Contents
1. Statement of Work (SOW) 3
1.1. OVERIVEW 3
1.2 Objectives of BANKONDJI database project 3
1.3 Scope of the Project 4
1.4 Database Goals, Expectations, and Deliverables 5
1.5 Database Benefits 5
1.6 Hardware and Software Tools 5
1.7 SQL Usage and Style Guide 5
2.1 Business Rules. 6
2.2 Entity and Attribute Description 7
2.3 Relationship and Cardinality Description 10
2.4 Assumptions and Special Considerations 10
2.5 Entity Relationship Diagram 11
3) DDL-DML scripts 11
4) DDL-DML scripts output 22
5) Database Security 54
5.1) Security Plan 54
5.2) Security Policies 54
5.3) Security Procedures 55
5.3.1) Users and roles definition. 55
5.4) Security_Procedures_Script 56
5.5) Security_Procedures_Script_output 62
5.5) Verification of Security Implementation 71
Conclusion 79
1. Statement of Work (SOW)1.1. OVERIVEW
Relational databases are the foundations of the majority of information systems and represent one of the most pervasive technologies today. As a database consultant with SoftyWay Inc (US based company), I have been assigned to develop a database for the BANKONDJI video store which is a small video store located in Douala, Cameroon. BANKONDJI has been keeping records of videos and DVDs purchased from distributors and rented to customers in stacks of invoices and piles of rental forms for years. They have finally decided to automate their record keeping with a relational database. This database will allow BANKONDJI store to automatically manage all customers’ and distributors’ transactions so as to have the related timely reports.1.2 Objectives of BANKONDJI database project
The number of customers as well as suppliers of BANKONDJI store has tremendously grown and the actual manual management of information system is very tedious. Requirements for this project have been gathered as follow:
A video and a DVD are both copies of a movie that is rented out. Several copies of each movie are rented. Therefore there are several videos and DVDs for each movie title. In BANKONDJI’s store inventory there are several thousand videos and DVDs purchased from distributors. The video and DVD prices are based on the quantity of their shipment and the past business they have done with each company. The price of a DVD for a movie might be different than the price of a video for the same movie, even from the same distributor. Each distributor provides different types of movies. A single distributor may provide several different types of movies in both video and DVD format. It is possible to obtain the same movie from multiple distributors, and at different wholesale prices. In addition to the distributor's serial number for the item, each video and DVD has a unique identification number that BANKONDJI staff assign in their inventory. Distributors provide electronic catalogs to BANKONDJI and the information from these catalogs must be included in the database.
Having all these requirements in mind, the objective of our database is to allow BANKOND.
Contents1. Statement of Work (SOW)31.1. OVERIVEW31.docx
1. Contents
1. Statement of Work (SOW) 3
1.1. OVERIVEW 3
1.2 Objectives of BANKONDJI database project 3
1.3 Scope of the Project 4
1.4 Database Goals, Expectations, and Deliverables5
1.5 Database Benefits 5
1.6 Hardware and Software Tools 5
1.7 SQL Usage and Style Guide 5
2.1 Business Rules. 6
2.2 Entity and Attribute Description 7
2.3 Relationship and Cardinality Description 10
2.4 Assumptions and Special Considerations 10
2.5 Entity Relationship Diagram 11
3) DDL-DML scripts 11
4) DDL-DML scripts output 22
5) Database Security 54
5.1) Security Plan 54
5.2) Security Policies 54
5.3) Security Procedures 55
5.3.1) Users and roles definition. 55
5.4) Security_Procedures_Script 56
5.5) Security_Procedures_Script_output 62
5.5) Verification of Security Implementation 71
Conclusion 79
1. Statement of Work (SOW)1.1. OVERIVEW
Relational databases are the foundations of the majority of
information systems and represent one of the most pervasive
technologies today. As a database consultant with SoftyWay Inc
2. (US based company), I have been assigned to develop a
database for the BANKONDJI video store which is a small
video store located in Douala, Cameroon. BANKONDJI has
been keeping records of videos and DVDs purchased from
distributors and rented to customers in stacks of invoices and
piles of rental forms for years. They have finally decided to
automate their record keeping with a relational database. This
database will allow BANKONDJI store to automatically manage
all customers’ and distributors’ transactions so as to have the
related timely reports.1.2 Objectives of BANKONDJI database
project
The number of customers as well as suppliers of BANKONDJI
store has tremendously grown and the actual manual
management of information system is very tedious.
Requirements for this project have been gathered as follow:
A video and a DVD are both copies of a movie that is rented
out. Several copies of each movie are rented. Therefore there
are several videos and DVDs for each movie title. In
BANKONDJI’s store inventory there are several thousand
videos and DVDs purchased from distributors. The video and
DVD prices are based on the quantity of their shipment and the
past business they have done with each company. The price of a
DVD for a movie might be different than the price of a video
for the same movie, even from the same distributor. Each
distributor provides different types of movies. A single
distributor may provide several different types of movies in
both video and DVD format. It is possible to obtain the same
movie from multiple distributors, and at different wholesale
prices. In addition to the distributor's serial number for the
item, each video and DVD has a unique identification number
that BANKONDJI staff assign in their inventory. Distributors
provide electronic catalogs to BANKONDJI and the information
from these catalogs must be included in the database.
Having all these requirements in mind, the objective of our
database is to allow BANKONDJI staff to keep track of all
rented/returned Video/DVD, all customers’ charges such as late
3. and damaged fees, failure to rewind fees, and taxes. They will
be able to get a report of which videos are returned late because
there are standard and late charges. Customers usually want to
rent movies based on actors or actresses, running length, type of
movie, rating, year released. Customers also want to know how
many videos they have rented in the last month, year, and so
forth. The database will allow BANKONDJI staff to supply this
information to their customers. The database will also
allow BANKONDJI staff to record only basic information on
customers in their database, such as name, address, telephone
numbers, etc. There must be no limit to the number of video
and/or DVD copies of a movie that BDNKONDJI can have in
their inventory. Video/DVD ID numbers, movie ID numbers,
and distributor ID numbers for videos, DVDs, and movies are
all different.
For the successful completion of our Database design and
implementation, we will start by submitting the Statement of
Work to BANKONDJI Management no letter 02/25/2018. Once
SOW gets approval from BANKONDJI Management, we will
create requirement definition document for our database project
and then use Entity Relationship assistant to create Entity
Relationship Diagram for our database no letter than
03/11/2018. After completing this phase, the next step will
consist of uing SQL DDL statements to create
tables/views/triggers and other required database objects for our
database. Also, queries (select statements on database
catalog/data dictionary such as user_objects and user_tables)
will be used to demonstrate all objects are created successfully.
This phase is meant to be completed by 04/01/2018. Once all
objects will have been created in the database, we will use SQL
INSERT statements (DML) to populate each table with sample
data. Then develop SQL SELECT statements to query various
tables. This phase will be completed by 04/15/2018. 1.3 Scope
of the Project
Upon completion of our project, we will have achieved the
following tasks which are within the scope of our project :
4. · Evalaution of the current BANKONDJI information system
management ;
· Requirements for the design of the new BANKONDJI
Information system ;
· Creation of the ERD for BANKONDJI database ;
· Creation of all BANKONDJI databse objects as defined in the
DRD
· Population of BANKONDJI database with sample data.
The following task is outside the scope of our project and will
not be done :
· Population of BANKONDJI database will old data contained
in the paper form. 1.4 Database Goals, Expectations, and
Deliverables
The design and implémentation of the BANKONDJI database
will be of tremendous help to the BANKONDJI staff as it will
allow them to be more productive. In fact, answer to customers’
queries will be done in a timely maner as they won’t have to
conduct their searches in archived forms so as to respond to
their customers. 1.5 Database Benefits
The goal of desiging and implementing BANKONDJI database
is to allow the store to automaticallly manage its transactions
and to provide timely responses to customers’ queries. The
database will also be usefull in tracking best movies rented out
so as to forcast on which type of movies to invest more. 1.6
Hardware and Software Tools
· Diagram Tool:
ER Assistant will be used to design the ERD of BANKONDJI
database
· Database:
Oracle 12c, using Virtual Desktop Application will be used in
our project
· Hardware and Software:
UMUC (VDA) Intel(R) Xeon ® . Operating System is Linux
will be used to design our project1.7 SQL Usage and Style
Guide
SQL (Structure Query Language) will be used for the DDL and
5. DML. For my DDL scripts, I will use SQL to translate
information captured in my ER diagram (created in ER
Assistant) into database table creation scripts. For my DML
scripts, I will use SQL to insert rows of data into my database
tables.
2.Requirements Definition For BANKONDJI Video Store
Database 2.1 Business Rules.
According to DRAKE Hay (Modeling Business Rules, January 1
2004), a business rule could be thought of as Term, Fact,
Derivation and Constraint that govern business in a company.
Term is the application of a single definition to a word or
phrase. Fact is the attribution of something to describe a thing.
Derivation is an attribute that is derived from other attributes or
system variables. Constraint is a condition that determines what
values an attribute or relationship can or must have. As stated in
the Statement of Work of my project, BANKONDJI store is a
company that rents movies to customers. The major business
rules of BANKONDJI store are outlined as follows:
1. A video and a DVD are both copies of a movie that is rented
out. Several copies of each movie are rented. Therefore there
are several videos and DVDs for each movie title.
1. In BANKONDJI’s store inventory there are several thousand
videos and DVDs purchased from distributors.
1. The video and DVD prices are based on the quantity of their
shipment and the past business they have done with each
company. The price of a DVD for a movie might be different
than the price of a video for the same movie, even from the
same distributor
1. Each distributor provides different types of movies. A single
distributor may provide several different types of movies in
both video and DVD format
1. It is possible to obtain the same movie from multiple
distributors, and at different wholesale prices
1. In addition to the distributor's serial number for the item,
6. each video and DVD has a unique identification number that
BANKONDJI staff assign in their inventory.
1. Distributors provide electronic catalogs to BANKONDJI and
the information from these catalogs must be included in the
database.
1. BANKONDJI staff to keep track of all rented/returned
Video/DVD, all customers’ charges such as late and damaged
fees, failure to rewind fees, and taxes.
1. Customers usually want to rent movies based on actors or
actresses, running length, type of movie, rating, year released.
2.2 Entity and Attribute Description
Based on business rules and requirements, following entities
have been identified for our database:
Entity name: MOVIE
Entity Description: This entity stores all the information related
to Movies that are available in BANKONDJI Store.
Movie has following attributes:
-Main attribute: MovieID (Primary key)
Attribute description: Unique id of the movie that is available in
the store.
-Attribute name: MovieTitle
Attribute description : Title of the movie.
- Attribute name: Duration
Attribute description : Length of the movie.
-Attribute name: Rating
Attribute description: Rating of the movie.
- Attribute name: YearReleased
Attribute description : Year in which movie is released.
Entity name: CUSTOMER
Entity Description: this entity stores information related to the
customer of that store.
