How To Not Let User With DBA Role To Delete Record From Sys.aud$
Sep 20, 2012
we have certain users have DBA role assigned. of course they can delete records from sys.aud$.
we are trying to make this go away. we found that in DBA role, there is a role called DELETE_CATALOG_ROLE controls this. if we revoke this role from DBA role, user no longer able to delete records from sys.aud$ but the problem is as a powerful user who has DBA role, they can always grant this back to DBA role, or grant delete from sys.aud$ table directly to themself.
can we create a second role which just like DBA role, but with less privileges?
I have a role in my Oracle 10g instance like below:
GRANT ALTER USER TO <role_name> WITH ADMIN OPTION;
And this works fine for any user who has:
GRANT <role_name> TO <user>;
What I need is to limit <user> to only have the ALTER USER privilege to a set of users. Preferrably where the set of users are identified by a column value in a table, something like:
WHERE PeopleTable.InList = "YES"
Or maybe where set of users are defined by their membership in another role.
GRANT ALTER USER TO <role_name> FOR USERS IN MEMBERS_LIST_ROLE;
But what I noticed is that user HIEL has a connect role but YONC does not. (Result set is below) Have searched for information but did not find what I was looking for. I did read something about backward compatibility.I'm leaning towards that thought since the other user YONC does not have this role.
Database: 11g R1
SQL> select * from dba_role_privs where grantee in ('YONC', 'HIEL') order by grantee; GRANTEE GRANTED_ROLE ADM DEF --------------------------- --------------------------- --- --- YONC WCAIMS_INQUIRY NO YES YONC ENDUSER NO YES HIEL WCAIMS_CSR_ADDR NO YES
I want to delete the duplicated record using following methods, it delete the records if all the record are matched according to condition, but if all records are not matched then it display error messages.
SQL> SELECT * FROM XYZ;
NAME FNAME ADDRESS JOB -------------- -------------------- -------------------- ----------------------------------------- Bilal Khan Wali your rehman name district abbottabad student Bilal Khan Wali your rehman name district abbottaba student Bilal Kh Wali your rehma name district abbotta studen Bilal K Wali your rehm name district abbotta studen Bilal Khan Wali your rehman name istrict abbottaba tudent lal Khan i your rehman name strict abbottaba tudent [code]....
I have a requirement to delete duplicate records. For example,if the below query retrieves count of duplicate records along with the column values.
select col2,col3,col4,col5,col6,col7,count(*) from table group by col2,col3,col4,col5,col6,col7 having count(*) > 1;
I would like to retain only one record with max(col1) which is a surrogate key and other records should be deleted.How to retain one record in a duplicate record set based on max of certain column.
the following case is successfully done with mssql databases.
Case:
Table UserGroup Columns id, name, handshake
When the handshake is set to 'd', this record should be deleted. I know it is bad behaviour by design.
What have I done so far:
- created an after update trigger (mutual error) Caused by trying a delete action in the update action, not possible.
- created a view in combination of instead of update trigger.
This causes also mutual error, or if ignored (PRAGMA AUTONOMOUS_TRANSACTION), an deadlock.
Code so far:
create or replace procedure Delete_UserGroup_sp(p_groupId in USER_GROUP.HMIUSERGROUPID%TYPE, p_handshake in USER_GROUP.HANDSHAKE%TYPE) is begin if p_handshake = 'd' then delete USER_GROUP WHERE HMIUSERGROUPID = p_groupId; commit; end if; end;
create or replace view USERGROUP_V as select * from USER_GROUP
create or replace trigger USER_GROUP_T1 instead of update on USERGROUP_V for each row declare PRAGMA AUTONOMOUS_TRANSACTION; begin Delete_UserGroup_sp(:new.HMIUSERGROUPID, :new.HANDSHAKE); end;
when i tried to delete the record by clicking the delete button which has the trigger code as
delete from emp where employee_id=:e_id; commit;
it wasn't. and showed the message as ---FRM-40508: ORACLE ERROR: Unable to INSERT record.
if i change the EMP ID item property "database item" to "NO"..then i can able to delete the record..but, now i am unable to insert the record form the same form...
I have written this below code. The logic behind the code is, Delete the duplicate record from a table, and delete those record from other 7 table based on the SL_NUMBER.
