Skip Headers

Oracle9i Supplied PL/SQL Packages and Types Reference
Release 2 (9.2)

Part Number A96612-01
Go To Documentation Library
Home
Go To Product List
Book List
Go To Table Of Contents
Contents
Go To Index
Index

Master Index

Feedback

Go to previous page Go to beginning of chapter Go to next page

DBMS_RLS , 2 of 2


Summary of DBMS_RLS Subprograms

Table 61-1 DBMS_RLS Subprograms
Subprogram Description

ADD_POLICY Procedure

Adds a fine-grained access control policy to a table, view, or synonym..

DROP_POLICY Procedure

Drops a fine-grained access control policy from a table, view, or synonym..

REFRESH_POLICY Procedure

Causes all the cached statements associated with the policy to be reparsed.

ENABLE_POLICY Procedure

Enables or disables a fine-grained access control policy.

CREATE_POLICY_GROUP Procedure

Creates a policy group.

ADD_GROUPED_POLICY Procedure

Adds a policy associated with a policy group.

ADD_POLICY_CONTEXT Procedure

Adds the context for the active application.

DELETE_POLICY_GROUP Procedure

Deletes a policy group.

DROP_GROUPED_POLICY Procedure

Drops a policy associated with a policy group.

DROP_POLICY_CONTEXT Procedure

Drops a driving context from the object so that it will have one less driving context.

ENABLE__GROUPED_POLICY Procedure

Enables or disables a row-level group security policy.

REFRESH_GROUPED_POLICY Procedure

Reparses the SQL statements associated with a refreshed policy.

ADD_POLICY Procedure

This procedure adds a fine-grained access control policy to a table , view, or synonym.

The procedure causes the current transaction, if any, to commit before the operation is carried out. However, this does not cause a commit first if it is inside a DDL event trigger.

See Also:

"Usage Notes"

A COMMIT is also performed at the end of the operation.

Syntax

DBMS_RLS.ADD_POLICY (
   object_schema   IN VARCHAR2 NULL,
   object_name     IN VARCHAR2,
   policy_name     IN VARCHAR2,
   function_schema IN VARCHAR2 NULL,
   policy_function IN VARCHAR2,
   statement_types IN VARCHAR2 NULL,
   update_check    IN BOOLEAN  FALSE,
   enable          IN BOOLEAN  TRUE,
   static_policy   IN BOOLEAN  FALSE);

Parameters

Table 61-2 ADD_POLICY Procedure Parameters
Parameter Description

object_schema

Schema containing the table,view, or synonym (current default schema, if NULL).

object_name

Name of table, view, or synonym to which the policy is added.

policy_name

Name of policy to be added. It must be unique for the same table or view.

function_schema

Schema of the policy function (current default schema, if NULL).

policy_function

Name of a function which generates a predicate for the policy. If the function is defined within a package, then the name of the package must be present.

statement_types

Statement types to which the policy applies. It can be any combination of SELECT, INSERT, UPDATE, and DELETE. The default is to apply to all of these types.

update_check

Optional argument for INSERT or UPDATE statement types. The default is FALSE. Setting update_check to TRUE causes the server to also check the policy against the value after insert or update.

enable

Indicates if the policy is enabled when it is added. The default is TRUE

static_policy

The default is FALSE. If it is set to TRUE, the server assumes that the policy function for the static policy produces the same predicate string for anyone accessing the object, except for SYS or the privilege user who has the EXEMPT ACCESS POLICY privilege.

Usage Notes

DROP_POLICY Procedure

This procedure drops a fine-grained access control policy from a table, view, or synonym.

The procedure causes the current transaction, if any, to commit before the operation is carried out. However, this does not cause a commit first if it is inside a DDL event trigger.

See Also:

"Usage Notes"

A commit is also performed at the end of the operation.

Syntax

DBMS_RLS.DROP_POLICY (
   object_schema IN VARCHAR2 NULL,
   object_name   IN VARCHAR2,
   policy_name   IN VARCHAR2); 

Parameters

Table 61-3 DROP_POLICY Procedure Parameters
Parameter Description

object_schema

Schema containing the table, view or synonym (current default schema if NULL).

object_name

Name of table, view, or synonym.

policy_name

Name of policy to be dropped from table, view, or synonym..

