GBase 8s回收public权限
默认的情况下,数据库中public(具有库级connect权限的用户自动获取public权限)具有insert,delete,update,select,index权限。若只允许public用户只有select权限,则需要回收权限。
-- (单表)回收all权限,仅授予select权限给public
-- 20230809 修正:可能存在grantor(表的owner)不是gbasedbt的情况
drop procedure if exists revoke_public_table(varchar);
create procedure revoke_public_table(p_tab varchar(128))
define v_owner varchar(128);
select owner into v_owner from systables where tabname = lower(p_tab);
if v_owner is not null AND v_owner <> '' AND p_tab is not null AND p_tab <> '' then
execute immediate 'revoke all on '||p_tab||' from public as ' || v_owner;
execute immediate 'grant select on '||p_tab||' to public as ' || v_owner;
end if;
end procedure;
-- (所有表)循环处理所有表,执行revoke_public_table
drop procedure if exists revoke_public();
create procedure revoke_public()
define p_tab varchar(128);
FOREACH select tabname into p_tab from systables where tabid > 99 and tabtype = 'T'
EXECUTE PROCEDURE revoke_public_table(p_tab);
END FOREACH;
end procedure;
- 上一篇: GBase 8s数据库连接 – Python
- 下一篇: GBase 8s 存储过程跟踪示例