I have created a script that creates Oracle users and grants them roles. I am unable to find a way to ignore the "user exists" error:
ORA-01920: user name '' conflicts with another user or role name.
I understand that when the script is ran, it is possible that the user already exists, but I want to ignore any returned errors. Is this possible?
My Oracle code:
CREATE USER "John" PROFILE "DEFAULT" IDENTIFIED BY "temppassword" ACCOUNT UNLOCK;
Edit:
This question is not asking how to create a user if it doesn't exist. This question is asking how to ignore "the user exists" error. According to a previously asked question, the top answer stated
In general, Oracle scripts simply execute the CREATE statement, and if
the object already exist, you'll get an error indicating that, which
you can ignore. This is whaat all the standard Oracle deployment
scripts do.
It isn't clear how you're running your script, but assuming its via SQL*Plus you can modify the behaviour when an error is encountered with the whenever sqlerror command.
If your script is setting that to exit at the moment, or you're picking that up from a startup script (login.sql, glogin.sql) you can change it back, or modify it temporarily:
...
-- do not stop on error
WHENEVER SQLERROR CONTINUE;
CREATE USER "John" PROFILE "DEFAULT" IDENTIFIED BY "temppassword" ACCOUNT UNLOCK;
-- to stop when later errors are encountered
WHENEVER SQLERROR EXIT FAILURE;
ALTER USER ...
You'll still see the ORA-01920 in the output but it will continue on to execute the next statement. This pattern is also useful for a protective drop of a schema object before attempting to create it.
Why can't you find if the user exists first?
SELECT COUNT(*)
INTO V_count
from ALL_USERS
where username = 'YourUserName'
IF v_count = 0 THEN
--create the user
--execute the grants
ELSE
---log that the user already exists
END IF;
SET SERVEROUTPUT ON;
DECLARE
TYPE t_list IS TABLE OF VARCHAR2 (30);
l_list t_list := t_list ('X0', 'X1', 'X2');
e_user_already_exists EXCEPTION;
PRAGMA EXCEPTION_INIT (e_user_already_exists, -1920);
BEGIN
FOR l_iterator IN 1 .. l_list.COUNT LOOP
DBMS_OUTPUT.PUT_LINE ('Creating user ' || l_list (l_iterator));
BEGIN
EXECUTE IMMEDIATE 'CREATE USER "' || l_list (l_iterator) || '" PROFILE DEFAULT IDENTIFIED BY "WELCOME" ACCOUNT UNLOCK';
EXECUTE IMMEDIATE 'GRANT SOME_APPLICATION_ROLE TO ' || l_list (l_iterator);
EXCEPTION
WHEN e_user_already_exists THEN
DBMS_OUTPUT.PUT_LINE ('User exists, ignored');
WHEN OTHERS THEN
RAISE;
END;
END LOOP;
END;
/
Related
I've got pl/sql script which can be run in two modes: 1) on test database where I've got full access 2) on prod database where I've got limited access
part of the script:
<code>
IF mode = 'test' then
DELETE FROM TABLE1;
END IF;
</code>
In test database I've got full access to TABLE1 and I haven't got access in prod database so I don't want to execute delete staement. I want run the script on both databses just changing the mode parameter. But the compiler gives ORA-01031 Insufficient Privilege. Are there any methods to overcome the situation?
Use EXECUTE IMMEDIATE:
<code>
IF mode = 'test' then
EXECUTE IMMEDIATE 'DELETE FROM TABLE1';
END IF;
</code>
When I run this it gives me the error
ORA-00911: invalid character
CREATE OR REPLACE DIRECTORY CDATA AS 'D:\';
GRANT READ ON DIRECTORY CDATA TO PUBLIC;
DECLARE
MYFILE UTL_FILE.FILE_TYPE;
type array IS VARRAY(10) OF INTEGER;
arr array;
temp number;
curr number;
prev number;
n number;
BEGIN
MYFILE := UTL_FILE.FOPEN('CDATA','FILING.txt','W');
arr := array(98, 97, 78, 87, 92, 33, 12, 45, 45, 66);
n:= arr.count;
UTL_FILE.PUT(MYFILE, 'ORGANIZED DATA: ');
for i in 2..arr.count loop
curr:=i;
prev:=i-1;
while arr(prev) > arr(curr) loop
temp:= arr(curr);
arr(curr):= arr(prev);
arr(prev):= temp;
curr:= curr-1;
prev:= prev-1;
IF curr=1 THEN
EXIT;
END IF;
end loop;
end loop;
for i in 1.. arr.count loop
UTL_FILE.PUT_LINE(MYFILE, arr(i));
dbms_output.put_line(arr(i));
end loop;
UTL_FILE.FCLOSE(MYFILE);
END; //ORA-00911: invalid character
// File is not writting
Unable to write sorted data into file from insertion algorithm
I ran your query as a normal (public) user. There was no error as ORA-00911: invalid character. There was another error, which is expected as per the code you are running. When I ran your script as a dba user, there was no error at all.
