附录

附录1 “三权分立”预设角色权限列表

说明:表中所列权限均为在同一数据库类型中的权限,如DBA具有SELECT ANY TABLE的权限,但是不能查询SYSAUDITOR.SYSAUDIT表;而DB_AUDIT_ADMIN具有CREATE USER权限,创建的用户也只能是AUDIT类型用户。

预设角色 预设数据库权限
DBA ALTER DATABASE
RESTORE DATABASE
CREATE USER
ALTER USER
DROP USER
CREATE ROLE
CREATE SCHEMA
CREATE TABLE
CREATE VIEW
CREATE PROCEDURE
CREATE SEQUENCE
CREATE TRIGGER
CREATE INDEX
CREATE CONTEXT INDEX
BACKUP DATABASE
CREATE LINK
CREATE REPLICATE
CREATE PACKAGE
CREATE SYNONYM
CREATE PUBLIC SYNONYM
ALTER REPLICATE
DROP REPLICATE
DROP ROLE
ADMIN ANY ROLE
ADMIN ANY DATABASE PRIVILEGE
GRANT ANY OBJECT PRIVILEGE
CREATE ANY SCHEMA
DROP ANY SCHEMA
CREATE ANY TABLE
ALTER ANY TABLE
DROP ANY TABLE
INSERT TABLE
INSERT ANY TABLE
UPDATE TABLE
UPDATE ANY TABLE
DELETE TABLE
DELETE ANY TABLE
SELECT TABLE
SELECT ANY TABLE
REFERENCES TABLE
REFERENCES ANY TABLE
DUMP TABLE
DUMP ANY TABLE
GRANT TABLE
GRANT ANY TABLE
CREATE ANY VIEW
ALTER ANY VIEW
DROP ANY VIEW
INSERT VIEW
INSERT ANY VIEW
UPDATE VIEW
UPDATE ANY VIEW
DELETE VIEW
DELETE ANY VIEW
SELECT VIEW
SELECT ANY VIEW
GRANT VIEW
GRANT ANY VIEW
CREATE ANY PROCEDURE
DROP ANY PROCEDURE
EXECUTE PROCEDURE
EXECUTE ANY PROCEDURE
GRANT PROCEDURE
GRANT ANY PROCEDURE
CREATE ANY SEQUENCE
ALTER ANY SEQUENCE
DROP ANY SEQUENCE
SELECT SEQUENCE
SELECT ANY SEQUENCE
GRANT SEQUENCE
GRANT ANY SEQUENCE
CREATE ANY TRIGGER
DROP ANY TRIGGER
CREATE ANY INDEX
ALTER ANY INDEX
DROP ANY INDEX
CREATE ANY CONTEXT INDEX
ALTER ANY CONTEXT INDEX
DROP ANY CONTEXT INDEX
CREATE ANY PACKAGE
DROP ANY PACKAGE
EXECUTE PACKAGE
EXECUTE ANY PACKAGE
GRANT PACKAGE
GRANT ANY PACKAGE
CREATE ANY LINK
DROP ANY LINK
CREATE ANY SYNONYM
DROP ANY SYNONYM
DROP PUBLIC SYNONYM
ADMIN REPLAY
ADMIN BUFFER
CREATE TABLESPACE
ALTER TABLESPACE
DROP TABLESPACE
ALTER ANY TRIGGER
CREATE MATERIALIZED VIEW
CREATE ANY MATERIALIZED VIEW
DROP ANY MATERIALIZED VIEW
ALTER ANY MATERIALIZED VIEW
SELECT MATERIALIZED VIEW
SELECT ANY MATERIALIZED VIEW
CREATE ANY DOMAIN
DROP ANY DOMAIN
CREATE DOMAIN
GRANT ANY DOMAIN
GRANT DOMAIN
USAGE ANY DOMAIN
USAGE DOMAIN
CREATE ANY CONTEXT
DROP ANY CONTEXT
GRANT ANY CONTEXT
COMMENT ANY TABLE
CREATE ANY DIRECTORY
DROP ANY DIRECTORY
ADMIN JOB
RESOURCE CREATE SCHEMA
CREATE TABLE
CREATE VIEW
CREATE PROCEDURE
CREATE SEQUENCE
CREATE TRIGGER
CREATE INDEX
CREATE CONTEXT INDEX
CREATE LINK
CREATE PACKAGE
CREATE SYNONYM
CREATE PUBLIC SYNONYM
INSERT TABLE
UPDATE TABLE
DELETE TABLE
SELECT TABLE
REFERENCES TABLE
DUMP TABLE
GRANT TABLE
INSERT VIEW
UPDATE VIEW
DELETE VIEW
SELECT VIEW
GRANT VIEW
EXECUTE PROCEDURE
GRANT PROCEDURE
SELECT SEQUENCE
GRANT SEQUENCE
EXECUTE PACKAGE
GRANT PACKAGE
CREATE MATERIALIZED VIEW
SELECT MATERIALIZED VIEW
CREATE DOMAIN
GRANT DOMAIN
USAGE DOMAIN
PUBLIC INSERT TABLE
UPDATE TABLE
DELETE TABLE
SELECT TABLE
REFERENCES TABLE
GRANT TABLE
INSERT VIEW
UPDATE VIEW
DELETE VIEW
SELECT VIEW
GRANT VIEW
EXECUTE PROCEDURE
GRANT PROCEDURE
SELECT SEQUENCE
GRANT SEQUENCE
EXECUTE PACKAGE
GRANT PACKAGE
SELECT MATERIALIZED VIEW
GRANT DOMAIN
USAGE DOMAIN
DUMP TABLE 
DB_AUDIT_ADMIN CREATE USER
ALTER USER
DROP USER
AUDIT DATABASE
DB_AUDIT_OPER AUDIT DATABASE
DB_AUDIT_PUBLIC
DB_POLICY_ADMIN CREATE USER
ALTER USER
DROP USER
LABEL DATABASE
DB_POLICY_OPER LABEL_DATABASE
DB_POLICY_PUBLIC

