[英]Select rows from one table where mapping exists in another table
My question revolves around using an Oracle Database to manage a mapping between Raw Entitlements to Business Friendly Roles. 我的问题围绕着使用Oracle数据库来管理原始权利与业务友好角色之间的映射。
Basically, I have two tables: 基本上,我有两个表:
Mapping Table - this would contain what entitlements are required to fit into a particular applicationrole. 映射表-这将包含适合特定应用程序角色所需的权利。 Note that you must have ALL of the entitlements for a particular applicationrole to have it.
请注意,您必须拥有特定应用程序角色的所有权利才能拥有它。 Also, this could change on any day, so queries need to be dynamic in the sense that it could be 3 entitlements = a role or 10 entitlements = a role.
此外,这可能会在任何一天发生变化,因此查询应该是动态的,因为它可以是3个权利=一个角色或10个权利=一个角色。
Application ApplicationRole Resource Action -------------------------------------------------------- Test1 Admin appserver1 admin Test1 Admin appserver2 admin Test1 Admin appserver3 admin test2 ReadOnly appserver1 ro test2 ReadOnly appserver2 ro
Accounts Table - this table would contain raw data from servers, like what accounts exist on what servers: 帐户表-该表将包含来自服务器的原始数据,例如哪些服务器上存在哪些帐户:
Account Resource Action Application ------------------------------------------------- abc123 appserver1 admin Test1 abc123 appserver2 admin Test1 abc123 appserver3 admin Test1 test2 ReadOnly appserver1 ro
What I am aiming for is to find what applicationroles (business friendly grouping) are applicable to my accounts. 我的目标是找到适用于我的帐户的应用程序(业务友好分组)。 In this example, account abc123 has 3 entitlements, for appservers 1, 2 and 3, and has the admin entitlement.
在此示例中,帐户abc123具有3个权利,分别针对应用服务器1、2和3,并且具有admin权利。 Looking at the mapping table, I can now say this account has applicationrole "admin".
查看映射表,我现在可以说此帐户具有applicationrole“ admin”。 However, account test2 only has ro on a single server, and the mapping says it needs ro on two servers to have the role "ReadOnly", therefore, account test2 does NOT have the role.
但是,帐户test2仅在单个服务器上具有ro,并且映射说它需要在两个服务器上具有ro才能具有“ ReadOnly”角色,因此,帐户test2不具有该角色。
The output from a query on this same data should look like: 对相同数据的查询输出应如下所示:
Account Application ApplicationRole ---------------------------------------------- abc123 Test1 Admin
Later on, I'll also want a query that returns the opposite;all accounts that DON'T fit into a role. 稍后,我还要查询返回相反的内容;所有不适合某个角色的帐户。 Eg
例如
Account Application Resource Action ---------------------------------------------- test2 test2 ReadOnly appserver1
Let me know if I can provide any more info! 让我知道是否可以提供更多信息! I can't really find what I am after online, seems pretty hard to search for.
我很难在网上找到自己想要的东西,似乎很难搜索。
Thanks guys! 多谢你们! :)
:)
EDIT: I've managed to write up this query and it seems to work for the first part; 编辑:我设法写出此查询,它似乎适用于第一部分; not sure if it's the best way though, and any guidance would be great :)
不确定这是否是最好的方法,任何指导都很棒:)
SELECT *
FROM TEMP_USERDATA b
LEFT JOIN TEMP_MAPPINGTABLE a
ON a.application = b.application
AND a.oresource =b.oresource
AND a.action =b.action
WHERE (SELECT COUNT(c.application||c.oresource||c.action)
FROM temp_mappingtable c
WHERE c.application=a.application) =
(SELECT COUNT(DISTINCT application||oresource||action||account)
FROM temp_userdata
WHERE temp_userdata.application=a.application
);
Try this: 尝试这个:
;WITH mapingdata AS ( SELECT application,
applicationrole,
resource,
action,
COUNT ( * ) AS rowcount
FROM temp_mappingtable
GROUP BY application,
applicationrole,
resource,
action),
WITH userdata AS ( SELECT account,
resource,
action,
application,
COUNT ( * ) AS rowcount
FROM user_data
GROUP BY account,
resource,
action,
application)
SELECT *
FROM mapingdata m, userdata u
WHERE m.application = u.application
AND m.resource = u.resource
AND m.action = u.action
AND m.rowcount = u.rowcount;
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.