CUSTOMER has following attributes:
-Main attribute: CustomerID (Primary key)
Attribute description: Unique id of the customer that is using
our services.
7. -Attribute name: LastName
Attribute description: Name of the customer.
-Attribute name: FirstName
Attribute description: First Name of the customer
-Attribute name: StreetAddress
Attribute description: Street Address of the customer
-Attribute name: ZipCode
Attribute description: Zip Code of the customer.
-Attribute name: PhoneNumber
Attribute description: Phone number of the customer.
Entity name: DISTRIBUTOR
Entity Description: This entity stores distributor details.
Distributor entity has following attributes:
-Main attribute: DistributorID (Primary Key)
Attribute description: Unique id of the distributor.
-Attribute name: LastName
Attribute description: Name of the distributor.
-Attribute name: FirstName
Attribute description: First Name of the distributor
-Attribute name: StreetAddress
Attribute description: Street Address of the distributor
-Attribute name: ZipCode
Attribute description: Zip Code of the distributor.
-Attribute name: PhoneNumber
Attribute description: Phone number of the distributor.
Entity name: DVD_VIDEO
Entity Description: This entity stores list of all movies format
available.
DVD_VIDEO entity has following attributes:
-Main attribute: DVDVideoID (Primary key)
Attribute description: Unique identification number of video or
DVD
-Attribute name: MovieFormat
Attribute description: Format of the movie i.e DVD or Video
8. -Attribute name: Price
Attribute description: Price of that video or DVD
-Attribute name: MovieID (Foreign key. Refers to MOVIE
table)
Attribute description: Movie contained in that video or DVD.
-Attribute name: DistributorID (Foreign key. Refer to
DISTRIBUTOR table)
Attribute description: Distributor of that video or DVD
Entity name: RENTAL
Entity Description: This entity stores all movies that are rented
out.
RENTAL entity has following attributes:
-Main attribute: RentID (Primary key)
Attribute description: Unique identification number of video or
DVD
-Attribute name: CheckOutDate
Attribute description: Date on which movie is rented out
-Attribute name: CheckInDate
Attribute description: Date in which that movie is returned.
-Attribute name: LateFee
Attribute description: Fee if movie is not returned on time.
-Attribute name: DamageFee
Attribute description: Fee if movie is damaged
-Attribute name: Taxes
Attribute description: Taxes applicable.
-Attribute name: CustomerID
Attribute description: Customer that rented out.
-Attribute name: DVDVideoID
Attribute description: DVD or video that is rented out.
2.3 Relationship and Cardinality Description
Based on business rules and requirements, the following
9. relationships have been identified between the entities:
· CUSTOMER rents movies.
Cardinality/Business rule: each RENTAL includes a
CUSTOMER. Each CUSTOMER may be involved in one or
more RENTALS.
· DVD or Videos are rented out.
Cardinality/Business rule: Each RENTAL includes a video or a
DVD. Each VIDEO may be involved in one or more RENTALS
· MOVIE is contained in a DVD or Video
Cardinality/Business rule: each MOVIE can have one or more
video or a DVD. Each VIDEO is related with one MOVIE.
· DISTRIBUTOR distributes DVDVideo
Cardinality/Business rule: Each DISTRIBUTOR can distribute
one or many DVD/Video. Each DVD/Video can be distributed
by only on DISTRIBUTOR
2.4 Assumptions and Special Considerations.
Our project requires having a minimum of 5 attributes for each
entity. All entities except DVD_VIDEO entity identified in
section 2 above have 5 attributes. DVD_VIDEO has 5 attributes
among which 2 attributes are referenced in Movie and
Distributor tables. Accordingly, this is a join table and cannot
meet the five-attribute minimum requirement.
2.5 Entity Relationship Diagram
3) DDL-DML scripts
Below is the DDL-DML script to create the Bankondji database
rem Connect to the datbase as sysdba and create the database
admisnitorator user
rem sqlplus sys/[email protected]:1521/orcl as sysdba
SPOOL DBST668_PROJECT_DDL_DML.log;
set echo on;
set serveroutput on;
set linesize 200;
set pagesize 150;
rem create user DBA responsible to create all objects and
manage BANKONDJI database
10. rem drop user DRAKE_XXX68
drop user DRAKE_XXX68 cascade;
create user DRAKE_XXX68 IDENTIFIED by XXXha_dav1968;
grant RESOURCE TO DRAKE_XXX68;
grant CREATE SESSION TO DRAKE1_XXX68;
grant CONNECT TO DRAKE_XXX68;
grant DBA to DRAKE_XXX68;
GRANT UNLIMITED TABLESPACE TO DRAKE_XXX68;
rem connect as DRAKE_XXX68 to create object of the
Bnakondji database.
connect DRAKE_XXX68/XXXha_dav1968 @orcl
/* Begin PART1: DDL SCRIPT */
--1.Drop Statements for All Objects as needed
/* Start Drop tables triggers and sequences */
/* Start Drop Tables */
DROP TABLE MOVIE CASCADE CONSTRAINTS;
DROP TABLE CUSTOMER CASCADE CONSTRAINTS;
DROP TABLE DISTRIBUTOR CASCADE CONSTRAINTS;
DROP TABLE DVD_VIDEO CASCADE CONSTRAINTS;
DROP TABLE RENTAL CASCADE CONSTRAINTS;
/* End drop Tables */
/* Start drop Sequences */
DROP SEQUENCE SEQ_MovieID;
DROP SEQUENCE SEQ_CustomerID;
DROP SEQUENCE SEQ_DistributorID;
DROP SEQUENCE SEQ_DVDVideoID;
DROP SEQUENCE SEQ_RentID;
/* End drop sequences */
/* Start drop Triggers */
--DROP TRIGGER MOVIE_TRG;
--DROP TRIGGER CUSTOMER_TRG;
--DROP TRIGGER DISTRIBUTOR_TRG;
--DROP TRIGGER DVDVIDEO_TRG;
--DROP TRIGGER RENTAL_TRG;
13. start with 500
increment by 1;
--6. Add Auditing Columns to All Tables
/* Add audit columns to tables */
--Add Audit column on MOVIE table
ALTER TABLE MOVIE ADD
( CREATED_BY VARCHAR2(30),
DATE_CREATED DATE,
MODIFIED_BY VARCHAR2(30),
DATE_MODIFIED DATE
);
--Add Audit column to CUSTOMER table
ALTER TABLE CUSTOMER ADD
( CREATED_BY VARCHAR2(30),
DATE_CREATED DATE,
MODIFIED_BY VARCHAR2(30),
DATE_MODIFIED DATE
);
--Add Audit column to DISTRIBUTOR table
ALTER TABLE DISTRIBUTOR ADD
( CREATED_BY VARCHAR2(30),
DATE_CREATED DATE,
MODIFIED_BY VARCHAR2(30),
DATE_MODIFIED DATE
);
--Add Audit column to DVD_VIDEO table
ALTER TABLE DVD_VIDEO ADD
( CREATED_BY VARCHAR2(30),
DATE_CREATED DATE,
MODIFIED_BY VARCHAR2(30),
DATE_MODIFIED DATE
);
--Add Audit column to RENTAL table
14. ALTER TABLE RENTAL ADD
( CREATED_BY VARCHAR2(30),
DATE_CREATED DATE,
MODIFIED_BY VARCHAR2(30),
DATE_MODIFIED DATE
);
--7.Create Triggers on surrogate keys of the five tables
/* Start Create triggers */
--MOVIE Table
--This trigger populates surrogate key and audit column with
appropriate values
CREATE OR REPLACE TRIGGER MOVIE_TRG
BEFORE INSERT OR UPDATE ON MOVIE
FOR EACH ROW
BEGIN
--USE SURROGATE KEY
IF :NEW.MovieID IS NULL THEN
:NEW.MovieID := SEQ_MOVIEID.NEXTVAL;
END IF;
IF INSERTING THEN
IF :NEW.CREATED_BY IS NULL THEN
:NEW.CREATED_BY :=USER; END IF;
IF :NEW.DATE_CREATED IS NULL THEN
:NEW.DATE_CREATED := SYSDATE; END IF;
END IF;
IF INSERTING OR UPDATING THEN
IF :NEW.MODIFIED_BY IS NULL THEN
:NEW.MODIFIED_BY := USER; END IF;
IF :NEW.DATE_MODIFIED IS NULL THEN
:NEW.DATE_MODIFIED := SYSDATE; END IF;
END IF;
END;
/
15. --CUSTOMER Table
--This trigger populates surrogate key and audit column with
appropriate values
CREATE OR REPLACE TRIGGER CUSTOMER_TRG
BEFORE INSERT OR UPDATE ON CUSTOMER
FOR EACH ROW
BEGIN
--USE SURROGATE KEY
IF :NEW.CustomerID IS NULL THEN
:NEW.CustomerID := SEQ_CustomerID.NEXTVAL;
END IF;
IF INSERTING THEN
IF :NEW.CREATED_BY IS NULL THEN
:NEW.CREATED_BY :=USER; END IF;
IF :NEW.DATE_CREATED IS NULL THEN
:NEW.DATE_CREATED := SYSDATE; END IF;
END IF;
IF INSERTING OR UPDATING THEN
IF :NEW.MODIFIED_BY IS NULL THEN
:NEW.MODIFIED_BY := USER; END IF;
IF :NEW.DATE_MODIFIED IS NULL THEN
:NEW.DATE_MODIFIED := SYSDATE; END IF;
END IF;
END;
/
--DSITRIBUTOR Table
--This trigger populates surrogate key and audit column with
appropriate values
CREATE OR REPLACE TRIGGER DISTRIBUTOR_TRG
BEFORE INSERT OR UPDATE ON DISTRIBUTOR
FOR EACH ROW
BEGIN
--USE SURROGATE KEY
IF :NEW.DistributorID IS NULL THEN
:NEW.DistributorID := SEQ_DistributorID.NEXTVAL;
END IF;
16. IF INSERTING THEN
IF :NEW.CREATED_BY IS NULL THEN
:NEW.CREATED_BY := USER; END IF;
IF :NEW.DATE_CREATED IS NULL THEN
