Monday, June 27, 2011

Getting a role's DDL

If you want to copy a role and you don't have a frog, then you could use the DBMS_METADATA package to get the DLL you need to recreate it:

SQL> exec dbms_metadata.set_transform_param(dbms_metadata.session_transform, 'SQLTERMINATOR', true);

PL/SQL procedure successfully completed.

SQL> SET PAGESIZE 0
SQL> SET LONG 90000
SQL> SELECT DBMS_METADATA.GET_DDL('ROLE', role) || ';' FROM dba_roles WHERE ROLE='MYROLE';

   CREATE ROLE "MYROLE";
 ;

SQL> SELECT DBMS_METADATA.GET_GRANTED_DDL('ROLE_GRANT',role) FROM ROLE_ROLE_PRIVS
WHERE ROLE='MYROLE' group by ROLE;

   GRANT "CONNECT" TO "MYROLE";

   GRANT "EXP_FULL_DATABASE" TO "MYROLE";


SQL> SELECT DBMS_METADATA.GET_GRANTED_DDL('SYSTEM_GRANT',role) FROM ROLE_SYS_PRIVS
WHERE ROLE='MYROLE' group by ROLE;

no rows selected

SQL> SELECT DBMS_METADATA.GET_GRANTED_DDL('OBJECT_GRANT',role) FROM ROLE_TAB_PRIVS
WHERE ROLE='MYROLE' group by ROLE;

no rows selected

As you can see, there is an extra ; after the CREATE ROLE sentence that you can just ignore, and for this role there are no system grants nor object grants.

More information:

Oracle Roles
57 DBMS_METADATA
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)