附录2 “四权分立”预设角色权限列表

说明:表中所列权限均为在同一数据库类型中的权限,如DBA具有SELECT ANY TABLE的权限,但是不能查询SYSAUDITOR.SYSAUDIT表;而DB_AUDIT_ADMIN具有CREATE USER权限,创建的用户也只能是AUDIT类型用户。

预设角色 预设数据库
DBA ALTER DATABASE
BACKUP DATABASE
RESTORE DATABASE
CREATE USER
ALTER USER
DROP USER
CREATE ROLE
DROP ROLE
ADMIN ANY ROLE
CREATE TABLESPACE
ALTER TABLESPACE
DROP TABLESPACE
CREATE REPLICATE
ALTER REPLICATE
DROP REPLICATE
VERIFY DATABASE
ADMIN REPLAY
ADMIN BUFFER
ADMIN JOB
RESOURCE CREATE ROLE
DROP ROLE
PUBLIC &##26080;
DB_OBJECT_ADMIN CREATE USER
ALTER USER
DROP USER
CREATE ROLE
DROP ROLE
ADMIN ANY ROLE
CREATE SCHEMA
CREATE TABLE
INSERT TABLE
UPDATE TABLE
DELETE TABLE
SELECT TABLE
REFERENCES TABLE
DUMP TABLE
GRANT TABLE
CREATE VIEW
INSERT VIEW
UPDATE VIEW
DELETE VIEW
SELECT VIEW
GRANT VIEW
CREATE DOMAIN
GRANT DOMAIN
USAGE DOMAIN
CREATE PROCEDURE
EXECUTE PROCEDURE
GRANT PROCEDURE
CREATE SEQUENCE
SELECT SEQUENCE
GRANT SEQUENCE
CREATE TRIGGER
CREATE INDEX
CREATE CONTEXT INDEX
CREATE PACKAGE
EXECUTE PACKAGE
GRANT PACKAGE
CREATE SYNONYM
CREATE PUBLIC SYNONYM
DROP PUBLIC SYNONYM
CREATE LINK
CREATE ANY CONTEXT
DROP ANY CONTEXT
GRANT ANY CONTEXT
COMMENT ANY TABLE
CREATE ANY DIRECTORY
DROP ANY DIRECTORY
DB_OBJECT_OPER CREATE SCHEMA
CREATE TABLE
INSERT TABLE
UPDATE TABLE
DELETE TABLE
SELECT TABLE
REFERENCES TABLE
DUMP TABLE
GRANT TABLE
CREATE VIEW
INSERT VIEW
UPDATE VIEW
DELETE VIEW
SELECT VIEW
GRANT VIEW
CREATE DOMAIN
CREATE PROCEDURE
EXECUTE PROCEDURE
GRANT PROCEDURE
CREATE SEQUENCE
SELECT SEQUENCE
GRANT SEQUENCE
CREATE TRIGGER
CREATE INDEX
CREATE CONTEXT INDEX
CREATE PACKAGE
EXECUTE PACKAGE
GRANT PACKAGE
CREATE SYNONYM
CREATE PUBLIC SYNONYM
CREATE LINK
DB_OBJECT_PUBLIC INSERT TABLE
UPDATE TABLE
DELETE TABLE
SELECT TABLE
REFERENCES TABLE
DUMP TABLE
GRANT TABLE
INSERT VIEW
UPDATE VIEW
DELETE VIEW
SELECT VIEW
GRANT VIEW
EXECUTE PROCEDURE
GRANT PROCEDURE
SELECT SEQUENCE
GRANT SEQUENCE
EXECUTE PACKAGE
GRANT PACKAGE
DB_AUDIT_ADMIN CREATE USER
ALTER USER
DROP USER
AUDIT DATABASE
DB_AUDIT_OPER AUDIT DATABASE
DB_AUDIT_PUBLIC &##26080;
DB_POLICY_ADMIN CREATE USER
ALTER USER
DROP USER
LABEL DATABASE
DB_POLICY_OPER LABEL_DATABASE
DB_POLICY_PUBLIC
微信扫码
分享文档
扫一扫
联系客服