:NEW.DATE_CREATED := SYSDATE; END IF;
END IF;
IF INSERTING OR UPDATING THEN
IF :NEW.MODIFIED_BY IS NULL THEN
:NEW.MODIFIED_BY := USER; END IF;
IF :NEW.DATE_MODIFIED IS NULL THEN
:NEW.DATE_MODIFIED := SYSDATE; END IF;
END IF;
END;
/
--DVD_VIDEO Table
--This trigger populates surrogate key and audit column with
appropriate values
CREATE OR REPLACE TRIGGER DVDVIDEO_TRG
BEFORE INSERT OR UPDATE ON DVD_VIDEO
FOR EACH ROW
BEGIN
--USE SURROGATE KEY
IF :NEW.DVDVideoID IS NULL THEN
:NEW.DVDVideoID := SEQ_DVDVideoID.NEXTVAL;
END IF;
IF INSERTING THEN
IF :NEW.CREATED_BY IS NULL THEN
:NEW.CREATED_BY := USER; END IF;
IF :NEW.DATE_CREATED IS NULL THEN
:NEW.DATE_CREATED := SYSDATE; END IF;
END IF;
IF INSERTING OR UPDATING THEN
IF :NEW.MODIFIED_BY IS NULL THEN
:NEW.MODIFIED_BY := USER; END IF;
IF :NEW.DATE_MODIFIED IS NULL THEN
:NEW.DATE_MODIFIED := SYSDATE; END IF;
17. END IF;
END;
/
--RENTAL Table
--This trigger populates surrogate key and audit column with
appropriate values
CREATE OR REPLACE TRIGGER RENTAL_TRG
BEFORE INSERT OR UPDATE ON RENTAL
FOR EACH ROW
BEGIN
--USE SURROGATE KEY
IF :NEW.RentID IS NULL THEN
:NEW.RentID := SEQ_RentID.NEXTVAL;
END IF;
IF INSERTING THEN
IF :NEW.CREATED_BY IS NULL THEN
:NEW.CREATED_BY := USER; END IF;
IF :NEW.DATE_CREATED IS NULL THEN
:NEW.DATE_CREATED := SYSDATE; END IF;
END IF;
IF INSERTING OR UPDATING THEN
IF :NEW.MODIFIED_BY IS NULL THEN
:NEW.MODIFIED_BY := USER; END IF;
IF :NEW.DATE_MODIFIED IS NULL THEN
:NEW.DATE_MODIFIED := SYSDATE; END IF;
END IF;
END;
/
/* End Create triggers */
/* End PART1: DDL SCRIPT */
/* Begin Part2: DML SCRIPT */
/* Start Insert data into tables */
/* Start Insert DATA Into MOVIE Table */
18. INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased)
VALUES (SEQ_MOVIEID.NEXTVAL,'Terikassam',2,70,1970);
INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased)
VALUES (SEQ_MOVIEID.NEXTVAL,'Cinq Pour
Lenfer',3,80,2010);
INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased)
VALUES (SEQ_MOVIEID.NEXTVAL,'Le Proces',2,90,1980);
INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased)
VALUES (SEQ_MOVIEID.NEXTVAL,'La Companie
Creole',4,50,2003);
INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased)
VALUES (SEQ_MOVIEID.NEXTVAL,'Grand
Canion',3,80,1978);
INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased)
VALUES (SEQ_MOVIEID.NEXTVAL,'BaoBali',1,90,1983);
INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased)
VALUES (SEQ_MOVIEID.NEXTVAL,'Titanic',3,95,1968);
INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased)
VALUES (SEQ_MOVIEID.NEXTVAL,'Ready Player
One',4,50,2004);
19. INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased)
VALUES (SEQ_MOVIEID.NEXTVAL,'Black
Panther',3,60,2012);
INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased)
VALUES (SEQ_MOVIEID.NEXTVAL,'Khushi',2,85,1965);
INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased)
VALUES (SEQ_MOVIEID.NEXTVAL,'Idiots',4,75,1992);
INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased)
VALUES (SEQ_MOVIEID.NEXTVAL,'Trois Idiots',3,78,2002);
/* End Insert DATA Into MOVIE TABLE */
select * from movie;
/* Start Insert Data into CUSTOMER Table */
INSERT INTO CUSTOMER
(CustomerID,FirstName,LastName,StreetAddress,PhoneNo,ZipC
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'DRAKE','XXXha','427
Beacon Hill Ter','240-441-8705','20878');
INSERT INTO CUSTOMER
(CustomerID,FirstName,LastName,StreetAddress,PhoneNo,ZipC
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Carole','Ciewe','458 Sioux
Lane','241-444-4855','20775');
INSERT INTO CUSTOMER
(CustomerID,FirstName,LastName,StreetAddress,PhoneNo,ZipC
ode) VALUES
20. (SEQ_CustomerID.NEXTVAL,'Junior','Ndeni','456 E
Diamond Ave','250-210-9988','21090');
INSERT INTO CUSTOMER
(CustomerID,FirstName,LastName,StreetAddress,PhoneNo,ZipC
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Samria','Monthe','555 W
Diamond Ave','703-456-9021','24980') ;
INSERT INTO CUSTOMER
(CustomerID,FirstName,LastName,StreetAddress,PhoneNo,ZipC
ode) VALUES (SEQ_CustomerID.NEXTVAL,'Marie
Jeanne','Choualeu','589 Legacy Pride Drive','703-455-
0978','20701');
INSERT INTO CUSTOMER
(CustomerID,FirstName,LastName,StreetAddress,PhoneNo,ZipC
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Nestor','Ndjomkam','455
Ndogpassi II','901-555-7874','21567');
INSERT INTO CUSTOMER
(CustomerID,FirstName,LastName,StreetAddress,PhoneNo,ZipC
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Chantal','Francoise','536
Byemassi I','240-222-0987','20890');
INSERT INTO CUSTOMER
(CustomerID,FirstName,LastName,StreetAddress,PhoneNo,ZipC
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Dylane','Nemadjeu','456
Catalpa Evenue','240-345-1098','20878');
INSERT INTO CUSTOMER
(CustomerID,FirstName,LastName,StreetAddress,PhoneNo,ZipC
ode) VALUES
21. (SEQ_CustomerID.NEXTVAL,'Alice','Madeko','555
Thayer Ave','571-234-8023','29789');
INSERT INTO CUSTOMER
(CustomerID,FirstName,LastName,StreetAddress,PhoneNo,ZipC
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Justin','Kemogne','275
Colburn Terrace','301-777-9025','20782');
INSERT INTO CUSTOMER
(CustomerID,FirstName,LastName,StreetAddress,PhoneNo,ZipC
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Gregoire','Kamsu','4990
Don Road','910-123-4567','25789');
INSERT INTO CUSTOMER
(CustomerID,FirstName,LastName,StreetAddress,PhoneNo,ZipC
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Basile','Oyono','234 Ngoa
Ekele','571-444-0971','24098');
INSERT INTO CUSTOMER
(CustomerID,FirstName,LastName,StreetAddress,PhoneNo,ZipC
ode) VALUES (SEQ_CustomerID.NEXTVAL,'Jena
Blaise','Kamga Toko','956 North EAST','310-210-4367',21770);
INSERT INTO CUSTOMER
(CustomerID,FirstName,LastName,StreetAddress,PhoneNo,ZipC
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Adeline','Ngako','234
Mvomeka','241-090-5678','23019');
INSERT INTO CUSTOMER
(CustomerID,FirstName,LastName,StreetAddress,PhoneNo,ZipC
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Florentine','Djomkam','456
22. Dimako','456-100-2345','21890');
INSERT INTO CUSTOMER
(CustomerID,FirstName,LastName,StreetAddress,PhoneNo,ZipC
ode) VALUES
(SEQ_CustomerID.NEXTVAL,'Blaise','Kamga','556 North
EAST','210-210-4367',22770);
/* End Insert Data into CUSTOMER Table */
select * from customer;
/* Start Insert Data into DISTRIBUTOR Table */
INSERT INTO DISTRIBUTOR
(DistributorID,FirstName,LastName,StreetAddress,PhoneN
o,ZipCode) VALUES (SEQ_DistributorID.NEXTVAL,'Jean
Pierre','Kamsukom','7505 Wisconsin Avenue','301-009-
1090','10015');
INSERT INTO DISTRIBUTOR
(DistributorID,FirstName,LastName,StreetAddress,PhoneNo,Zip
Code) VALUES (SEQ_DistributorID.NEXTVAL,'Jean De
Dieu','Momo','234 Conneticut Ave','703-456-1231','20025');
INSERT INTO DISTRIBUTOR
(DistributorID,FirstName,LastName,StreetAddress,PhoneNo,Zip
Code) VALUES
(SEQ_DistributorID.NEXTVAL,'Bill','Gates','345 Los
Angeles','410-132-0099','23010');
INSERT INTO DISTRIBUTOR
(DistributorID,FirstName,LastName,StreetAddress,PhoneNo,Zip
Code) VALUES
(SEQ_DistributorID.NEXTVAL,'Ebenizer','Elong','423 Douala
Road','245-080-8900','20035');
23. INSERT INTO DISTRIBUTOR
(DistributorID,FirstName,LastName,StreetAddress,PhoneNo,Zip
Code) VALUES
(SEQ_DistributorID.NEXTVAL,'Sylvain','Djeukam','555
Dallas Road','234-090-0001','22090');
INSERT INTO DISTRIBUTOR
(DistributorID,FirstName,LastName,StreetAddress,PhoneNo,Zip
Code) VALUES (SEQ_DistributorID.NEXTVAL,'Jean
Jacques','Ndam','525 Thayer Ave','240-575-0934','20910');
INSERT INTO DISTRIBUTOR
(DistributorID,FirstName,LastName,StreetAddress,PhoneNo,Zip
Code) VALUES
(SEQ_DistributorID.NEXTVAL,'Elie','Poundeu','324 Lala
Mission','234-089-1231','21789');
INSERT INTO DISTRIBUTOR
(DistributorID,FirstName,LastName,StreetAddress,PhoneNo,Zip
Code) VALUES
(SEQ_DistributorID.NEXTVAL,'Victor','Odunsi','125
Lagos Street','567-124-2345','10035');
INSERT INTO DISTRIBUTOR
(DistributorID,FirstName,LastName,StreetAddress,PhoneNo,Zip
Code) VALUES
(SEQ_DistributorID.NEXTVAL,'Robert','Garatt','345
London Drive','240-485-0478','20878');
INSERT INTO
DISTRIBUTOR(DistributorID,FirstName,LastName,StreetAddre
