forked from utPLSQL/utPLSQL
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathcheck_sys_grants.sql
More file actions
47 lines (45 loc) · 1.49 KB
/
check_sys_grants.sql
File metadata and controls
47 lines (45 loc) · 1.49 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
define expected_grants = "&1"
declare
c_expected_grants constant dbmsoutput_linesarray := dbmsoutput_linesarray( &expected_grants );
l_expected_grants dbmsoutput_linesarray := c_expected_grants;
l_missing_grants varchar2(4000);
begin
if user != SYS_CONTEXT('userenv','current_schema') then
for i in 1 .. l_expected_grants.count loop
if l_expected_grants(i) != 'ADMINISTER DATABASE TRIGGER' then
l_expected_grants(i) := replace(l_expected_grants(i),' ',' ANY ');
end if;
end loop;
end if;
with
x as (
select '' as remove from dual
union all
select ' ANY' as remove from dual
)
select listagg(' - '||privilege,CHR(10)) within group(order by privilege)
into l_missing_grants
from (
select column_value as privilege
from table(l_expected_grants)
minus (
select replace(p.privilege, x.remove) as privilege
from role_sys_privs p
join session_roles r using (role)
cross join x
union all
select replace(p.privilege, x.remove) as privilege
from user_sys_privs p
cross join x
)
);
if l_missing_grants is not null then
raise_application_error(
-20000
, 'The following privileges are required for user "'||user||'" to install into schema "'||SYS_CONTEXT('userenv','current_schema')||'"'||CHR(10)
||l_missing_grants
||'Please read the installation documentation at http://utplsql.org/utPLSQL/'
);
end if;
end;
/