综合示例

• SYSDBA 用户登录

  SQL> CREATE USER usr_1 IDENTIFIED BY 'QWEasd12#@';
  
  SQL> GRANT DBA TO usr_1;
  
  SQL> CREATE TABLE usr_1.tab_test_1(c1 INT, c2 VARCHAR);
  
  SQL> CREATE TABLE usr_1.tab_test_2(c1 INT, c2 VARCHAR);
  
  SQL> INSERT INTO usr_1.tab_test_1 VALUES(1, 'a');
  
  SQL> INSERT INTO usr_1.tab_test_1 VALUES(2, 'b');
  
  SQL> INSERT INTO usr_1.tab_test_2 VALUES(1, 'alpha');
  
  SQL> INSERT INTO usr_1.tab_test_2 VALUES(2, 'beta');

• SYSSSO 用户登录

  SQL> CREATE POLICY policy_1 ADD LEVEL level_1 AS 1,ADD LEVEL level_2 AS 3,ADD LEVEL level_3 AS 5;
  
  SQL> ALTER USER POLICY usr_1 ADD policy_1 LEVEL level_2;
  
  SQL> ALTER TABLE POLICY usr_1.tab_test_1 ADD policy_1 COLUMN c3 NOT HIDE LABEL 'level_1:';
  
  SQL> ALTER TABLE POLICY usr_1.tab_test_2 ADD policy_1 COLUMN c3 NOT HIDE LABEL 'level_3:';

• usr_1 用户登录

  SQL> UPDATE tab_test_1 SET c2 = 'c' WHERE c1 = 2;
  
  [E18028] 更改操作违反强制安全控制策略
  
  SQL> SELECT * FROM tab_test_1;
  
  C1 | C2 | C3 | 
  ------------------------------------------------------------------------------
  1 | a| 281474976710656 |
  2 | b| 281474976710656 |
  
  SQL> SELECT * FROM tab_test_2;
  
  C1 | C2 | C3 | 
  ------------------------------------------------------------------------------