ss,PhoneNo,ZipCode) VALUES
(SEQ_DistributorID.NEXTVAL,'Benjamin','Zida','494 New
York Avenue','901-345-0910','10111');
INSERT INTO
24. DISTRIBUTOR(DistributorID,FirstName,LastName,StreetAddre
ss,PhoneNo,ZipCode) VALUES
(SEQ_DistributorID.NEXTVAL,'Chanakya','Golu','125
Conneticut Avenue','301-123-1290','30125');
INSERT INTO
DISTRIBUTOR(DistributorID,FirstName,LastName,StreetAddre
ss,PhoneNo,ZipCode) VALUES
(SEQ_DistributorID.NEXTVAL,'Chanakya Toko','Golu
Kana','209 Conneticut Avenue','201-123-1290','30127');
/* End Insert Data into DISTRIBUTOR Table */
select * from distributor;
/* Start Insert Data into DVD_VIDEO Table */
INSERT INTO DVD_VIDEO
(DVDVideoID,MovieFormat,Price,MovieID,DistributorID)
VALUES (SEQ_DVDVideoID.NEXTVAL,'DVD',145,100,311);
INSERT INTO DVD_VIDEO
(DVDVideoID,MovieFormat,Price,MovieID,DistributorID)
VALUES (SEQ_DVDVideoID.NEXTVAL,'Video',200,100,311);
INSERT INTO DVD_VIDEO
(DVDVideoID,MovieFormat,Price,MovieID,DistributorID)
VALUES (SEQ_DVDVideoID.NEXTVAL,'Video',500,101,300);
INSERT INTO DVD_VIDEO
(DVDVideoID,MovieFormat,Price,MovieID,DistributorID)
VALUES (SEQ_DVDVideoID.NEXTVAL,'DVD',350,102,310);
INSERT INTO DVD_VIDEO
(DVDVideoID,MovieFormat,Price,MovieID,DistributorID)
VALUES (SEQ_DVDVideoID.NEXTVAL,'Video',219,111,309);
25. INSERT INTO DVD_VIDEO
(DVDVideoID,MovieFormat,Price,MovieID,DistributorID)
VALUES (SEQ_DVDVideoID.NEXTVAL,'DVD',672,110,304);
INSERT INTO DVD_VIDEO
(DVDVideoID,MovieFormat,Price,MovieID,DistributorID)
VALUES (SEQ_DVDVideoID.NEXTVAL,'DVD',901,108,307);
INSERT INTO DVD_VIDEO
(DVDVideoID,MovieFormat,Price,MovieID,DistributorID)
VALUES (SEQ_DVDVideoID.NEXTVAL,'Video',125,109,303);
INSERT INTO DVD_VIDEO
(DVDVideoID,MovieFormat,Price,MovieID,DistributorID)
VALUES (SEQ_DVDVideoID.NEXTVAL,'DVD',879,104,308);
INSERT INTO DVD_VIDEO
(DVDVideoID,MovieFormat,Price,MovieID,DistributorID)
VALUES (SEQ_DVDVideoID.NEXTVAL,'Video',210,105,302);
INSERT INTO DVD_VIDEO
(DVDVideoID,MovieFormat,Price,MovieID,DistributorID)
VALUES (SEQ_DVDVideoID.NEXTVAL,'DVD',190,106,305);
/* End Insert Data into DVD_VIDEO Table */
select * from dvd_video;
/* Start Insert Data into RENTAL Table */
INSERT INTO RENTAL
(RentID,CheckOutDate,CheckInDate,LateFee,DamageFee,Taxes
,CustomerID,DVDVideoID) VALUES
(SEQ_RentID.NEXTVAL,TO_DATE('05-JAN-18','DD-MM-
YY'),TO_DATE('28-FEB-18','DD-MM-YY'),25,0,2,215,400);
INSERT INTO RENTAL
26. (RentID,CheckOutDate,CheckInDate,LateFee,DamageFee,Taxes
,CustomerID,DVDVideoID) VALUES
(SEQ_RentID.NEXTVAL,TO_DATE('03-JAN-18','DD-MM-
YY'),TO_DATE('02-APR-18','DD-MM-YY'),10,0,3,200,410);
INSERT INTO RENTAL
(RentID,CheckOutDate,CheckInDate,LateFee,DamageFee,Taxes
,CustomerID,DVDVideoID) VALUES
(SEQ_RentID.NEXTVAL,TO_DATE('01-JAN-18','DD-MM-
YY'),TO_DATE('01-FEB-18','DD-MM-YY'),0,10,4,213,401);
INSERT INTO RENTAL
(RentID,CheckOutDate,CheckInDate,LateFee,DamageFee,Taxes
,CustomerID,DVDVideoID) VALUES
(SEQ_RentID.NEXTVAL,TO_DATE('15-JAN-18','DD-MM-
YY'),TO_DATE('17-FEB-18','DD-MM-YY'),14,0,5,214,402);
INSERT INTO RENTAL
(RentID,CheckOutDate,CheckInDate,LateFee,DamageFee,Taxes
,CustomerID,DVDVideoID) VALUES
(SEQ_RentID.NEXTVAL,TO_DATE('20-FEB-18','DD-MM-
YY'),TO_DATE('01-MAR-18','DD-MM-YY'),0,20,2,210,403);
INSERT INTO RENTAL
(RentID,CheckOutDate,CheckInDate,LateFee,DamageFee,Taxes
,CustomerID,DVDVideoID) VALUES
(SEQ_RentID.NEXTVAL,TO_DATE('19-FEB-18','DD-MM-
YY'),TO_DATE('03-MAR-18','DD-MM-YY'),0,0,3,209,405);
INSERT INTO RENTAL
(RentID,CheckOutDate,CheckInDate,LateFee,DamageFee,Taxes
,CustomerID,DVDVideoID) VALUES
(SEQ_RentID.NEXTVAL,TO_DATE('04-MAR-18','DD-MM-
YY'),TO_DATE('01-APR-18','DD-MM-YY'),0,6,3,208,404);
INSERT INTO RENTAL
27. (RentID,CheckOutDate,CheckInDate,LateFee,DamageFee,Taxes
,CustomerID,DVDVideoID) VALUES
(SEQ_RentID.NEXTVAL,TO_DATE('10-FEB-18','DD-MM-
YY'),TO_DATE('03-JAN-18','DD-MM-YY'),0,0,2,208,408);
INSERT INTO RENTAL
(RentID,CheckOutDate,CheckInDate,LateFee,DamageFee,Taxes
,CustomerID,DVDVideoID) VALUES
(SEQ_RentID.NEXTVAL,TO_DATE('03-MAR-18','DD-MM-
YY'),TO_DATE('05-APR-18','DD-MM-YY'),0,35,5,203,407);
INSERT INTO RENTAL
(RentID,CheckOutDate,CheckInDate,LateFee,DamageFee,Taxes
,CustomerID,DVDVideoID) VALUES
(SEQ_RentID.NEXTVAL,TO_DATE('04-MAR-18','DD-MM-
YY'),TO_DATE('04-APR-18','DD-MM-YY'),0,0,3,205,409);
INSERT INTO RENTAL
(RentID,CheckOutDate,CheckInDate,LateFee,DamageFee,Taxes
,CustomerID,DVDVideoID) VALUES
(SEQ_RentID.NEXTVAL,TO_DATE('07-MAR-18','DD-MM-
YY'),TO_DATE('08-APR-18','DD-MM-YY'),20,0,4,206,406);
INSERT INTO RENTAL
(RentID,CheckOutDate,CheckInDate,LateFee,DamageFee,Taxes
,CustomerID,DVDVideoID) VALUES
(SEQ_RentID.NEXTVAL,TO_DATE('07-MAR-18','DD-MM-
YY'),TO_DATE('08-APR-18','DD-MM-YY'),20,0,4,206,406);
/* End Insert Data into RENTAL Table */
select * from rental;
/* End Insert data into tables */
/* End Part2: DML SCRIPT */
rem Database Catalog/Data Dictionary Queries
/* Data dictionary query */
28. purge recyclebin;
select substr(object_name,1,20) as name, object_type, status
from user_objects;
commit;
SPOOL OFF;4) DDL-DML scripts output
Below is the DDL-DML script output for the Bankondji
database
SQL> set serveroutput on;
SQL> set linesize 200;
SQL> set pagesize 150;
SQL>
SQL> rem create user DBA responsible to create all objects and
manage BANKONDJI database
SQL> rem drop user DRAKE_XXX68
SQL> drop user DRAKE_XXX68 cascade;
drop user DRAKE_XXX68 cascade
*
ERROR at line 1:
ORA-01918: user 'DRAKE_XXX68' does not exist
SQL> create user DRAKE_XXX68 IDENTIFIED by
XXXha_dav1968;
User created.
SQL> grant RESOURCE TO DRAKE_XXX68;
Grant succeeded.
SQL> grant CREATE SESSION TO DRAKE1_XXX68;
Grant succeeded.
SQL> grant CONNECT TO DRAKE_XXX68;
Grant succeeded.
SQL> grant DBA to DRAKE_XXX68;
Grant succeeded.
SQL> GRANT UNLIMITED TABLESPACE TO
DRAKE_XXX68;
Grant succeeded.
SQL>
SQL> rem connect as DRAKE_XXX68 to create object of the
29. Bnakondji database.
SQL> connect DRAKE_XXX68/XXXha_dav1968 @orcl
Connected.
SQL>
SQL> /* Begin PART1: DDL SCRIPT */
SQL>
SQL> --1.Drop Statements for All Objects as needed
SQL> /* Start Drop tables triggers and sequences */
SQL>
SQL> /* Start Drop Tables */
SQL> DROP TABLE MOVIE CASCADE CONSTRAINTS;
DROP TABLE MOVIE CASCADE CONSTRAINTS
*
ERROR at line 1:
ORA-00942: table or view does not exist
SQL> DROP TABLE CUSTOMER CASCADE CONSTRAINTS;
DROP TABLE CUSTOMER CASCADE CONSTRAINTS
*
ERROR at line 1:
ORA-00942: table or view does not exist
SQL> DROP TABLE DISTRIBUTOR CASCADE
CONSTRAINTS;
DROP TABLE DISTRIBUTOR CASCADE CONSTRAINTS
*
ERROR at line 1:
ORA-00942: table or view does not exist
SQL> DROP TABLE DVD_VIDEO CASCADE
CONSTRAINTS;
DROP TABLE DVD_VIDEO CASCADE CONSTRAINTS
*
ERROR at line 1:
ORA-00942: table or view does not exist
SQL> DROP TABLE RENTAL CASCADE CONSTRAINTS;
DROP TABLE RENTAL CASCADE CONSTRAINTS
*
ERROR at line 1:
30. ORA-00942: table or view does not exist
SQL> /* End drop Tables */
SQL>
SQL> /* Start drop Sequences */
SQL> DROP SEQUENCE SEQ_MovieID;
DROP SEQUENCE SEQ_MovieID
*
ERROR at line 1:
ORA-02289: sequence does not exist
SQL> DROP SEQUENCE SEQ_CustomerID;
DROP SEQUENCE SEQ_CustomerID
*
ERROR at line 1:
ORA-02289: sequence does not exist
SQL> DROP SEQUENCE SEQ_DistributorID;
DROP SEQUENCE SEQ_DistributorID
*
ERROR at line 1:
ORA-02289: sequence does not exist
SQL> DROP SEQUENCE SEQ_DVDVideoID;
DROP SEQUENCE SEQ_DVDVideoID
*
ERROR at line 1:
ORA-02289: sequence does not exist
SQL> DROP SEQUENCE SEQ_RentID;
DROP SEQUENCE SEQ_RentID
*
ERROR at line 1:
ORA-02289: sequence does not exist
SQL> /* End drop sequences */
SQL>
SQL> /* Start drop Triggers */
SQL> --DROP TRIGGER MOVIE_TRG;
SQL> --DROP TRIGGER CUSTOMER_TRG;
SQL> --DROP TRIGGER DISTRIBUTOR_TRG;
SQL> --DROP TRIGGER DVDVIDEO_TRG;
31. SQL> --DROP TRIGGER RENTAL_TRG;
SQL> /* End drop triggers */
SQL>
SQL> /* End drop tables sequences and triggers */
SQL>
SQL>
SQL> --2.Create/Alter Statements for All Tables and
Constraints
SQL>
SQL> /* Create Tables */
SQL>
SQL> CREATE TABLE MOVIE (
2 MovieID NUMBER(10) PRIMARY KEY,
3 MovieTitle VARCHAR(40),
4 Duration NUMBER(2),
5 Rating NUMBER(3),
6 YearReleased NUMBER(4)
7 );
Table created.
