我的问题围绕着使用 Oracle 数据库来管理原始权利与业务友好角色之间的映射。
基本上,我有两个表:
映射表 - 这将包含适合特定应用程序角色所需的权利。请注意,您必须拥有特定应用程序角色的所有权利才能拥有它。此外,这可能会在任何一天发生变化,因此查询需要是动态的,因为它可以是 3 个权利 = 一个角色或 10 个权利 = 一个角色。
Application ApplicationRole Resource Action -------------------------------------------------------- Test1 Admin appserver1 admin Test1 Admin appserver2 admin Test1 Admin appserver3 admin test2 ReadOnly appserver1 ro test2 ReadOnly appserver2 ro
Accounts Table - this table would contain raw data from servers, like what accounts exist on what servers:
Account Resource Action Application ------------------------------------------------- abc123 appserver1 admin Test1 abc123 appserver2 admin Test1 abc123 appserver3 admin Test1 test2 ReadOnly appserver1 ro
What I am aiming for is to find what applicationroles (business friendly grouping) are applicable to my accounts. In this example, account abc123 has 3 entitlements, for appservers 1, 2 and 3, and has the admin entitlement. Looking at the mapping table, I can now say this account has applicationrole "admin". However, account test2 only has ro on a single server, and the mapping says it needs ro on two servers to have the role "ReadOnly", therefore, account test2 does NOT have the role.
The output from a query on this same data should look like:
Account Application ApplicationRole ---------------------------------------------- abc123 Test1 Admin
Later on, I'll also want a query that returns the opposite;all accounts that DON'T fit into a role. E.g.
Account Application Resource Action ---------------------------------------------- test2 test2 ReadOnly appserver1
Let me know if I can provide any more info! I can't really find what I am after online, seems pretty hard to search for.
Thanks guys! :)
EDIT: I've managed to write up this query and it seems to work for the first part; not sure if it's the best way though, and any guidance would be great :)
SELECT *
FROM TEMP_USERDATA b
LEFT JOIN TEMP_MAPPINGTABLE a
ON a.application = b.application
AND a.oresource =b.oresource
AND a.action =b.action
WHERE (SELECT COUNT(c.application||c.oresource||c.action)
FROM temp_mappingtable c
WHERE c.application=a.application) =
(SELECT COUNT(DISTINCT application||oresource||action||account)
FROM temp_userdata
WHERE temp_userdata.application=a.application
);
最佳答案
试试这个:
;WITH mapingdata AS ( SELECT application,
applicationrole,
resource,
action,
COUNT ( * ) AS rowcount
FROM temp_mappingtable
GROUP BY application,
applicationrole,
resource,
action),
WITH userdata AS ( SELECT account,
resource,
action,
application,
COUNT ( * ) AS rowcount
FROM user_data
GROUP BY account,
resource,
action,
application)
SELECT *
FROM mapingdata m, userdata u
WHERE m.application = u.application
AND m.resource = u.resource
AND m.action = u.action
AND m.rowcount = u.rowcount;
关于sql - 从一个表中选择在另一个表中存在映射的行,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/34258744/