First Approach: As a public user, you would get first error as
"insufficient privileges"
when the create directory line executes. Then you would get
"directory does not exist"
when the plsql script executes.
This is because, the directory creation and grant script have to run with dba privilege (it is a privilege that user account like 'sys' possess). The rest of the script i.e. that plsql block can run from a public user. As normal user does not have directory creation and grant privilege, hence the error.
Now, if you move directory creation to grant lines to run with a dba user, they will run fine, the above 2 errors would be gone. Then when you run the plsql block with a public user, there will be a third error
"directory access denied"
. This is because, in your grant script you have given read access on the directory object to public, while in your plsql block you are actually writing to it. To handle that, modify grant script to -
GRANT READ,WRITE ON DIRECTORY CDATA TO PUBLIC;
Second Approach
You can run the whole script including the plsql block using a dba user, where your script would encounter no errors at all.
I would suggest the best approach would be to run directory creation and grant script from a dba user and then run the plsql block from a normal nondba user, with the grant script modified as above.
Friends...
DB: Oracle11gR2
OS: Linux
I have created package with couple of procedure, procedure executes alter table move... , index rebuild command on database.
I'm doing below
Run ksh shell script -> execute procedure
Procedure runs alter table, rebuild index commands on database
Procedure completes
Shell script ends.
I can generate logfile for the shell script but whatever gets executed by procedure doesn't get recorded inside shell script logfile. I understood since db session created by procedure it won't record anything in shell logfile.
So how can I
Record everything in logfile which is executed by both procedures in the same package?
Also trying to put current datetime within procedure dmbs_out.put_line command?
Is it possible to run both procedure after connecting database once instead of 2 time connecting database and executing procedure?
There might be table/table partition move syntax error but I'm only trying to trap when table move started and when finished with datetime so to identify total time taken.
*** ksh script
#!/bin/ksh
...
...
...
$LOG_FILE = move_tbs.log
echo -e "set serveroutput on\n exec move_tbs.moveTable;"|$ORACLE_HOME/bin/sqlplus/#db_alias | head -l
echo -e "set serveroutput on\n exec move_tbs.moveTablePart;"|$ORACLE_HOME/bin/sqlplus/#db_alias | head -l
DB Package / Procedure
*** Procedure
create or replace package move_all
procedure moveTable
dbms_output.put_line("CURRENT TIME" 'alter table '|| owner || '.' || table_name || 'move');
Execute immediate 'alter table '|| owner || '.' || table_name || 'move';
dbms_output.put_line("COMPLETED TIME" : CURRENT_TIME);
end moveTable;
-------------------------------------------
procedure moveTablePart
dbms_output.put_line("CURRENT TIME" 'alter table '|| owner || '.' || table_name || 'move');
Execute immediate 'alter table '|| owner || '.' || table_name || 'move partition';
dbms_output.put_line("COMPLETED TIME" : CURRENT_TIME);
end moveTablePart;
end move_all
/
You could just put both exec commands in your echo construct. But you can use a 'heredoc' to simplify running both together, and it's a easier to read and maintain too. Something like:
LOG_TBS_MOVE=move_tbs.log
(
$ORACLE_HOME/bin/sqlplus -s -l user/passwd#db_alias <<!EOF
set serveroutput on
exec move_tbs.moveTable;
exec move_tbs.moveTablePart;
exit
!EOF
) > $LOG_TBS_MOVE
The herdoc start and end markers in this example !EOF - have to match exactly. They can be anything you like as long as there's no chance of anything inside the heredoc accidentally ending it. And the end marker has to be at the start of a line, it can't be indented.
The parentheses around the SQL*Plus and heredoc can enclose multiole commands and all output from within them goes into the log. They aren't really necessary here as there is only one command inside but it's a fairly clear way of doing the redirection, I think.
I'm only putting stdout into the $LOG_TBS_MOVE file; anything on stderr (which will not include any SQL errors) will still go to screen or to your main log if you redirect stderr for that.
To show the time in your output, don't enclose the current_time part in quotes, use string concatenation, and use the right function:
dbms_output.put_line(to_char(sysdate, 'HH24:MI:SS') ||
'alter table '|| owner || '.' || table_name || 'move');
dbms_output.put_line('COMPLETED TIME: ' || to_char(sysdate, 'HH24:MI:SS'));
Or you could display the time from the shell instead, within the parentheses; that would also then go into the same log file.