But Problem is After delete the duplicate record When I have use Below statement
RETURNING SL_NUMBER BULK COLLECT INTO rec_sl_number;
This statement unable to return approx 40 Lakhs SL_NUMBER
DECLARE rec_sl_number dbms_sql.number_table; BEGIN
I am using 10g and want to let an user to delete a single record from a multirow form via delete button. This button is supposed to do the same, what the "delete record" button on the default menu does. (I want a custom menu, so I can't use that button)
My delete button ist assigned to a control-block and the when-button-pressed-Trigger of that button looks like this: ------------- DECLARE TEMP VARCHAR(30); BEGIN -- Record chosen? IF :<BLOCK>.ID IS NOT NULL THEN
[Code]...
The problem is, that the alert asks the user about the previously chosen record correctly, but if the user clicks BUTTON1 the Form says: No changes to save (FRM-40401).
i have user with the name 'Rob' and this user has been assigned a role 'MY_SRC_ROLE' . I developed a table under rob schema and granted access to this table via role GRANT DELETE, INSERT, SELECT, UPDATE ON rob.emp TO MY_ SRC_ ROLE; I have 100 more users & they have been granted this role 'MY_SRC_ROLE'. These 100 users can now access emp table via Role 'MY_SRC_ROLE' without any issues. Now i took a datapump export & performed datapump import on target server which is also HP Unix with 11.20.3 .
On target server i have user 'JACK' and a role called 'MY_WORK_ROLE'. 5000 users have been granted 'MY_ WORK_ ROLE' on this server. I have used remap tablespace clause & remap schema clause in datapump import script. Once i performed an import , due to schema remap , i can see JACK now owns table 'emp', however grants are still not there, I tried searching on Google & oracle documentation, if somehow we can remap ROLE GRANTS also while doing datapump imp, but i couldn't find supporting syntax. can i assume datapump import is not capable to handle this particular scenario ? I was able to do it by manipulating sqlfile and replacing role name in that but i am looking for a sol. within datapump itself. how can grants assigned to ROLE 'X' be transferred to 'Role Y' via datapump import.
Created three tables and group by 3 tables column name. want to delete duplicate record without first table(test). Delete the duplicate record in test1 and test2 except test.
SELECT a as Name,b as M_Name, c as L_Name, count(*) FROM ( SELECT first_name as a, middle_name as b, last_name as c FROM test UNION ALL SELECT first_name as a, middle_name as b, last_name as c FROM test1 UNION ALL SELECT first_name as a, middle_name as b, last_name as c FROM test2 ) as countGROUP BY a,b,cHAVING count(*) > 1
My form consist two datablock cust_mstr,cust_dtls, each customer code consists two or three contact details records, when i delete the single detail record instead of deleting single record it deletes all the details records from cust_detail table.
Here by i attaching my form for your reference pls find the code in delete button
i m using oracle 10g forms. in one form i m using post keyword when i use this function then records saved in temporary database but i want to remove one record from this form but it is allrady saved through post.
I am trying to create a new user who will be able to do a delete from all of the tables that only I MYSELF created. I created my user and granted access but realized I may not have done it right..
is it simply SQL>grant delete on <TABLESPACE> to <new user>; ? or do i need to specify the grant the delete on my tablespace to new user?
i have one table ot_ins_item where user will enter the details of item, grade,item qty , later on user will go and update the same table the details of different grades received for the same item in different columns with qty breakup in 3 different fields it_qty_01 , it_qty_02,it_qty_03 respectively with different grades , what i need is i want is whenever he updates this table with different grades based on data entered in 3 different fields , a procedure or trigger should delete the initial record saved and insert three different rows based on newly updated values , it may be 3 or it may be 2 sometime depending upon input values that many records should be inserted same time controlling the qty's entered in breakup not exceeding the main qty.
INSERT INTO OT_INS_ITEM VALUES (1,s_it_no.NEXTVAL,'A','ITEM1',NULL,NULL,NULL,NULL,NULL,NULL); INSERT INTO OT_INS_ITEM VALUES (1,s_it_no.NEXTVAL,'B','1TEM2',NULL,NULL,NULL,NULL,NULL,NULL); INSERT INTO OT_INS_ITEM VALUES (1,s_it_no.nextval,'C','ITEM3',NULL,NULL,NULL,NULL,NULL,NULL); SELECT * FROM OT_INS_ITEM; [code]....