Q: How to prevent any kind of DDL from any schema?
To prevent any kind of DDLs, this trigger will be stored on proper schema always and if any DDL issueed in the presence of the trigger, it will give us an error message.
CREATE OR REPLACE TRIGGER ddl_restrict_trigger
BEFORE ALTER OR CREATE OR DROP OR TRUNCATE
ON SCHEMA
BEGIN
RAISE_APPLICATION_ERROR(-20001,' You are not authorized to perform DDL. Please contact DBA Team.');
END;
/
Q: How to prevent any kind of DML from any table?
You can restrict the user on DML activity on tables other than select with a DML trigger. The following trigger won't allow to insert or delete or update on the table test.
create or replace trigger t1
before insert or update or delete on test for each row
begin
if inserting or updating or deleting then
raise_application_error(-20001,'Not Allowed');
end if;
end;
Q: STOP DML & DDL by making Sequence.
All tables are in nddba4@jupiter. I want to restrict the developers on DML activity on the data of nddba4. So am making another user nddba5. In nddba5, am making all the synonyms of the tables of nddba4 . Now giving the devels access on nddba5. Here they only see the synonyms.
--fake user nddba5@jupiter, real user nddba4@jupiter
create user nddba5 identified by nddba5 default tablespace states;
grant connect, create synonym to nddba5;
grant select any table to nddba5;
grant select any dictionary to nddba5;
--at nddba5@jupiter, run this
SET SERVEROUT ON;
DECLARE
stmt varchar2(300);
BEGIN
FOR dr IN (select table_name from dba_tables where owner='NDDBA4')
LOOP
stmt := 'CREATE SYNONYM ' || dr.table_name || ' FOR NDDBA4.' || dr.table_name;
DBMS_OUTPUT.PUT_LINE(stmt);
EXECUTE IMMEDIATE stmt;
END LOOP;
END;
/
To prevent any kind of DDLs, this trigger will be stored on proper schema always and if any DDL issueed in the presence of the trigger, it will give us an error message.
CREATE OR REPLACE TRIGGER ddl_restrict_trigger
BEFORE ALTER OR CREATE OR DROP OR TRUNCATE
ON SCHEMA
BEGIN
RAISE_APPLICATION_ERROR(-20001,' You are not authorized to perform DDL. Please contact DBA Team.');
END;
/
Q: How to prevent any kind of DML from any table?
You can restrict the user on DML activity on tables other than select with a DML trigger. The following trigger won't allow to insert or delete or update on the table test.
create or replace trigger t1
before insert or update or delete on test for each row
begin
if inserting or updating or deleting then
raise_application_error(-20001,'Not Allowed');
end if;
end;
Q: STOP DML & DDL by making Sequence.
All tables are in nddba4@jupiter. I want to restrict the developers on DML activity on the data of nddba4. So am making another user nddba5. In nddba5, am making all the synonyms of the tables of nddba4 . Now giving the devels access on nddba5. Here they only see the synonyms.
--fake user nddba5@jupiter, real user nddba4@jupiter
create user nddba5 identified by nddba5 default tablespace states;
grant connect, create synonym to nddba5;
grant select any table to nddba5;
grant select any dictionary to nddba5;
--at nddba5@jupiter, run this
SET SERVEROUT ON;
DECLARE
stmt varchar2(300);
BEGIN
FOR dr IN (select table_name from dba_tables where owner='NDDBA4')
LOOP
stmt := 'CREATE SYNONYM ' || dr.table_name || ' FOR NDDBA4.' || dr.table_name;
DBMS_OUTPUT.PUT_LINE(stmt);
EXECUTE IMMEDIATE stmt;
END LOOP;
END;
/