SQL>
SQL> describe MOVIE;
Name
Null? Type
--------------------------------------------------------------------------
--------------------------------------- -------- --------------------------
--------------------------------------------------
MOVIEID
NOT NULL NUMBER(10)
MOVIETITLE
VARCHAR2(40)
DURATION
NUMBER(2)
RATING
NUMBER(3)
YEARRELEASED
NUMBER(4)
36. 3 increment by 1;
Sequence created.
SQL>
SQL> CREATE SEQUENCE SEQ_DVDVideoID
2 start with 400
3 increment by 1;
Sequence created.
SQL>
SQL> CREATE SEQUENCE SEQ_RentID
2 start with 500
3 increment by 1;
Sequence created.
SQL>
SQL>
SQL> --6. Add Auditing Columns to All Tables
SQL> /* Add audit columns to tables */
SQL>
SQL> --Add Audit column on MOVIE table
SQL> ALTER TABLE MOVIE ADD
2 ( CREATED_BY VARCHAR2(30),
3 DATE_CREATED DATE,
4 MODIFIED_BY VARCHAR2(30),
5 DATE_MODIFIED DATE
6 );
Table altered.
SQL>
SQL> --Add Audit column to CUSTOMER table
SQL> ALTER TABLE CUSTOMER ADD
2 ( CREATED_BY VARCHAR2(30),
3 DATE_CREATED DATE,
4 MODIFIED_BY VARCHAR2(30),
5 DATE_MODIFIED DATE
6 );
Table altered.
SQL>
37. SQL> --Add Audit column to DISTRIBUTOR table
SQL> ALTER TABLE DISTRIBUTOR ADD
2 ( CREATED_BY VARCHAR2(30),
3 DATE_CREATED DATE,
4 MODIFIED_BY VARCHAR2(30),
5 DATE_MODIFIED DATE
6 );
Table altered.
SQL>
SQL> --Add Audit column to DVD_VIDEO table
SQL> ALTER TABLE DVD_VIDEO ADD
2 ( CREATED_BY VARCHAR2(30),
3 DATE_CREATED DATE,
4 MODIFIED_BY VARCHAR2(30),
5 DATE_MODIFIED DATE
6 );
Table altered.
SQL>
SQL> --Add Audit column to RENTAL table
SQL> ALTER TABLE RENTAL ADD
2 ( CREATED_BY VARCHAR2(30),
3 DATE_CREATED DATE,
4 MODIFIED_BY VARCHAR2(30),
5 DATE_MODIFIED DATE
6 );
Table altered.
SQL>
SQL>
SQL> --7.Create Triggers on surrogate keys of the five tables
SQL> /* Start Create triggers */
SQL> --MOVIE Table
SQL> --This trigger populates surrogate key and audit column
with appropriate values
SQL> CREATE OR REPLACE TRIGGER MOVIE_TRG
2 BEFORE INSERT OR UPDATE ON MOVIE
38. 3 FOR EACH ROW
4 BEGIN
5 --USE SURROGATE KEY
6 IF :NEW.MovieID IS NULL THEN
7 :NEW.MovieID := SEQ_MOVIEID.NEXTVAL;
8 END IF;
9 IF INSERTING THEN
10 IF :NEW.CREATED_BY IS NULL THEN
:NEW.CREATED_BY :=USER; END IF;
11 IF :NEW.DATE_CREATED IS NULL THEN
:NEW.DATE_CREATED := SYSDATE; END IF;
12 END IF;
13 IF INSERTING OR UPDATING THEN
14 IF :NEW.MODIFIED_BY IS NULL THEN
:NEW.MODIFIED_BY := USER; END IF;
15 IF :NEW.DATE_MODIFIED IS NULL THEN
:NEW.DATE_MODIFIED := SYSDATE; END IF;
16 END IF;
17 END;
18 /
Trigger created.
SQL>
SQL> --CUSTOMER Table
SQL> --This trigger populates surrogate key and audit column
with appropriate values
SQL> CREATE OR REPLACE TRIGGER CUSTOMER_TRG
2 BEFORE INSERT OR UPDATE ON CUSTOMER
3 FOR EACH ROW
4 BEGIN
5 --USE SURROGATE KEY
6 IF :NEW.CustomerID IS NULL THEN
7 :NEW.CustomerID := SEQ_CustomerID.NEXTVAL;
8 END IF;
9 IF INSERTING THEN
10 IF :NEW.CREATED_BY IS NULL THEN
:NEW.CREATED_BY :=USER; END IF;
39. 11 IF :NEW.DATE_CREATED IS NULL THEN
:NEW.DATE_CREATED := SYSDATE; END IF;
12 END IF;
13 IF INSERTING OR UPDATING THEN
14 IF :NEW.MODIFIED_BY IS NULL THEN
:NEW.MODIFIED_BY := USER; END IF;
15 IF :NEW.DATE_MODIFIED IS NULL THEN
:NEW.DATE_MODIFIED := SYSDATE; END IF;
16 END IF;
17 END;
18 /
Trigger created.
SQL>
SQL> --DSITRIBUTOR Table
SQL> --This trigger populates surrogate key and audit column
with appropriate values
SQL> CREATE OR REPLACE TRIGGER DISTRIBUTOR_TRG
2 BEFORE INSERT OR UPDATE ON DISTRIBUTOR
3 FOR EACH ROW
4 BEGIN
5 --USE SURROGATE KEY
6 IF :NEW.DistributorID IS NULL THEN
7 :NEW.DistributorID := SEQ_DistributorID.NEXTVAL;
8 END IF;
9 IF INSERTING THEN
10 IF :NEW.CREATED_BY IS NULL THEN
:NEW.CREATED_BY := USER; END IF;
11 IF :NEW.DATE_CREATED IS NULL THEN
:NEW.DATE_CREATED := SYSDATE; END IF;
12 END IF;
13 IF INSERTING OR UPDATING THEN
14 IF :NEW.MODIFIED_BY IS NULL THEN
:NEW.MODIFIED_BY := USER; END IF;
15 IF :NEW.DATE_MODIFIED IS NULL THEN
:NEW.DATE_MODIFIED := SYSDATE; END IF;
16 END IF;
40. 17 END;
18 /
Trigger created.
SQL>
SQL> --DVD_VIDEO Table
SQL> --This trigger populates surrogate key and audit column
with appropriate values
SQL> CREATE OR REPLACE TRIGGER DVDVIDEO_TRG
2 BEFORE INSERT OR UPDATE ON DVD_VIDEO
3 FOR EACH ROW
4 BEGIN
5 --USE SURROGATE KEY
6 IF :NEW.DVDVideoID IS NULL THEN
7 :NEW.DVDVideoID := SEQ_DVDVideoID.NEXTVAL;
8 END IF;
9 IF INSERTING THEN
10 IF :NEW.CREATED_BY IS NULL THEN
:NEW.CREATED_BY := USER; END IF;
11 IF :NEW.DATE_CREATED IS NULL THEN
:NEW.DATE_CREATED := SYSDATE; END IF;
12 END IF;
13 IF INSERTING OR UPDATING THEN
14 IF :NEW.MODIFIED_BY IS NULL THEN
:NEW.MODIFIED_BY := USER; END IF;
15 IF :NEW.DATE_MODIFIED IS NULL THEN
:NEW.DATE_MODIFIED := SYSDATE; END IF;
16 END IF;
17 END;
18 /
Trigger created.
SQL>
SQL> --RENTAL Table
SQL> --This trigger populates surrogate key and audit column
with appropriate values
SQL> CREATE OR REPLACE TRIGGER RENTAL_TRG
41. 2 BEFORE INSERT OR UPDATE ON RENTAL
3 FOR EACH ROW
4 BEGIN
5 --USE SURROGATE KEY
6 IF :NEW.RentID IS NULL THEN
7 :NEW.RentID := SEQ_RentID.NEXTVAL;
8 END IF;
9 IF INSERTING THEN
10 IF :NEW.CREATED_BY IS NULL THEN
:NEW.CREATED_BY := USER; END IF;
11 IF :NEW.DATE_CREATED IS NULL THEN
:NEW.DATE_CREATED := SYSDATE; END IF;
12 END IF;
13 IF INSERTING OR UPDATING THEN
14 IF :NEW.MODIFIED_BY IS NULL THEN
:NEW.MODIFIED_BY := USER; END IF;
15 IF :NEW.DATE_MODIFIED IS NULL THEN
:NEW.DATE_MODIFIED := SYSDATE; END IF;
16 END IF;
17 END;
18 /
Trigger created.
SQL> /* End Create triggers */
SQL> /* End PART1: DDL SCRIPT */
SQL>
SQL>
SQL> /* Begin Part2: DML SCRIPT */
SQL> /* Start Insert data into tables */
SQL>
SQL> /* Start Insert DATA Into MOVIE Table */
SQL> INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased) VALUES
(SEQ_MOVIEID.NEXTVAL,'Terikassam',2,70,1970);
1 row created.
SQL>
SQL> INSERT INTO MOVIE
42. (MovieID,MovieTitle,Duration,Rating,YearReleased) VALUES
(SEQ_MOVIEID.NEXTVAL,'Cinq Pour
Lenfer',3,80,2010);
1 row created.
SQL>
SQL> INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased) VALUES
(SEQ_MOVIEID.NEXTVAL,'Le Proces',2,90,1980);
1 row created.
SQL>
SQL> INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased) VALUES
(SEQ_MOVIEID.NEXTVAL,'La Companie
Creole',4,50,2003);
1 row created.
SQL>
SQL> INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased) VALUES
(SEQ_MOVIEID.NEXTVAL,'Grand
Canion',3,80,1978);
1 row created.
SQL>
SQL> INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased) VALUES
(SEQ_MOVIEID.NEXTVAL,'BaoBali',1,90,1983);
1 row created.
SQL>
SQL> INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased) VALUES
(SEQ_MOVIEID.NEXTVAL,'Titanic',3,95,1968);
1 row created.
SQL>
SQL> INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased) VALUES
(SEQ_MOVIEID.NEXTVAL,'Ready Player
One',4,50,2004);
43. 1 row created.
SQL>
SQL> INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased) VALUES
(SEQ_MOVIEID.NEXTVAL,'Black
Panther',3,60,2012);
1 row created.
SQL>
SQL> INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased) VALUES
(SEQ_MOVIEID.NEXTVAL,'Khushi',2,85,1965);
1 row created.
SQL>
SQL> INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased) VALUES
(SEQ_MOVIEID.NEXTVAL,'Idiots',4,75,1992);
1 row created.
