sql - 从一个表中选择在另一个表中存在映射的行

Question

我的问题围绕着使用 Oracle 数据库来管理原始权利与业务友好角色之间的映射。

基本上，我有两个表:

映射表 - 这将包含适合特定应用程序角色所需的权利。请注意，您必须拥有特定应用程序角色的所有权利才能拥有它。此外，这可能会在任何一天发生变化，因此查询需要是动态的，因为它可以是 3 个权利 = 一个角色或 10 个权利 = 一个角色。

           
Application ApplicationRole     Resource    Action
--------------------------------------------------------
Test1       Admin               appserver1  admin
Test1       Admin               appserver2  admin
Test1       Admin               appserver3  admin
test2       ReadOnly            appserver1  ro
test2       ReadOnly            appserver2  ro

Accounts Table - this table would contain raw data from servers, like what accounts exist on what servers:

Account Resource    Action      Application
-------------------------------------------------
abc123  appserver1  admin       Test1
abc123  appserver2  admin       Test1
abc123  appserver3  admin       Test1
test2   ReadOnly    appserver1  ro

What I am aiming for is to find what applicationroles (business friendly grouping) are applicable to my accounts. In this example, account abc123 has 3 entitlements, for appservers 1, 2 and 3, and has the admin entitlement. Looking at the mapping table, I can now say this account has applicationrole "admin". However, account test2 only has ro on a single server, and the mapping says it needs ro on two servers to have the role "ReadOnly", therefore, account test2 does NOT have the role.

The output from a query on this same data should look like:

Account   Application   ApplicationRole
----------------------------------------------
abc123    Test1         Admin

Later on, I'll also want a query that returns the opposite;all accounts that DON'T fit into a role. E.g.

Account   Application   Resource    Action
----------------------------------------------
test2     test2         ReadOnly    appserver1

Let me know if I can provide any more info! I can't really find what I am after online, seems pretty hard to search for.

Thanks guys! :)

EDIT: I've managed to write up this query and it seems to work for the first part; not sure if it's the best way though, and any guidance would be great :)

SELECT *
FROM TEMP_USERDATA b
LEFT JOIN TEMP_MAPPINGTABLE a
ON a.application = b.application
AND a.oresource  =b.oresource
AND a.action     =b.action
WHERE (SELECT COUNT(c.application||c.oresource||c.action)
  FROM temp_mappingtable c
  WHERE c.application=a.application) =
  (SELECT COUNT(DISTINCT application||oresource||action||account)
  FROM temp_userdata
  WHERE temp_userdata.application=a.application
  );

Answer 1

试试这个:

;WITH mapingdata AS (  SELECT application,
applicationrole,
resource,
action,
COUNT ( * ) AS rowcount
FROM    temp_mappingtable
GROUP BY application,
applicationrole,
resource,
action),

WITH userdata AS (  SELECT   account,
                                      resource,
                                      action,
                                      application,
                                      COUNT ( * ) AS rowcount
                             FROM   user_data
                        GROUP BY   account,
                                      resource,
                                      action,
                                      application)
SELECT  *
  FROM  mapingdata m, userdata u
 WHERE       m.application = u.application
            AND m.resource = u.resource
            AND m.action = u.action
            AND m.rowcount = u.rowcount;