grant or revoke privileges to users, thereby automatically granting or revoking privileges. You can either create Roles or use the system roles pre-defined by oracle. Some of the privileges granted to the system roles are as given below: System Role CREATE CONNECT SYNONYM, SESSION etc. CREATE RESOURCE CREATE PROCEDURE, TABLE, CREATE CREATE SEQUENCE, etc. The
CREATE
SEQUENCE,
TRIGGER
DBA
Creating Roles:
The Syntax to create a role is:
ROLE
role_name
For example: To create a role called "developer" with password as "pwd",the code will be as follows
ROLE
testing
It's easier to GRANT or REVOKE privileges to the users through a role rather than assigning a privilege direclty to every user. If a role is identified by a password, then, when you GRANT or REVOKE privileges to the role, you definetely have to identify it with the password. We can GRANT or REVOKE privilege to a role as below. For example: To grant CREATE TABLE privilege to a user by creating a testing role: First, create a testing Role
Definition of the table 'album' This table holds information about audio CDs, as there is one album on one audio CD. Attribute data type
Attribute name
Comment
Primary key A name of the album A name of the album's interpreter Any notes about the album The date the album has been released on
Definition of the table 'song' This table holds information about songs on albums. Attribute data type INTEGER INTEGER VARCHAR(80) LONG VARCHAR TIME
Comment Primary key Foreign key into the table 'album' A name of the song Any notes about the song Song's length
Example #2 Select name and notes of album where the 'Only You' song is recorded and performed by Elvis Presley. SELECT a.name, a.notes FROM album a, song s WHERE s.name = 'Only You' AND s.album = a.id AND a.interpreter = 'Elvis Presley'
Example #3 Select all songs at which the name begins with 'Th' SELECT * FROM song WHERE name LIKE 'Th%'
Example #4 Select all notes of albums, which don't begin with '50%'. SELECT notes FROM album WHERE note NOT LIKE '%50@%%' ESCAPE '@'
Example #5 Select minimum, average and maximum lengths of songs of each of interpreters where the song length is not between 2:00 and 2:40 minutes. SELECT a.interpreter, MIN(s.length) as 'Minimum', MAX(s.length) as 'Maximum', AVG(s.length) as 'Average' FROM album a, song s GROUP BY interpreter HAVING length BETWEEN 0:2:00 AND 0:2:40 Note that text format of time generally depends on locale settings.
Example #6 Select all dates when any album has been released and handle cases of not entered values. SELECT DISTINCT NVL(released, 'Not all dates were entered!') FROM album
Example #8 Insert the song 'Are you lonesome tonight?' for this album and fill all attributes.
INSERT INTO song VALUES (1, 1, 'Are you lonesome tonight?', 'My almost most favorite song', 0:3:06) Note that text format of time generally depends on your locale settings.
notes LONG VARCHAR, released DATE) CREATE TABLE song (id INTEGER PRIMARY KEY, album INTEGER NOT NULL, name VARCHAR(80), notes LONG VARCHAR, length TIME, CONSTRAINT albumkey FOREIGN KEY (album) REFERENCES album(id)) Note that the (album) is the 'song' table's attribute, while the album(id) means the attribute 'id' of the 'album' table.
Example #12 Create a view containing only albums of Elvis Presley. CREATE VIEW ElvisAlbums AS SELECT * FROM album WHERE interpreter = 'Elvis Presley'
Example #14 Because the name of manufacturer is useless, delete this attribute from the example #13. ALTER TABLE album DROP manufacturer
You are closing the whole CD catalog. Delete both tables. DROP TABLE song DROP TABLE album Note that the table 'song' must be delete first because it contains reference to the second table.
Example #17 Because the database may be accessed by a wide public, grant them only the SELECT statement. REVOKE INSERT, UPDATE, DELETE ON album, song TO PUBLIC
Example #18 Create a group of users, which can add and modify records, but not delete them. CREATE ROLE editors GRANT SELECT, INSERT UPDATE ON album, song TO editors
Example #19 You have got new guy in your team and you want to authorize him to delete records. His user name is JBlack. Take an advantage of the example #18. GRANT editors, DELETE ON album, song TO JBlack
Example #20 Once again you are alone to maintain the CD catalog, because all your co-workers are gone. Only the editors role is left and useless. Delete it. DROP ROLE editors
Stored procedures
Example #21 There is a procedure named GetAlbum that returns the value of the attribute 'id' of the table 'album' for a record represented by interpreter and album name. Get the primary key for the 'Top Ten Hits' album by Elvis Presley. {CALL GetAlbum('Elvis Presley', 'Top Ten Hits')} Note that the result will be displayed and then discarded.