SQL>
SQL> INSERT INTO MOVIE
(MovieID,MovieTitle,Duration,Rating,YearReleased) VALUES
(SEQ_MOVIEID.NEXTVAL,'Trois Idiots',3,78,2002);
1 row created.
SQL> /* End Insert DATA Into MOVIE TABLE */
SQL>
SQL> select * from movie;
MOVIEID MOVIETITLE DURATION
RATING YEARRELEASED CREATED_BY
DATE_CREA MODIFIED_BY DATE_MODI
---------- ---------------------------------------- ---------- ---------- --
---------- ------------------------------ --------- -----------------------
------- ---------
100 Terikassam 2 70
1970 DRAKE_XXX68 23-APR-19
DRAKE_XXX68 23-APR-19
101 Cinq Pour Lenfer 3 80
63. INDEX VALID
CUSTOMER
TABLE VALID
MOVIE
TABLE VALID
SYS_C0013022
INDEX VALID
DISTRIBUTOR
TABLE VALID
SYS_C0013023
INDEX VALID
DVD_VIDEO
TABLE VALID
SYS_C0013024
INDEX VALID
RENTAL
TABLE VALID
SYS_C0013027
INDEX VALID
SEQ_MOVIEID
SEQUENCE VALID
SEQ_CUSTOMERID
SEQUENCE VALID
SEQ_DISTRIBUTORID
SEQUENCE VALID
SEQ_DVDVIDEOID
SEQUENCE VALID
SEQ_RENTID
SEQUENCE VALID
MOVIE_TRG
TRIGGER VALID
CUSTOMER_TRG
TRIGGER VALID
DISTRIBUTOR_TRG
TRIGGER VALID
DVDVIDEO_TRG
64. TRIGGER VALID
RENTAL_TRG
TRIGGER VALID
20 rows selected.
SQL> commit;
Commit complete.
SQL> SPOOL OFF;5) Database Security 5.1) Security Plan
The BANKONDJ database is a small database with only four
group of users : the Designer and Manager of the
database(DBA), the Store Manager who manages the
BANKONDJI store, the Accountant who oversees the finances
of BANKONDJI store and the customers who rent
DVDs/VIDEOP from the BANKONDJI store. There is of course
network and server security that is required but these are out of
scope of this document. Most of the data in the database is not
classified or confidenXXXl but there is some information such
as the customers’ phone numbers and mailing addresses that is
private. Also, customer’s rental information is quite sensitive as
it includes fees paid by customers. Because of this personal and
sensitive information, the security plan for this database
includes ensuring only authorized users can connect to the
database and that the rule of least privileges is applied when
granting privileges on the database objects.5.2) Security
Policies
In order to support the security plan, the security policy for this
database includes four main components: the use of roles, the
use of views when appropriate for controlling access to the data
and granting of privileges to view and table objects based on the
rule of least privileges, the use of Virtual Private Database
(VPD) to control access to data when external users
(Customers) access the database. DBA will be responsible for
creating the appropriate database roles, which will be granted
permissions to the database tables and/or views as appropriate
to perform the associated job functions. DBA will also be
responsible for creating new user accounts and passwords,
65. which must meet the approved username and password rules
outlined below :
· User Names must be at least six characters long and include at
least one uppercase letter and one number
· Passwords must be at least eight characters long, include one
uppercase letter and one number.
· Users will be required to change their passwords at least once
every 60 days.
Users will be granted create session privileges in order to be
able to connect to the database and then will be assigned to the
role that aligns with their job function. Since this is a small
database within a small company, the DBA is the one that
creates the tables and therefore as the owner, they are the only
one that can delete records from any of the tables.5.3) Security
Procedures
5.3.1) Users and roles definition.
The following tables, views, users and roles have been
identified:
TABLES
Table Name
Table Description
MOVIE
Stores Information on Movies
CUSTOMER
Stores information on CUSTOMERS
DISTRIBUTOR
Stores information on DISTRIBUTORS
DVD_VIDEO
Stores information on media format
RENTAL
Stores information on Movies that are rented out
VIEWS
View Name
View Description
66. VW_MOVIE
Displays basic MOVIE information without audit columns
VW_CUSTOMER_ZIPCODE_20878
displays information on customers who live in zipcode 20878
excluding audit column
VW_CUSTOMER_RENTAL
displays customer information in CUSTOMER and RENTAL
tables
VW_CUSTOMERS_WITH_NO_LATE_FEES
displays all the customers (without the audit columns)
rem that did not pay late fees for the movies they rented
VW_CUSTOMERS_WITH_NO_LATE_FEES_AND_MORE_TH
AN_3_DOLlARS_TAXES
displays all the customers
rem (without the audit culumns)that did not pay fees for the
movies they rented
rem and who payed more than three dollars ($3) for tax
USERS
User Name
User Role
DRAKE_XXX68
Designer and Manager of the database(DBA)
NESTOR_den65
Store Manager
CAROLE_cie83
Accountant
SAMARIA_mon12
Customer
DYLANE_sec18
Security Manager
JUNIOR_XXX10
Customer
ROLES
Role Name
67. Role Function
database manager _role
DBA
Store_manager_role
accesses all tables of the database and create reports.
accountant_role
beside accessing all tables of the database and creating reports,
should be able to carry out updates in the RENTAL table
customer_role
customers should be able to view only their records in
CUSTOMER and RENTAL tables
Access Matrix
DATABASE OBJECTS/USERS
DRAKE_XXX68
NESTOR_den65
CAROLE_cie83
SAMARIA_mon12
JUNIOR_XXX10
MOVIE
I,S,U,D
S
S
Will Access records through VPD
Will Access records through VPD
CUSTOMER
I,S,U,D
S
S
Will Access records through VPD
Will Access records through VPD
68. DISTRIBUTOR
I,S,U,D
S
S
Will Access records through VPD
Will Access records through VPD
DVD_VIDEO
I,S,U,D
S
S
Will Access records through VPD
Will Access records through VPD
RENTAL
I,S,U,D
S
S,I,U
Will Access records through VPD
Will Access records through VPD
VW_MOVIE
I,S,U,D
S
Will Access records through VPD
Will Access records through VPD
VW_CUSTOMER_ZIPCODE_20878
I,S,U,D
S
Will Access records through VPD
Will Access records through VPD
VW_CUSTOMER_RENTAL
I,S,U,D
S
Will Access records through VPD
Will Access records through VPD
69. VW_CUSTOMERS_WITH_NO_LATE_FEES
I,S,U,D
S
Will Access records through VPD
Will Access records through VPD
VW_CUSTOMERS_WITH_NO_LATE_FEES_AND_MORE_TH
AN_3_DOLlARS_TAXES
I,S,U,D
S
Will Access records through VPD
Will Access records through VPD
5.4) Security_Procedures_Script
rem connect to oracle database as sysdba: sqlplus
sys/[email protected]:1521/orcl as sysdba
SPOOL DBST668_PROJECT_DATABASE_SECURITY.log;
set echo on;
set serveroutput on;
set linesize 250;
set pagesize 150;
rem conneect as DBA to implement the security protion of the
project
shwo user
connect DRAKE_XXX68/XXXha_dav1968 @orcl;
rem Below are other users that should be able to connect to the
database
--connect DYLANE_sec18/[email protected];
--connect SAMARIA_mon12/[email protected];
--connect JUNIOR_XXX10/[email protected];
--connect NESTOR_den65/[email protected];
--connect CAROLE_cie83/[email protected];
70. /* Begin Part1:Database security Script */
/* Beging Create Database users,sessions and roles */
rem the DBA user has already been created and all roles and
privileges granted.
rem Ndeni Nestor is the store manager
rem Carole Ciewe is the accountant
rem Samaria Monthe is a customer
rem Junior Ndeni is a customer
rem Dylane is the security manager
rem drop all users
drop user NESTOR_den65;
drop user CAROLE_XXX83;
drop user SAMARIA_mon12;
drop user JUNIOR_XXX10;
drop user DYLANE_sec18;
rem create users
create user NESTOR_den65 IDENTIFIED BY NDENI_nes1965;
create user CAROLE_XXX83 IDENTIFIED BY
CIEWE_car1983;
create user SAMARIA_mon12 IDENTIFIED BY
MONTHE_sam2012;
create user JUNIOR_XXX10 IDENTIFIED BY
XXXHA_jun2010;
create user DYLANE_sec18 IDENTIFIED BY
CHOKO_dyl2018;
rem grant create session to users
grant create session to NESTOR_den65;
grant create session to CAROLE_XXX83;
grant create session to SAMARIA_mon12;
grant create session to JUNIOR_XXX10;
71. grant create session to DYLANE_sec18;
rem Begin create roles
drop role store_manager_role;
drop role accountant_role;
drop role customer_role;
create role store_manager_role;
create role accountant_role;
create role customer_role;
rem grant priviledge to roles on objects
rem store_manager_role
grant select on MOVIE to store_manager_role;
grant select on CUSTOMER to store_manager_role;
grant select on DISTRIBUTOR to store_manager_role;
grant select on DVD_VIDEO to store_manager_role;
grant select on RENTAL to store_manager_role;
rem accountant_role
grant select on CUSTOMER to accountant_role;
grant select on DISTRIBUTOR to accountant_role;
grant select on DVD_VIDEO to accountant_role;
grant select on RENTAL to accountant_role;
grant select on MOVIE to accountant_role;
grant insert on RENTAL to accountant_role;
grant update on RENTAL to accountant_role;
rem Begin grant role to users
rem Store Manager
grant store_manager_role to NESTOR_den65;
rem Accountant
grant accountant_role to CAROLE_XXX83;
rem Customers.