REFRESH_POLICY Procedure

This procedure causes all the cached statements associated with the policy to be reparsed. This guarantees that the latest change to this policy will have immediate effect after the procedure is executed.

The procedure causes the current transaction, if any, to commit before the operation is carried out. However, this does not cause a commit first if it is inside a DDL event trigger.

See Also:

"Usage Notes"

A commit is also performed at the end of the operation.

Syntax

DBMS_RLS.REFRESH_POLICY (
   object_schema IN VARCHAR2 NULL,
   object_name   IN VARCHAR2 NULL,
   policy_name   IN VARCHAR2 NULL); 

Parameters

Table 61-4 REFRESH_POLICY Procedure Parameters
Parameter Description

object_schema

Schema containing the table, view, or synonym.

object_name

Name of table, view, or synonym with which the policy is associated.

policy_name

Name of policy to be refreshed.

Errors

The procedure returns an error if it tries to refresh a disabled policy.

ENABLE_POLICY Procedure

This procedure enables or disables a fine-grained access control policy. A policy is enabled when it is created.

The procedure causes the current transaction, if any, to commit before the operation is carried out. However, this does not cause a commit first if it is inside a DDL event trigger.

See Also:

"Usage Notes"

A commit is also performed at the end of the operation.

Syntax

DBMS_RLS.ENABLE_POLICY (
   object_schema IN VARCHAR2 NULL,
   object_name   IN VARCHAR2,
   policy_name   IN VARCHAR2,
   enable        IN BOOLEAN);

Parameters

Table 61-5 ENABLE_POLICY Procedure Parameters
Parameter Description

object_schema

Schema containing table, view, or synonym (current default schema if NULL).

object_name

Name of table, view, or synonym with which the policy is associated.

policy_name

Name of policy to be enabled or disabled.

enable

TRUE to enable the policy, FALSE to disable the policy.

CREATE_POLICY_GROUP Procedure

This procedure creates a policy group.

Syntax

DBMS_RLS.CREATE_POLICY_GROUP (
   object_schema   VARCHAR2,
   object_name     VARCHAR2,
   policy_group    VARCHAR2 ); 

Parameters

Table 61-6 CREATE_POLICY_GROUP Procedure Parameters
Parameter Description

object_schema

Schema containing the table, view, or synonym.

object_name

Name of the table, view, or synonym to which the policy is added.

policy_group

Name of the policy group that the policy belongs to.

Usage Notes

The group must be unique for each table or view.

ADD_GROUPED_POLICY Procedure

This procedure adds a policy associated with a policy group.

Syntax

DBMS_RLS.ADD_GROUPED_POLICY(
   object_schema   VARCHAR2,
   object_name     VARCHAR2,
   policy_group    VARCHAR2,
   policy_name     VARCHAR2,
   function_schema VARCHAR2,
   policy_function VARCHAR2,
   statement_types VARCHAR2,
   update_check    BOOLEAN,
   enabled         BOOLEAN,
   static_policy   BOOLEAN  FALSE ); 

Parameters

Table 61-7 ADD_GROUPED_POLICY Procedure Parameters
Parameter Description

object_schema

The schema containing the table, view, or synonym.

object_name

The name of the table, view, or synonym to which the policy is added.

policy_group

The name of the policy group that the policy belongs to.

policy_name

The name of the policy; must be unique for the same table or view.

function_schema

The schema owning the policy function.

policy_function

The name of the function that generates a predicate for the policy. If the function is defined within a package, the name of the package must be present.

statement_types

The list of statement types to which the policy can apply. It can be any combination of SELECT, INSERT, UPDATE, or DELETE. Optional.

update_check

For INSERT and UPDATE statements only, setting update_check to TRUE causes the server to check the policy against the value after INSERT or UPDATE.

enable

Indicates if the policy is enable when it is added. The default is TRUE.

static_policy

The default is FALSE. If it is set to TRUE, the server assumes that the policy function for the static policy produces the same predicate string for anyone accessing the object, except for SYS or the privilege user who has the EXEMPT ACCESS POLICY privilege.

Usage Notes

ADD_POLICY_CONTEXT Procedure

This procedure adds the context for the active application.

