PLSQL- Assertion , Roles & Privileges, Embedded & Dynamic

PLSQL- Assertion , Roles & Privileges, Embedded & Dynamic SQL Assertion

• Assertions - An assertion is a piece of SQL which makes sure a condition is satisfied or it stops action being taken on a database object. It could mean locking out the whole table or even the whole database.

• Assertions - Assertions do not modify the data, they only check certain conditions. Assertion

Syntax:

CREATE ASSERTION CHECK ( );

Example: Assertion There should not any customer in bank having balance less than 1000. Create Assertion c1 Check ( NOT EXISTS ( Select * From customer Where balance<1000));

Roles & Privileges Controlling User Access

Database administrator

Username and password Privileges

Users Privileges

• Database security: • System security • Data security • System privileges: Gaining access to the database • Object privileges: Manipulating the content of the database objects • Schemas: Collection of objects such as tables, views, and sequences System Privileges

• More than 100 privileges are available. • The database administrator has high- level system privileges for tasks such as: • Creating new users • Removing users • Removing tables • Backing up tables Creating Users

 The DBA creates users with the CREATE USER statement.

CREATE USER user IDENTIFIED BY password;

CREATE USER HR IDENTIFIED BY HR; User created. User System Privileges

 After a user is created, the DBA can grant specific system privileges to that user. GRANT privilege [, privilege...] TO user [, user| role, PUBLIC...];  An application developer, for example, may have the following system privileges:  CREATE SESSION  CREATE TABLE  CREATE SEQUENCE  CREATE VIEW  CREATE PROCEDURE Granting System Privileges

 The DBA can grant specific system privileges to a user.

GRANT create session, create table, create sequence, create view TO scott; Grant succeeded. Creating and Granting Privileges to a Role • Create a role

CREATE ROLE manager; Role created.

• Grant privileges to a role GRANT create table, create view TO manager; Grant succeeded.

• Grant a role to users GRANT manager TO DE HAAN, KOCHHAR; Grant succeeded. Object Privileges

• Object privileges vary from object to object. • An owner has all the privileges on the object. • An owner can give specific privileges on that owner’s object.

GRANT object_priv [(columns)] ON object TO {user|role|PUBLIC} [WITH GRANT OPTION]; Granting Object Privileges

 Grant query privileges on the EMPLOYEES table.

GRANT select ON employees

TO sue, rich;

Grant succeeded.

 Grant privileges to update specific columns to users and roles.

GRANT update (department_name, location_id) ON departments TO scott, manager; Grant succeeded. Passing On Your Privileges

• Give a user authority to pass along privileges.

GRANT select, insert ON departments TO scott WITH GRANT OPTION; Grant succeeded.

• Allow all users on the system to query data from Alice’s DEPARTMENTS table. GRANT select ON alice.departments TO PUBLIC; Grant succeeded. Revoking Object Privileges

• You use the REVOKE statement to revoke privileges granted to other users. • Privileges granted to others through the WITH GRANT OPTION clause are also revoked.

REVOKE {privilege [, privilege...]|ALL} ON object FROM {user[, user...]|role|PUBLIC} [CASCADE CONSTRAINTS]; Revoking Object Privileges

• As user Alice, revoke the SELECT and INSERT privileges given to user Scott on the DEPARTMENTS table.

REVOKE select, insert ON departments FROM scott; Revoke succeeded. Summary

In this lesson, you should have learned about statements that control access to the database and database objects.

Statement Action CREATE USER Creates a user (usually performed by a DBA) GRANT Gives other users privileges to access the objects CREATE ROLE Creates a collection of privileges (usually performed by a DBA) ALTER USER Changes a user’s password REVOKE Removes privileges on an object from users Embedded SQL Embedded SQL – Most SQL statements can be embedded in host programming language such as COBOL, C, Java

Declaration of SQL variables in C SQL Database Connection in C int loop; • SET CONNECTION connection-name; EXEC SQL BEGIN DECLARE SECTION; • DISCONNECT varchar connection-name; name[16],addr[30]; char eid[10]; • EXEC SQL int sal; select NAME,ADDR,SAL EXEC SQL END DECLARE into :name,:addr,:sal SECTION; from EMPLOYEE where EID == :eid;

SQL Select Query in C Embedded SQL for JAVA- Steps in JDBC Database Access

1. Import JDBC library (java.sql.*) 2. Load JDBC driver: Class.forname(“oracle.jdbc.driver.OracleDriv er”) 3. Define appropriate variables 4. Create a connect object (via getConnection) 5. Create a statement object from the Statement class: 6. Identify statement parameters (designated by question marks) 7. Bound parameters to program variables 8. Execute SQL statement (referenced by an object) via JDBC’s executeQuery 9. Process query results (returned in an object of type ResultSet) • ResultSet is a 2-dimentional table Embedded SQL for JAVA- Example

1. import java.sql.*; 2. public class MySQLProcedure{public static void main(String[] args) { 3. try{ 4. Class.forName("com.mysql.jdbc.Driver"); 5. Connection c = DriverManager.getConnection("jdbc:mysql:// localhost: 3306/ db1","root", ""); 6. Statement sm= c.createStatement(); 7. String sql= "SELECT name, age FROM stud"; 8. ResultSetrs= sm.executeQuery(sql); 9. while(rs.next()){ 10. String name1 = rs.getString("name"); 11. int age1 = rs.getInt(“age"); 12. System.out.print(“Name age " + name1,age1);} 13. catch(Exception e){e.printStackTrace();} } }

Dynamic SQL Dynamic SQL Dynamic canDynamic query becomplex Objective: • • attributes Because the • compiled)statementsSQL at run executingand Composing new(not previously keyboardat run A programaccepts SQLstatementsfrom the areat unknown compile time

type and number of retrieved number type and - time

- time

Slide 9- 24 Dynamic SQL: An Example in C

EXEC SQL BEGIN DECLARE SECTION; varchar s1[256]; EXEC SQL END DECLARE SECTION;

prompt (“Enter command“, s1);

EXEC SQL PREPARE s2 FROM :s1;

EXEC SQL EXECUTE s2;