72. grant customer_role to SAMARIA_mon12;
grant customer_role to JUNIOR_XXX10;
/* End Create Database users,sessions and roles */
/* Begin Create view for database security and grant appropriate
privilege to the appropriate roles */
rem drop all views if they exist
drop view VW_MOVIE;
drop view VW_CUSTOMER_ZIPCODE_20878;
drop view VW_CUSTOMERS_WITH_NO_LATE_FEES;
drop view
VW_CUSTOMERS_WITH_NO_LATE_FEES_AND_MORE_TH
AN_3_DOLlARS_TAXES;
rem Create view to display basic MOVIE information without
audit columns
CREATE OR REPLACE VIEW VW_MOVIE AS
SELECT MovieID, MovieTitle, Duration, Rating, YearReleased
FROM MOVIE;
rem Create view to display information on customers who live
in zip code 20878 excluding audit column
CREATE OR REPLACE VIEW
VW_CUSTOMER_ZIPCODE_20878 AS
SELECT
CustomerID,FirstName,LastName,StreetAddress,PhoneNo,ZipC
ode FROM CUSTOMER
WHERE ZipCode='20878';
rem create VW_CUSTOMERS_WITH_NO_LATE_FEES view
that displays all the customers (without the audit columns)
rem that did not pay late fees for the movies they rented
CREATE OR REPLACE VIEW
VW_CUSTOMERS_WITH_NO_LATE_FEES AS
select
73. A.CUSTOMERID,A.FIRSTNAME,A.LASTNAME,A.STREETA
DDRESS,A.PHONENO,A.ZIPCODE from customer A
join rental b on b.CUSTOMERID=A.CUSTOMERID
where b.LATEFEE=0;
rem create
VW_CUSTOMERS_WITH_NO_LATE_FEES_AND_MORE_TH
AN_3_DOLlARS_TAXES that displays all the customers
rem (without the audit culumns)that did not pay fees for the
movies they rented
rem and who payed more than three dollars ($3) for tax
CREATE OR REPLACE VIEW
VW_CUSTOMERS_WITH_NO_LATE_FEES_AND_MORE_TH
AN_3_DOLlARS_TAXES AS
select
A.CUSTOMERID,A.FIRSTNAME,A.LASTNAME,A.STREETA
DDRESS,A.PHONENO,A.ZIPCODE from customer A
join rental b on b.CUSTOMERID=A.CUSTOMERID
where b.DAMAGEFEE=0
and b.TAXES>3;
rem grant select on the view created above to accountant_role;
grant select on VW_MOVIE to accountant_role;
grant select on VW_CUSTOMER_ZIPCODE_20878 to
accountant_role;
grant select on VW_CUSTOMERS_WITH_NO_LATE_FEES to
accountant_role;
grant select on
VW_CUSTOMERS_WITH_NO_LATE_FEES_AND_MORE_TH
AN_3_DOLlARS_TAXES to accountant_role;
/* End Create view for database security and grant appropriate
privilege to the appropriate roles */
/* Beging create Virtual Private Database to allow Customers to
74. view their records in CUSTOMER and RENTAL tables */
rem connect as sysdba and EXECUTE ON DBMS_RLS TO THE
DBA (DRAKE_XXX68)
connect sys/[email protected]:1521/orcl as sysdba;
grant execute on dbms_rls to DRAKE_XXX68;
rem connect as DRAKE_XXX68 to create the VPD
connect DRAKE_XXX68/XXXha_dav1968 @orcl;
rem create the access policy table
drop table ACCESS_POLICY;
CREATE TABLE ACCESS_POLICY
( AM_NAME VARCHAR2(20) NOT NULL,
CUSTOMERID NUMBER NOT NULL,
ACCESS_TYPE CHAR(1) NOT NULL);
rem create the access right by loading the access policy table.
INSERT INTO ACCESS_POLICY VALUES
('SAMARIA_mon12', 203, 'S');
INSERT INTO ACCESS_POLICY VALUES
('JUNIOR_XXX10', 200, 'S');
rem Show the values from the the access policy table just
created.
SELECT * FROM ACCESS_POLICY;
rem As DRAKE_XXX68, create a policy function
rem THE POLICY CHECKS TO SEE IF THE USER
EXECUTING THE FUNCTION IS IN THE TABLE.
rem THIS FUNCTION RETURNS THE USERS THAT HAVE
THE RIGHT TO SELECT CUSTOMER INFORMATION in the
VW_CUSTOMER_RENTAL view.
75. create or replace function get_sel_customerid (p_schema in
varchar2, p_table in varchar2)
return varchar2
as l_retstr varchar2(2000);
begin
if (p_schema = user) then
l_retstr := null;
else
for cust_rec in
(
select customerid
from access_policy
where am_name = USER
and access_type = 'S'
) loop
l_retstr := l_retstr||','||cust_rec.customerid;
end loop;
l_retstr := ltrim(l_retstr,',');
l_retstr := 'CUSTOMERID IN ('||l_retstr||')';
end if;
return l_retstr;
end;
/
rem Start create the view on which the fucntion will be applied
rem create CUSTOMER view that displays customer
information in CUSTOMER and RENTAL tables
drop view VW_CUSTOMER_RENTAL;
CREATE OR REPLACE VIEW VW_CUSTOMER_RENTAL
AS
select a.CustomerID, a.FirstName, a.LastName,
a.StreetAddress, a.PhoneNo, a.ZipCode,
b.RentID, b.CheckOutDate, b.CheckInDate, b.LateFee,
b.DamageFee, b.Taxes from customer a
76. join rental b on b.CustomerID=a.CustomerID;
rem as DRAKE_XXX68 grant select privilege on
VW_CUSTOMER_RENTAL view to customer_role
grant select on VW_CUSTOMER_RENTAL to customer_role;
rem ADD POLICY FUNCTION
rem connect as security manager (DYLANE_sec18) in order to
the policy fucntion using the DBMS RLS Function
rem This operation connects the policy (cust_sle_policy) to the
view (DRAKE1_XXX68.VW_CUSTOMER_RENTAL) with a
function that returns the information needed in the where
clause.
rem We should keep in mind that this is the policy that applies
on who may perform the select operation.
begin
dbms_rls.add_policy (
object_schema => 'DRAKE_XXX68',
object_name => 'VW_CUSTOMER_RENTAL',
policy_name => 'CUST_SEL_POLICY',
function_schema => 'DRAKE_XXX68',
policy_function => 'GET_SEL_CUSTOMERID',
statement_types => 'SELECT',
update_check => TRUE
);
end;
/
/* End create Virtual Private Database to allow Customers to
view their records in CUSTOMER and RENTAL tables */
/* Start Part2: Test Database security Script */
rem connect as store manager and issue select commands on all
the tables.
connect NESTOR_den65/[email protected];
77. select * from DRAKE_XXX68.MOVIE;
select * from DRAKE_XXX68.CUSTOMER;
select * from DRAKE_XXX68.DISTRIBUTOR;
select * from DRAKE_XXX68.DVD_VIDEO;
select * from DRAKE_XXX68.RENTAL;
rem check that the store maneger cannot see any view
select * from DRAKE_XXX68.VW_MOVIE;
select * from
DRAKE_XXX68.VW_CUSTOMER_ZIPCODE_20878;
select * from DRAKE_XXX68.VW_CUSTOMER_RENTAL;
select * from
DRAKE_XXX68.VW_CUSTOMERS_WITH_NO_LATE_FEES;
select * from
DRAKE_XXX68.VW_CUSTOMERS_WITH_NO_LATE_FEES_
AND_MORE_THAN_3_DOLlARS_TAXES;
rem connect as accountant (CAROLE_XXX83) and verify that
all views are acessible
rem note: accountant_role has been granted select privilege on
these views and the role has been granted to the user
CAROLE_cie83
rem the user should be able to access all the views.
connect CAROLE_XXX83/[email protected];
select * from DRAKE_XXX68.VW_MOVIE;
select * from
DRAKE_XXX68.VW_CUSTOMER_ZIPCODE_20878;
select * from
DRAKE_XXX68.VW_CUSTOMERS_WITH_NO_LATE_FEES;
select * from
DRAKE_XXX68.VW_CUSTOMERS_WITH_NO_LATE_FEES_
AND_MORE_THAN_3_DOLlARS_TAXES;
rem as accounter issue update command on the RENTAL table
update DRAKE_XXX68.RENTAL
set latefee=30
78. where customerid=215;
rollback;
rem connect as customer SAMARIA (MARIA_mon12) and issue
select command on the VW_CUSTOMER_RENTAL view.
rem the user should be able to see only his record in the view.
connect SAMARIA_mon12/[email protected];
select * from DRAKE_XXX68.VW_CUSTOMER_RENTAL
/* End Part2: Test Database security Script */
spool off;
/* End Part2: Test Database security Script */
5.5) Security_Procedures_Script_output
SQL> set echo on;
SQL> set serveroutput on;
SQL> set linesize 250;
SQL> set pagesize 150;
SQL>
SQL> rem conneect as DBA to implement the security protion
of the project
SQL> show user
USER is "SYS"
SQL> connect DRAKE_XXX68/XXXha_dav1968 @orcl;
Connected.
SQL> nect DRAKE_XXX68/XXXha_dav1968 @orcl;
SP2-0734: unknown command beginning "nect DRAKE..." - rest
of line ignored.
SQL>
SQL> rem Below are other users that should be able to connect
to the database
SQL> --connect DYLANE_sec18/[email protected];
SQL> --connect SAMARIA_mon12/[email protected];
SQL> --connect JUNIOR_XXX10/[email protected];
SQL> --connect NESTOR_den65/[email protected];
SQL> --connect CAROLE_cie83/[email protected];
SQL>
SQL>
79. SQL>
SQL>
SQL> /* Begin Part1:Database security Script */
SQL>
SQL> /* Beging Create Database users,sessions and roles */
SQL> rem the DBA user has already been created and all roles
and privileges granted.
SQL> rem Ndeni Nestor is the store manager
SQL> rem Carole Ciewe is the accountant
SQL> rem Samaria Monthe is a customer
SQL> rem Junior Ndeni is a customer
SQL> rem Dylane is the security manager
SQL>
SQL> rem drop all users
SQL> drop user NESTOR_den65;
User dropped.
SQL> drop user CAROLE_cie83;
drop user CAROLE_cie83
*
ERROR at line 1:
ORA-01918: user 'CAROLE_CIE83' does not exist
SQL> drop user SAMARIA_mon12;
User dropped.
SQL> drop user JUNIOR_XXX10;
User dropped.
SQL> drop user DYLANE_sec18;
User dropped.
80. SQL> drop user CAROLE_XXX83;
User dropped.
SQL>
SQL> rem create users
SQL> create user NESTOR_den65 IDENTIFIED BY
NDENI_nes1965;
User created.
SQL> create user CAROLE_XXX83 IDENTIFIED BY
CIEWE_car1983;
User created.
SQL> create user SAMARIA_mon12 IDENTIFIED BY
MONTHE_sam2012;
User created.
SQL> create user JUNIOR_XXX10 IDENTIFIED BY
XXXHA_jun2010;
User created.
SQL> create user DYLANE_sec18 IDENTIFIED BY
CHOKO_dyl2018;
User created.
SQL>
SQL> rem grant create session to users
SQL> grant create session to NESTOR_den65;
81. Grant succeeded.
SQL> grant create session to CAROLE_XXX83;
Grant succeeded.
SQL> grant create session to SAMARIA_mon12;
Grant succeeded.
SQL> grant create session to JUNIOR_XXX10;
Grant succeeded.
SQL> grant create session to DYLANE_sec18;
Grant succeeded.
SQL>
SQL>
SQL> rem Begin create roles
SQL> drop role store_manager_role;
Role dropped.
SQL>
SQL> drop role accountant_role;
Role dropped.
SQL> drop role customer_role;
Role dropped.
SQL>
SQL>
82. SQL> rem Begin create roles
SQL> drop role store_manager_role;
drop role store_manager_role
*
ERROR at line 1:
ORA-01919: role 'STORE_MANAGER_ROLE' does not exist
SQL> drop role accountant_role;
drop role accountant_role
*
ERROR at line 1:
ORA-01919: role 'ACCOUNTANT_ROLE' does not exist
SQL> drop role customer_role;
drop role customer_role
*
ERROR at line 1:
ORA-01919: role 'CUSTOMER_ROLE' does not exist
SQL>
SQL> create role store_manager_role;
Role created.
