Note
This view is introduced since OceanBase Database V4.1.0.
Purpose
The DBA_POLICIES view displays the access control strategies that can be created on a table.
Columns
| Column | Type | Nullable? | Description |
|---|---|---|---|
| OBJECT_OWNER | VARCHAR2(128) | YES | The owner of the object controlled by the strategy. |
| OBJECT_NAME | VARCHAR2(128) | YES | The name of the object controlled by the strategy. |
| POLICY_GROUP | VARCHAR2(128) | NO | The name of the strategy group. |
| POICY_NAME | VARCHAR2(128) | NO | The name of the strategy. |
| PF_OWNER | VARCHAR2(128) | NO | The owner of the strategy function. |
| PACKAGE | VARCHAR2(128) | NO | The name of the package where the strategy function is located. |
| FUNCTION | VARCHAR2(128) | NO | The name of the strategy function. |
| SEL | VARCHAR2(3) | NO | Indicates whether the SELECT operation on the object is affected. Valid values: YES and NO. |
| INS | VARCHAR2(3) | NO | Indicates whether the INSERT operation on the object is affected. Valid values: YES and NO. |
| UPD | VARCHAR2(3) | NO | Indicates whether the UPDATE operation on the object is affected. Valid values: YES and NO. |
| DEL | VARCHAR2(3) | NO | Indicates whether the DELETE operation on the object is affected. Valid values: YES and NO. |
| IDX | VARCHAR2(3) | NO | Indicates whether the INDEX operation on the object is affected. Valid values: YES and NO. |
| CHK_OPTION | VARCHAR2(3) | NO | Indicates whether check on the updated value for the INSERT or UPDATE operation is affected. Valid values: YES and NO. |
| ENABLE | VARCHAR2(3) | NO | Indicates whether the strategy takes effect. Valid values: YES and NO. |
| STATIC_POLICY | VARCHAR2(3) | NO | Indicates whether the strategy is a static one. Valid values: YES and NO. |
| POLICY_TYPE | VARCHAR2(24) | NO | The strategy type. Valid values:
|
| LONG_PREDICATE | VARCHAR2(3) | NO | Indicates whether the predicate returned by the strategy function will exceed 4,000 bytes in length. |
| COMMON | VARCHAR2(3) | NO | This column is used only for compatibility, and the value is fixed to NO. |
| INHERITED | VARCHAR2(3) | NO | This column is used only for compatibility, and the value is fixed to NO. |
Sample query
Query the access control policies of all tables and views under the current tenant.
obclient [SYS]> SELECT * FROM SYS.DBA_POLICIES;
The query result is as follows:
+--------------+----------------+--------------+----------------+----------+---------+----------------------+------+------+------+------+------+------------+--------+---------------+-------------+----------------+--------+-----------+
| OBJECT_OWNER | OBJECT_NAME | POLICY_GROUP | POLICY_NAME | PF_OWNER | PACKAGE | FUNCTION | SEL | INS | UPD | DEL | IDX | CHK_OPTION | ENABLE | STATIC_POLICY | POLICY_TYPE | LONG_PREDICATE | COMMON | INHERITED |
+--------------+----------------+--------------+----------------+----------+---------+----------------------+------+------+------+------+------+------------+--------+---------------+-------------+----------------+--------+-----------+
| SYS | EMP | SYS_DEFAULT | SAL_POLICY | SYS | NULL | F_POLICY | YES | NO | YES | NO | NO | NO | YES | NO | DYNAMIC | NO | NO | NO |
| SYS | V_SALES_SECURE | GROUP_SALES | POLICY_REGION | SYS | NULL | POLICY_GROUP_FUNC | YES | NO | YES | NO | NO | YES | YES | NO | DYNAMIC | NO | NO | NO |
| SYS | V_SALES_SECURE | GROUP_SALES | POLICY_DEPT | SYS | NULL | POLICY_GROUP_FUNC | YES | NO | NO | NO | NO | NO | YES | NO | DYNAMIC | NO | NO | NO |
| SYS | V_ORDERS_CTX | GROUP_REGION | POLICY_DYNAMIC | SYS | NULL | POLICY_SELECTOR_FUNC | YES | NO | YES | NO | NO | YES | YES | NO | DYNAMIC | NO | NO | NO |
+--------------+----------------+--------------+----------------+----------+---------+----------------------+------+------+------+------+------+------------+--------+---------------+-------------+----------------+--------+-----------+
4 rows in set
References
ALL_POLICIES: view the access control policies of all tables and views that the current user can access.
USER_POLICIES: view the access control policies of all tables and views that the current user owns.