无法撤消用户的角色

时间:2014-06-10 06:56:48

标签: sql oracle privileges

从Oracle Sql Developer,我运行GRANT MyRole TO MyUser;命令到Grand MyRole到MyUser,然后我运行REVOKE MyRole FROM MyUser;命令从MyUser撤销MyRole,但得到错误:

Error starting at line 50 in command:
REVOKE MyRole FROM MyUser
Error report:
SQL Error: ORA-01932: ADMIN option not granted for role 'MyRole'
01932. 00000 -  "ADMIN option not granted for role '%s'"
*Cause:    The operation requires the admin option on the role.
*Action:   Obtain the grant option and re-try.

请告诉我如何从MyUser撤销MyRole。

1 个答案:

答案 0 :(得分:3)

documentation与错误消息一样清晰:

  

"要撤销角色,您必须已使用ADMIN OPTION授予角色。"

这意味着您的用户必须被授予以下角色:

grant myrole to you WITH ADMIN OPTION ;

当然,您还需要授予角色......

SQL> conn db_admin/db_admin
Connected.
SQL> create role myrole;

Role created.

SQL> grant myrole to a; 

Grant succeeded.

SQL> conn a/a
Connected.
SQL> grant myrole to b;
grant myrole to b
*
ERROR at line 1:
ORA-01932: ADMIN option not granted for role 'MYROLE'

SQL> conn db_admin/db_admin
Connected.
SQL> grant myrole to a with admin option;

Grant succeeded.

SQL> conn a/a
Connected.
SQL> grant myrole to b;

Grant succeeded.

SQL> revoke myrole from b;

Revoke succeeded.

SQL>