--示例1
--create table
create table t_policy(t1 varchar2(20),t2 number);
--创建policy function
create or replace function fn_getpolicy(
p_schema in varchar2,
p_object in varchar2
)
return varchar2
is
begin
return 't2=10';
end;
--insert data
insert into t_policy values ('a',10);
insert into t_policy values ('b',10);
insert into t_policy values ('c',20);
commit;
--加入policy
begin
dbms_rls.add_policy(
object_schema=>'zyj',
object_name=>'t_policy',
policy_name=>'t_testpolicy',
function_schema=>'zyj',
policy_function=>'fn_getpolicy',
statement_types=>'select,insert,update,delete',
update_check=>true,
enable=>true
);
end;
/
--test policy(insert and select)
select * from t_policy;
insert into t_policy values('d',10);
insert into t_policy values('d',20);
commit;
--查看policy
select * from user_policies;
------------------------------------------------------------------------------------
--示例2
create or replace function oe.f_get_where(
p_owner varchar2,
p_tablename varchar2
)
return varchar2
as
v_where varchar2(1000);
begin
if user like 'AM%' then
v_where := 'OE.CUSTOMERS.account_mgr_id=substr(' || '''' || user || '''' || ',3,3)';
end if;
return v_where;
end;
/
--
begin
DBMS_RLS.ADD_POLICY (
object_schema=>'OE',
object_name=>'customers',
policy_name=>'fgac_policy_1',
function_schema=>'oe',
policy_function=>'f_get_where',
statement_types=>'SELECT',
enable=>TRUE
);
end;
/
--
connect am145/AM145
select count(*) from oe.customers;
connect AM147/AM147
select count(*) from oe.customers;
connect oe/oe
select account_mgr_id,count(*) from customers group by account_mgr_id;
------------------------------------------------------------------------------------
--示例3 dbms_rls在透明加密中的应用
------------------------------------------------------------------------------------
--示例4 dbms_rls vpd应用案例