Syntax

DBMS_RLS.ADD_POLICY_CONTEXT (
   object_schema   VARCHAR2,
   object_name     VARCHAR2,
   namespace       VARCHAR2,
   attribute       VARCHAR2 ); 

Parameters

Table 61-8 ADD_POLICY_CONTEXT Procedure Parameters
Parameter Description

object_schema

The schema containing the table, view, or synonym.

object_name

The name of the table, view, or synonym to which the policy is added.

namespace

The namespace of the driving context

attribute

The attribute of the driving context.

Usage Notes

Note the following:

DELETE_POLICY_GROUP Procedure

This procedure deletes a policy group.

Syntax

DBMS_RLS.DELETE_POLICY_GROUP (
  object_schema   VARCHAR2,
  object_name     VARCHAR2,
  policy_group    VARCHAR2 ); 

Parameters

Table 61-9 DELETE_POLICY_GROUP Procedure Parameters
Parameter Description

object_schema

The schema containing the table, view, or synonym.

object_name

The name of the table, view, or synonym to which the policy is added.

policy_group

The name of the policy group that the policy belongs to

Usage Notes

Note the following:

DROP_GROUPED_POLICY Procedure

This procedure drops a policy associated with a policy group.

Syntax

DBMS_RLS.DROP_GROUPED_POLICY (
   object_schema   VARCHAR2,
   object_name     VARCHAR2,
   policy_group    VARCHAR2,
   policy_name     VARCHAR2 ); 

Parameters

Table 61-10 DROP_GROUPED_POLICY Procedure Parameters
Parameter Description

object_schema

The schema containing the table, view, or synonym.

object_name

The name of the table, view, or synonym to which the policy is dropped.

policy_group

The name of the policy group that the policy belongs to.

policy_name

The name of the policy.

DROP_POLICY_CONTEXT Procedure

This procedure drops a driving context from the object so that it will have one less driving context.

Syntax

DBMS_RLS.DROP_POLICY_CONTEXT (
   object_schema   VARCHAR2,
   object_name     VARCHAR2,
   namespace       VARCHAR2,
   attribute       VARCHAR2 ); 

Parameters

Table 61-11 DROP_POLICY_CONTEXT Procedure Parameters
Parameter Description

object_schema

The schema containing the table, view, or synonym..

object_name

The name of the table, view, or synonym to which the policy is dropped.

namespace

The namespace of the driving context.

attribute

The attribute of the driving context.

ENABLE__GROUPED_POLICY Procedure

This procedure enables or disables a row-level group security policy.

Syntax

DBMS_RLS.ENABLE_GROUPED_POLICY (
   object_schema   VARCHAR2,
   object_name     VARCHAR2,
   group_name      VARCHAR2,
   policy_name     VARCHAR2,
   enable          BOOLEAN  ); 

Parameters

Table 61-12 ENABLE_GROUPED_POLICY Procedure Parameters
Parameter Description

object_schema

The schema containing the table, view, or synonym.

object_name

The name of the table, view, or synonym with which the policy is associated.

group_name

The name of the group of the policy.

policy_name

The name of the policy to be enabled or disabled.

enable

TRUE enables the policy; FALSE disables the policy.

Usage Notes

REFRESH_GROUPED_POLICY Procedure

This procedure reparses the SQL statements associated with a refreshed policy.

Syntax

DBMS_RLS.REFRESH_GROUPED_POLICY (
   object_schema   VARCHAR2,
   object_name     VARCHAR2,
   group_name      VARCHAR2,
   policy_name     VARCHAR2 ); 

Parameters

Table 61-13 REFRESH_GROUPED_POLICY Procedure Parameters
Parameter Description

object_schema

The schema containing the table, view, or synonym..

object_name

The name of the table, view, or synonym with which the policy is associated.

group_name

The name of the group of the policy.

policy_name

The name of the policy.

Usage Notes


Go to previous page Go to beginning of chapter Go to next page
Oracle
Copyright © 2000, 2002 Oracle Corporation.

All Rights Reserved.
Go To Documentation Library
Home
Go To Product List
Book List
Go To Table Of Contents
Contents
Go To Index
Index

Master Index

Feedback