-
Notifications
You must be signed in to change notification settings - Fork 189
Expand file tree
/
Copy pathcheck_object_grants.sql
More file actions
63 lines (57 loc) · 2.31 KB
/
check_object_grants.sql
File metadata and controls
63 lines (57 loc) · 2.31 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
/*
utPLSQL - Version 3
Copyright 2016 - 2026 utPLSQL Project
Licensed under the Apache License, Version 2.0 (the "License"):
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
declare
$if dbms_db_version.version >= 18 $then
c_expected_grants constant dbmsoutput_linesarray := dbmsoutput_linesarray('DBMS_CRYPTO');
$else
c_expected_grants constant dbmsoutput_linesarray := dbmsoutput_linesarray('DBMS_LOCK','DBMS_CRYPTO');
$end
l_missing_grants varchar2(4000);
l_target_table varchar2(128);
l_owner_column varchar2(128);
function get_view(a_dba_view_name varchar2) return varchar2 is
l_invalid_object_name exception;
l_result varchar2(128) := lower(a_dba_view_name);
pragma exception_init(l_invalid_object_name,-44002);
begin
l_result := dbms_assert.sql_object_name(l_result);
return l_result;
exception
when l_invalid_object_name then
return replace(l_result,'dba_','all_');
end;
begin
l_target_table := get_view('dba_tab_privs');
l_owner_column := case when l_target_table like 'dba%' then 'owner' else 'table_schema' end;
execute immediate q'[
select /*+ no_parallel */ listagg(' - '||object_name,CHR(10)) within group(order by object_name)
from (
select column_value as object_name
from table(:l_expected_grants)
minus
select table_name as object_name
from ]'||l_target_table||q'[
where grantee = SYS_CONTEXT('userenv','current_schema')
and ]'||l_owner_column||q'[ = 'SYS')]'
into l_missing_grants using c_expected_grants;
if l_missing_grants is not null then
raise_application_error(
-20000
, 'The following object grants are missing for user "'||SYS_CONTEXT('userenv','current_schema')||'" to install utPLSQL:'||CHR(10)
||l_missing_grants||CHR(10)
||'Please read the installation documentation at http://utplsql.org/utPLSQL/'
);
end if;
end;
/