测试ACL和ACE
在创建ACL和ACE的过程中,基本上所有的东西都没有进行verify,比如privilege的名称 ,application user,还有就是security class也没有进行验证,进行了验证的只有就是dabase user,是否存在也就是pdbadmin这个database user进行了验证,是否存在
19:57:35 SQL> declare
ace_list xs$ace_list;
st_date timestamp with time zone;
en_date timestamp with time zone;
begin
st_date :=systimestamp;
en_date :=to_timestamp_tz('2021-12-31 00:00:00 -08:20','yyyy-mm-dd hh24:mi:ss tzh:tzm');
ace_list := xs$ace_list(
xs$ace_type(privilege_list=>xs$name_list('select','view_sensitive_info'),granted=>true,principal_name=>'hrrep',start_date=>st_date,end_date=>en_date),
xs$ace_type(privilege_list=>xs$name_list('update_info'),granted=>true,principal_name=>'hrmgr'),
xs$ace_type(privilege_list=>xs$name_list('select'),granted=>true,principal_name=>'pdbadmin',principal_type=>xs_acl.ptype_db));
xs_acl.create_acl(name=>'hracl',ace_list=>ace_list,sec_class=>'hrprivs',description=>'wgz test acl 20210217');
end;
/
PL/SQL procedure successfully completed.
Elapsed: 00:00:00.01