Transactions
Example #22 You are gonna to give the album 'Greatest Hits' by Roxette to your best friend as a birthday present. Delete all songs for this album and it itself from the catalog. Use the procedure from the example #21. Here you have to start the transaction with taken of specific features of your DBMS. DELETE FROM song WHERE album = GetAlbum('Roxette', 'Greatest Hits') DELETE FROM album WHERE id = GetAlbum('Roxette', 'Greatest Hits')
3, 'hello' ,
to_date('28.08.1970')); insert into table_1 values ( 42, 'galaxy', to_date('01.01.2001')); insert into table_1 values (100, 'bye' to_date('09.02.2004')); ,
3, 'bye'
insert into table_2 values ( 42, 'galaxy', to_date('01.01.2001')); insert into table_2 values ( 60, 'bye' to_date('09.02.2004')); insert into table_2 values ( to_date('05.05.2002')); ,
3, 'hello' ,
union all
union all selects all rows from all select statements: select col_1, col_2, col_3 from table_1 union all select col_1, col_2, col_3 from table_2;
As can be seen, all records of both tables are returned:
COL_1 COL_2
COL_3
---------- ---------- ---------3 hello 42 galaxy 100 bye 3 bye 42 galaxy 60 bye 3 hello 28.08.1970 01.01.2001 09.02.2004 28.08.1970 01.01.2001 09.02.2004 05.05.2002
union
union all is very similar to union, however, it dismisses
duplicate rows found across different select statements:
select col_1, col_2, col_3 from table_1 union select col_1, col_2, col_3 from table_2;
The galaxy record is a duplicate. Hence, it is returned only once:
COL_1 COL_2
COL_3
---------- ---------- ---------3 bye 3 hello 3 hello 42 galaxy 60 bye 100 bye 28.08.1970 28.08.1970 05.05.2002 01.01.2001 09.02.2004 09.02.2004
intersect
intersect only returns the rows that are found in all select
statements:
select col_1, col_2, col_3 from table_1 intersect select col_1, col_2, col_3 from table_2;
Only the galaxy record is returned. It's the only record that is stored in both tables:
COL_1 COL_2
COL_3
minus
minus returns all rows from the first select statements except
those who are duplicated in a following select statement:
select col_1, col_2, col_3 from table_1 minus select col_1, col_2, col_3 from table_2;
As the galaxy record is found in both tables, it is removed from the first table's record set:
COL_1 COL_2
COL_3
Difference:
Exclude rows common to both tables. Which records in TABLE_A do not share A_KEY in TABLE_B?
select * from TABLE_A where A_KEY not in (select A_KEY from TABLE_B)
With the SQL-92 Standards keyword 'EXCEPT' Follow the same rules as the keyword 'UNION'
select * from TABLE_A EXCEPT select * from TABLE_B also seen as: select * from TABLE_A MINUS select * from TABLE_B
Division:
Find items in one set that are related to all of the items in another set. In a many-to-many relationship there are three tables, A, B, C with C as the table representing the many-to-many key pairs of A and B. For simple division: What are the 'A_KEY's to which all 'B_KEY's belong?
select distinct A_KEY from TABLE_C C where not exists ( select B_KEY from TABLE_B B where not exists ( select * from TABLE_C CC where A.A_KEY = CC.A_KEY and B.B_KEY = CC.B_KEY ))
Partition:
What are the records of 'TABLE_A' that have the top ten values of 'ATTRIBUTE'?
select * from TABLE_A A, TABLE_A B where A.ATTRIBUTE <= B.ATTRIBUTE group by KEY, ATTRIBUTE having count(*) <= 10 order by ATTRIBUTE
Intersection:
The intersection of two sets. What are the records of 'TABLE_A' that share a 'KEY' with records of 'TABLE_B'?
select * from TABLE_A where TABLE_A.KEY in (select TABLE_B.KEY from TABLE_B)