SQL> create role accountant_role;
Role created.
SQL> create role customer_role;
Role created.
SQL> rem grant priviledge to roles on objects
83. SQL> rem store_manager_role
SQL>
SQL> grant select on MOVIE to store_manager_role;
Grant succeeded.
SQL> grant select on CUSTOMER to store_manager_role;
Grant succeeded.
SQL> grant select on DISTRIBUTOR to store_manager_role;
Grant succeeded.
SQL> grant select on DVD_VIDEO to store_manager_role;
Grant succeeded.
SQL> grant select on RENTAL to store_manager_role;
Grant succeeded.
SQL>
SQL>
SQL> rem accountant_role
SQL> grant select on CUSTOMER to accountant_role;
Grant succeeded.
SQL> grant select on DISTRIBUTOR to accountant_role;
Grant succeeded.
SQL> grant select on DVD_VIDEO to accountant_role;
Grant succeeded.
84. SQL> grant select on RENTAL to accountant_role;
Grant succeeded.
SQL> grant select on MOVIE to accountant_role;
Grant succeeded.
SQL> grant insert on RENTAL to accountant_role;
Grant succeeded.
SQL> grant update on RENTAL to accountant_role;
Grant succeeded.
SQL>
SQL> rem Begin grant role to users
SQL> rem Store Manager
SQL> grant store_manager_role to NESTOR_den65;
Grant succeeded.
SQL>
SQL> rem Accountant
SQL> grant accountant_role to CAROLE_XXX83;
Grant succeeded.
SQL> rem Customers.
SQL> grant customer_role to SAMARIA_mon12;
Grant succeeded.
SQL> grant customer_role to JUNIOR_XXX10;
85. Grant succeeded.
SQL> /* End Create Database users,sessions and roles */
SQL> /* Begin Create view for database security and grant
appropriate privilege to the appropriate roles */
SQL> rem drop all views if they exist
SQL> drop view VW_MOVIE;
View dropped.
SQL> drop view VW_CUSTOMER_ZIPCODE_20878;
View dropped.
SQL> drop view VW_CUSTOMERS_WITH_NO_LATE_FEES;
View dropped.
SQL> drop view
VW_CUSTOMERS_WITH_NO_LATE_FEES_AND_MORE_TH
AN_3_DOLlARS_TAXES;
View dropped.
SQL>
SQL> rem Create view to display basic MOVIE information
without audit columns
SQL> CREATE OR REPLACE VIEW VW_MOVIE AS
2 SELECT MovieID, MovieTitle, Duration, Rating,
YearReleased FROM MOVIE;
View created.
SQL>
SQL> rem Create view to display information on customers who
86. live in zip code 20878 excluding audit column
SQL> CREATE OR REPLACE VIEW
VW_CUSTOMER_ZIPCODE_20878 AS
2 SELECT
CustomerID,FirstName,LastName,StreetAddress,PhoneNo,ZipC
ode FROM CUSTOMER
3 WHERE ZipCode='20878';
View created.
SQL>
SQL> rem create VW_CUSTOMERS_WITH_NO_LATE_FEES
view that displays all the customers (without the audit columns)
SQL> rem that did not pay late fees for the movies they rented
SQL> CREATE OR REPLACE VIEW
VW_CUSTOMERS_WITH_NO_LATE_FEES AS
2 select
A.CUSTOMERID,A.FIRSTNAME,A.LASTNAME,A.STREETA
DDRESS,A.PHONENO,A.ZIPCODE from customer A
3 join rental b on b.CUSTOMERID=A.CUSTOMERID
4 where b.LATEFEE=0;
View created.
SQL>
SQL> rem create
VW_CUSTOMERS_WITH_NO_LATE_FEES_AND_MORE_TH
AN_3_DOLlARS_TAXES that displays all the customers
SQL> rem (without the audit culumns)that did not pay fees for
the movies they rented
SQL> rem and who payed more than three dollars ($3) for tax
SQL> CREATE OR REPLACE VIEW
VW_CUSTOMERS_WITH_NO_LATE_FEES_AND_MORE_TH
AN_3_DOLlARS_TAXES AS
2 select
A.CUSTOMERID,A.FIRSTNAME,A.LASTNAME,A.STREETA
87. DDRESS,A.PHONENO,A.ZIPCODE from customer A
3 join rental b on b.CUSTOMERID=A.CUSTOMERID
4 where b.DAMAGEFEE=0
5 and b.TAXES>3;
View created.
SQL>
SQL>
SQL> rem grant select on the view created above to
accountant_role;
SQL> grant select on VW_MOVIE to accountant_role;
Grant succeeded.
SQL> grant select on VW_CUSTOMER_ZIPCODE_20878 to
accountant_role;
Grant succeeded.
SQL> grant select on
VW_CUSTOMERS_WITH_NO_LATE_FEES to
accountant_role;
Grant succeeded.
SQL> grant select on
VW_CUSTOMERS_WITH_NO_LATE_FEES_AND_MORE_TH
AN_3_DOLlARS_TAXES to accountant_role;
Grant succeeded.
SQL> /* End Create view for database security and grant
appropriate privilege to the appropriate roles */
SQL>
SQL>
88. SQL>
SQL> /* Beging create Virtual Private Database to allow
Customers to view their records in CUSTOMER and RENTAL
tables */
SQL> rem connect as sysdba and EXECUTE ON DBMS_RLS
TO THE DBA (DRAKE_XXX68)
SQL>
SQL> connect sys/[email protected]:1521/orcl as sysdba;
Connected.
SQL> grant execute on dbms_rls to DRAKE_XXX68;
Grant succeeded.
SQL> rem connect as DRAKE_XXX68 to create the VPD
SQL> connect DRAKE_XXX68/XXXha_dav1968 @orcl;
Connected.
SQL>
SQL>
SQL> rem create the access policy table
SQL> drop table ACCESS_POLICY;
Table dropped.
SQL>
SQL> CREATE TABLE ACCESS_POLICY
2 ( AM_NAME VARCHAR2(20) NOT NULL,
3 CUSTOMERID NUMBER NOT NULL,
4 ACCESS_TYPE CHAR(1) NOT NULL);
Table created.
SQL>
SQL>
SQL> rem create the access right by loading the access policy
table.
SQL> INSERT INTO ACCESS_POLICY VALUES
89. ('SAMARIA_mon12', 203, 'S');
1 row created.
SQL> INSERT INTO ACCESS_POLICY VALUES
('JUNIOR_XXX10', 200, 'S');
1 row created.
SQL>
SQL>
SQL> rem Show the values from the the access policy table just
created.
SQL> SELECT * FROM ACCESS_POLICY;
AM_NAME CUSTOMERID A
-------------------- ---------- -
SAMARIA_mon12 203 S
JUNIOR_XXX10 200 S
SQL>
SQL> rem As DRAKE_XXX68, create a policy function
SQL> rem THE POLICY CHECKS TO SEE IF THE USER
EXECUTING THE FUNCTION IS IN THE TABLE.
SQL> rem THIS FUNCTION RETURNS THE USERS THAT
HAVE THE RIGHT TO SELECT CUSTOMER INFORMATION
in the VW_CUSTOMER_RENTAL view.
SQL>
SQL> create or replace function get_sel_customerid (p_schema
in varchar2, p_table in varchar2)
2 return varchar2
3 as l_retstr varchar2(2000);
4
5 begin
6 if (p_schema = user) then
7 l_retstr := null;
90. 8 else
9 for cust_rec in
10 (
11 select customerid
12 from access_policy
13 where am_name = USER
14 and access_type = 'S'
15 ) loop
16 l_retstr := l_retstr||','||cust_rec.customerid;
17 end loop;
18 l_retstr := ltrim(l_retstr,',');
19 l_retstr := 'CUSTOMERID IN ('||l_retstr||')';
20 end if;
21 return l_retstr;
22 end;
23 /
Function created.
SQL>
SQL>
SQL> rem Start create the view on which the fucntion will be
applied
SQL> rem create CUSTOMER view that displays customer
information in CUSTOMER and RENTAL tables
SQL> drop view VW_CUSTOMER_RENTAL;
View dropped.
SQL>
SQL>
SQL> CREATE OR REPLACE VIEW
VW_CUSTOMER_RENTAL AS
2 select a.CustomerID, a.FirstName, a.LastName,
a.StreetAddress, a.PhoneNo, a.ZipCode,
3 b.RentID, b.CheckOutDate, b.CheckInDate, b.LateFee,
91. b.DamageFee, b.Taxes from customer a
4 join rental b on b.CustomerID=a.CustomerID;
View created.
SQL>
SQL> rem as DRAKE_XXX68 grant select privilege on
VW_CUSTOMER_RENTAL view to customer_role
SQL> grant select on VW_CUSTOMER_RENTAL to
customer_role;
Grant succeeded.
SQL>
SQL> rem ADD POLICY FUNCTION
SQL> rem connect as security manager (DYLANE_sec18) in
order to the policy fucntion using the DBMS RLS Function
SQL> rem This operation connects the policy (cust_sle_policy)
to the view (DRAKE1_XXX68.VW_CUSTOMER_RENTAL)
with a function that returns the information needed in the where
clause.
SQL> rem We should keep in mind that this is the policy that
applies on who may perform the select operation.
SQL>
SQL>
SQL>
SQL> begin
2 dbms_rls.add_policy (
3 object_schema => 'DRAKE_XXX68',
4 object_name => 'VW_CUSTOMER_RENTAL',
5 policy_name => 'CUST_SEL_POLICY',
6 function_schema => 'DRAKE_XXX68',
7 policy_function => 'GET_SEL_CUSTOMERID',
8 statement_types => 'SELECT',
9 update_check => TRUE
10 );
92. 11 end;
12 /
PL/SQL procedure successfully completed.
SQL> /* End create Virtual Private Database to allow
Customers to view their records in CUSTOMER and RENTAL
tables */
SQL>5.5) Verification of Security Implementation
SQL> /* Start Part2: Test Database security Script */
SQL> rem connect as store manager and issue select commands
on all the tables.
SQL>
SQL> connect NESTOR_den65/[email protected];
Connected.
SQL> select * from DRAKE_XXX68.MOVIE;
MOVIEID MOVIETITLE DURATION
RATING YEARRELEASED CREATED_BY
DATE_CREA MODIFIED_BY DATE_MODI
---------- ---------------------------------------- ---------- ---------- --
---------- ------------------------------ --------- -----------------------
------- ---------
100 Terikassam 2 70
1970 DRAKE_XXX68 23-APR-19
DRAKE_XXX68 23-APR-19
101 Cinq Pour Lenfer 3 80
2010 DRAKE_XXX68 23-APR-19
DRAKE_XXX68 23-APR-19
102 Le Proces 2 90
1980 DRAKE_XXX68 23-APR-19
DRAKE_XXX68 23-APR-19
103 La Companie Creole 4 50
2003 DRAKE_XXX68 23-APR-19
DRAKE_XXX68 23-APR-19