You haven't shown a username or password in your SQL*Plus calls; you probably just hid them, but if you are connecting as SYS via /, you really shouldn't be creating objects in that schema. Create a new schema and work in that.
Step 1 : I have created one package with procedures to create context and set value to the context.
create or replace PACKAGE Context_check AS
PROCEDURE set_context_vpd_proc (V_ISID in varchar2);
procedure set_context (v_isid_a in varchar2);
END Context_check;
create or replace PACKAGE BODY Context_check AS
PROCEDURE set_context_vpd_proc (V_ISID in varchar2)
AS
v_STAT VARCHAR2(200);
v_chk varchar2(2000);
BEGIN
DBMS_SESSION.SET_CONTEXT('VPD_CTX', 'ISID', V_ISID );
--v_STAT := '';
EXCEPTION
WHEN NO_DATA_FOUND THEN NULL;
END;
procedure set_context (v_isid_a in varchar2)
as
begin
EXECUTE IMMEDIATE 'CREATE OR REPLACE CONTEXT VPD_CTX using set_context_vpd_proc';
set_context_vpd_proc (v_isid_a);
EXCEPTION
WHEN NO_DATA_FOUND THEN NULL;
end set_context;
END Context_check;
Step 2: When I am trying to executing the procedure I am getting an error
EXECUTE Context_check.set_context('Ana');
Error starting at line 43 in command:
EXECUTE Context_check.set_context('Ana')
Error report:
ORA-01031: insufficient privileges
ORA-06512: at "SYS.DBMS_SESSION", line 114
ORA-06512: at "SEC_ADMIN.CONTEXT_CHECK", line 8
ORA-06512: at "SEC_ADMIN.CONTEXT_CHECK", line 20
ORA-06512: at line 1
01031. 00000 - "insufficient privileges"
*Cause: An attempt was made to change the current username or password
without the appropriate privilege. This error also occurs if
attempting to install a database without the necessary operating
system privileges.
When Trusted Oracle is configure in DBMS MAC, this error may occur
if the user was granted the necessary privilege at a higher label
than the current login.
*Action: Ask the database administrator to perform the operation or grant
the required privileges.
For Trusted Oracle users getting this error although granted the
the appropriate privilege at a higher label, ask the database
administrator to regrant the privilege at the appropriate label.
I have already given all the grants on that package.Still I am not able to execute this procedure.
Note : If I create the same procedures as stand alone ,its working fine and setting the context.
You need to create a context using a package, not using a procedure inside of a package.
Instead of
EXECUTE IMMEDIATE 'CREATE OR REPLACE CONTEXT VPD_CTX using set_context_vpd_proc';
Write
EXECUTE IMMEDIATE 'CREATE OR REPLACE CONTEXT VPD_CTX using Context_check';
How to execute copy from command inside a plsql block?
E.g. I have copy from test/test#test insert emp using select * from emp;
How can I call this in a plsql block? I have tried with
execute immediate 'copy from test/test#test insert emp using select * from emp';
However when I execute my script which has plsql block gives me
ORA-00900: invalid SQL statement
How can I resolve this issue
COPY is a SQL*Plus command. So it only works in the SQL*Plus client. Find out more.
EXECUTE IMMEDIATE is a PL/SQL command to run dynamic calls, and it only recognises SQL and PL/SQL.
"I am executing sqlscript from sqlplus"
Yes, but you are calling COPY in an anonymous block, so that's with a PL/SQL scope; which means PL/SQL and SQL only.
The way to do this is with a shell script. These are operating system dependent, but something like this would work on a Linux environment.
#!/bin/bash
echo Please enter local Username:
read USERNAME
echo "Please enter local Password:"
read -s PASS
SID=${ORACLE_SID}
if [ "${ORACLE_SID}" != 'TEST' ]
then
sqlplus -s -l $USERNAME/$PASS#$SID << EOF
copy from test/test#test insert emp using select * from emp
exit
EOF
else
echo "Can't copy from TEST to TEST"
fi
Obviously this is just a wild guess at what your program actually does, but I hope you can understand the principle.
In a plsql code if we directly use the command as follows shall serve the similar output
begin
insert into emp1 select * from emp;
end;
emp1 is target table
emp is source table
There are similar ask where one wants to create blank structure or structure with data for backup kindly of activity.Refer link https://oracle-concepts-learning.blogspot.com/2019/09/copy-table-structure-or-data.html
1) Creating blank structure from existing table
--Execute on sql prompt
begin
execute immediate 'create table emp1 as select * from emp where 1=2';
end;
--Execute on sql prompt
select count(1) from emp1;
2) Creating structure from existing table with data
--Execute on sql prompt
begin
execute immediate 'create table emp1 as select * from emp';
end;
--Execute on sql prompt
select count(1) from emp1;