From 8a1e9bb30d57233dd83c5e4ec9c975ad431e03d1 Mon Sep 17 00:00:00 2001 From: Ilyas Ahsan Date: Sat, 11 May 2024 21:36:50 +0700 Subject: [PATCH] DBZ-7865 Support Oracle DDL Create Audit Policy --- .../ddl/parser/oracle/generated/PlSqlParser.g4 | 8 ++++++++ .../test/resources/oracle/examples/ddl_create.sql | 14 ++++++++++++++ 2 files changed, 22 insertions(+) diff --git a/debezium-ddl-parser/src/main/antlr4/io/debezium/ddl/parser/oracle/generated/PlSqlParser.g4 b/debezium-ddl-parser/src/main/antlr4/io/debezium/ddl/parser/oracle/generated/PlSqlParser.g4 index 241546346..8718b7c3a 100644 --- a/debezium-ddl-parser/src/main/antlr4/io/debezium/ddl/parser/oracle/generated/PlSqlParser.g4 +++ b/debezium-ddl-parser/src/main/antlr4/io/debezium/ddl/parser/oracle/generated/PlSqlParser.g4 @@ -82,6 +82,7 @@ unit_statement | create_trigger | create_type | create_synonym + | create_audit_policy | drop_function | drop_package @@ -2677,6 +2678,13 @@ create_synonym | CREATE (OR REPLACE)? SYNONYM (schema_name PERIOD)? synonym_name FOR (schema_name PERIOD)? schema_object_name (AT_SIGN link_name)? ; +// https://docs.oracle.com/en/database/oracle/oracle-database/21/sqlrf/CREATE-AUDIT-POLICY-Unified-Auditing.html +create_audit_policy + : CREATE AUDIT POLICY p = id_expression privilege_audit_clause? action_audit_clause? role_audit_clause? ( + WHEN quoted_string EVALUATE PER (STATEMENT | SESSION | INSTANCE) + )? (ONLY TOPLEVEL)? container_clause? + ; + comment_on_table : COMMENT ON TABLE tableview_name IS quoted_string ; diff --git a/debezium-ddl-parser/src/test/resources/oracle/examples/ddl_create.sql b/debezium-ddl-parser/src/test/resources/oracle/examples/ddl_create.sql index d3d8afccf..dd9dad38d 100644 --- a/debezium-ddl-parser/src/test/resources/oracle/examples/ddl_create.sql +++ b/debezium-ddl-parser/src/test/resources/oracle/examples/ddl_create.sql @@ -700,4 +700,18 @@ CREATE TABLESPACE LOGMINER_TBS IF NOT EXISTS DATAFILE '/opt/oracle/oradata/ORCLC -- Create view (Oracle 23+) CREATE VIEW THE_VIEW IF NOT EXISTS AS SELECT ID, NAME FROM THE_TABLE WHERE ID > 10; +-- Create Audit Policy +CREATE AUDIT POLICY TABLE_POL PRIVILEGES CREATE ANY TABLE, DROP ANY TABLE; +CREATE AUDIT POLICY DML_POL ACTIONS DELETE ON HR.EMPLOYEES, INSERT ON HR.EMPLOYEES, UPDATE ON HR.EMPLOYEES, ALL ON HR.DEPARTMENTS; +CREATE AUDIT POLICY SECURITY_POL ACTIONS ADMINISTER KEY MANAGEMENT; +CREATE AUDIT POLICY DIR_POL ACTIONS READ DIRECTORY, WRITE DIRECTORY, EXECUTE DIRECTORY; +CREATE AUDIT POLICY ALL_ACTIONS_POL ACTIONS ALL; +CREATE AUDIT POLICY DP_ACTIONS_POL ACTIONS COMPONENT = DATAPUMP IMPORT; +CREATE AUDIT POLICY JAVA_POL ROLES JAVA_ADMIN, JAVA_DEPLOY; +CREATE AUDIT POLICY HR_ADMIN_POL PRIVILEGES CREATE ANY TABLE, DROP ANY TABLE ACTIONS DELETE ON HR.EMPLOYEES, INSERT ON HR.EMPLOYEES, UPDATE ON HR.EMPLOYEES, ALL ON HR.DEPARTMENTS, LOCK TABLE ROLES AUDIT_ADMIN, AUDIT_VIEWER; +CREATE AUDIT POLICY ORDER_UPDATES_POL ACTIONS UPDATE ON OE.ORDERS WHEN 'SYS_CONTEXT(''USERENV'', ''IDENTIFICATION_TYPE'') = ''EXTERNAL''' EVALUATE PER SESSION; +CREATE AUDIT POLICY EMP_UPDATES_POL ACTIONS DELETE ON HR.EMPLOYEES, INSERT ON HR.EMPLOYEES, UPDATE ON HR.EMPLOYEES WHEN 'UID NOT IN (100, 105, 107)' EVALUATE PER STATEMENT; +CREATE AUDIT POLICY LOCAL_TABLE_POL PRIVILEGES CREATE ANY TABLE, DROP ANY TABLE CONTAINER = CURRENT; +CREATE AUDIT POLICY COMMON_ROLE1_POL ROLES C CONTAINER = ALL; + CREATE OR REPLACE NONEDITIONABLE PACKAGE BODY tidy_html_snippet_pkg AS FUNCTION tidy(i_html_snippet IN CLOB) RETURN CLOB; FUNCTION tidy(i_html_snippet IN VARCHAR2) RETURN CLOB; END tidy_html_snippet_pkg;