有时,为了防止意外删除数据库中的表或者其他数据库对象,可以通过人为的增加一个trigger来实现。如下:
create or replace trigger ddl_deny
before create or alter or drop or truncate on database
declare
l_errmsg varchar2(100):= ‘You have no permission to this operation’;
begin
if ora_sysevent = ‘CREATE’ then
raise_application_error(-20001, ora_dict_obj_owner || ‘.’ || ora_dict_obj_name || ‘ ‘ || l_errmsg);
elsif ora_sysevent = ‘ALTER’ then
raise_application_error(-20001, ora_dict_obj_owner || ‘.’ || ora_dict_obj_name || ‘ ‘ || l_errmsg);
elsif ora_sysevent = ‘DROP’ then
raise_application_error(-20001, ora_dict_obj_owner || ‘.’ || ora_dict_obj_name || ‘ ‘ || l_errmsg);
elsif ora_sysevent = ‘TRUNCATE’ then
raise_application_error(-20001, ora_dict_obj_owner || ‘.’ || ora_dict_obj_name || ‘ ‘ || l_errmsg);
end if;
exception
when no_data_found then
null;
end;
/
最好用sysdba登录执行,然后使用一个业务用户登录测试drop;
SQL> drop table test;
drop table a
ORA-00604: 递归 SQL 级别 1 出现错误
ORA-20001: TEST.TEST You have no permission to this operation
ORA-06512: 在 line 9
这里是参考一位大师的解决思路,类似需求可以参考这个加以修改。
