Oracle is a powerful database system, and its security is also highly valued. In Oracle, permission setting is very important. It can control the user's permissions and operation scope to access the database, thereby ensuring data security. This article will introduce in detail the methods and steps for setting permissions in Oracle.
1. User creation
In Oracle, you first need to create a user before you can control its permissions. Other users can be created using the SYS system administrator user, or new users can be created using other users with administrative rights. The command to create a user is as follows:
CREATE USER username IDENTIFIED BY password;
Among them, username is the username to be created, and password is the password corresponding to the username. In addition to this, you can assign specific roles to that user by turning on or off specific permissions for that user.
2. Role Creation
Roles can help Oracle administrators manage many different users and apply the same authorization to all users. Once a role is created, it can be granted to users or other roles to associate them with database objects. You can use the following command to create a new role:
CREATE ROLE rolename;
where rolename is the name of the role to be created. After the role is successfully created, you can use the following command to authorize the role:
GRANT <privilege> TO rolename;
where privilege is the permission to be granted. Multiple permissions can be combined into a single GRANT statement, which can be separated by commas, as shown below:
GRANT SELECT, INSERT, UPDATE ON tablename TO rolename;
At this point, rolename is granted SELECT, INSERT, and UPDATE table-level permissions.
3. Object authorization
Object permissions in Oracle include database-level permissions and table-level permissions, which can be divided into the following types:
Database-level authorization refers to authorizing the entire database object. You can use the following command for authorization:
GRANT <privilege> TO username;
where privilege is the permission to be granted. Similar to role authorization, multiple permissions can be combined into a single GRANT statement for authorization.
Table-level permissions refer to authorizing a certain table in the database. You can use the following command to authorize:
GRANT <privilege> ON tablename TO username;
Among them, privilege is the permission to be granted, and tablename is the name of the table that needs authorization. Multiple permissions can be granted separated by commas. For example:
GRANT SELECT, INSERT, UPDATE ON tablename TO username;
At this time, username is granted SELECT, INSERT and UPDATE table-level permissions.
4. Recover permissions
If you need to recover permissions, you can use the following command:
REVOKE <privilege> FROM username;
Among them, privilege is the permission to be recovered. It should be noted that if you have used a role to authorize the user, you must first revoke the corresponding permission in the role before you can revoke the permission from the user.
5. Summary
Oracle's permission control is very flexible, and the database can be securely controlled through a combination of users, roles and permissions. In practical applications, it is necessary to choose the appropriate authorization method and level according to different scenarios to protect the security and privacy of the database.
The above is the detailed content of How to set permissions in oracle. For more information, please follow other related articles on the PHP Chinese website!