从Oracle Sql Developer,我运行GRANT MyRole TO MyUser;命令到Grand MyRole到MyUser,然后我运行REVOKE MyRole FROM MyUser;命令从MyUser撤销MyRole,但得到错误:
Error starting at line 50 in command:
REVOKE MyRole FROM MyUser
Error report:
SQL Error: ORA-01932: ADMIN option not granted for role 'MyRole'
01932. 00000 - "ADMIN option not granted for role '%s'"
*Cause: The operation requires the admin option on the role.
*Action: Obtain the grant option and re-try.
请告诉我如何从MyUser撤销MyRole。
答案 0 :(得分:3)
documentation与错误消息一样清晰:
"要撤销角色,您必须已使用ADMIN OPTION授予角色。"
这意味着您的用户必须被授予以下角色:
grant myrole to you WITH ADMIN OPTION ;
当然,您还需要授予角色......
SQL> conn db_admin/db_admin
Connected.
SQL> create role myrole;
Role created.
SQL> grant myrole to a;
Grant succeeded.
SQL> conn a/a
Connected.
SQL> grant myrole to b;
grant myrole to b
*
ERROR at line 1:
ORA-01932: ADMIN option not granted for role 'MYROLE'
SQL> conn db_admin/db_admin
Connected.
SQL> grant myrole to a with admin option;
Grant succeeded.
SQL> conn a/a
Connected.
SQL> grant myrole to b;
Grant succeeded.
SQL> revoke myrole from b;
Revoke succeeded.
SQL>