List user quota

rammpeter · rammpeter · commit a4d6726fb5e0 · 2025-03-17T18:24:30.000+01:00
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -36,7 +36,7 @@ jobs:
   #test_18_3-ee_CDB:    { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "18.3.0.0-ee",   container: "CDB", max_parallel: 4 }, secrets: "inherit"}
   #test_18_3-ee_PDB:    { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "18.3.0.0-ee",   container: "PDB", max_parallel: 4 }, secrets: "inherit"}
   test_18_4-xe_CDB:    { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "18.4.0.0-xe",   container: "CDB", max_parallel: 4 }, secrets: "inherit"}
-  test_18_4-xe_PDB:    { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "18.4.0.0-xe",   container: "PDB", max_parallel: 4 }, secrets: "inherit"}
+  # test_18_4-xe_PDB:    { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "18.4.0.0-xe",   container: "PDB", max_parallel: 4 }, secrets: "inherit"}
   #test_19_10-ee_CDB:   { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "19.10.0.0-ee",  container: "CDB", max_parallel: 4 }, secrets: "inherit"}
   test_19_10-ee_PDB:   { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "19.10.0.0-ee",  container: "PDB", max_parallel: 4 }, secrets: "inherit"}
   test_19_10-se2_CDB:  { uses: "rammpeter/panorama/.github/workflows/run_tests.yml@master", needs: [setup], with: { db_version: "19.10.0.0-se2", container: "CDB", max_parallel: 4 }, secrets: "inherit"}
diff --git a/app/controllers/dba_schema_controller.rb b/app/controllers/dba_schema_controller.rb
@@ -58,19 +58,22 @@ def list_db_users
                                        Objects AS (SELECT /*+ NO_MERGE MATERIALIZE */ Owner, COUNT(*) Object_Cnt
                                                    FROM   DBA_Objects
                                                    GROUP BY Owner
-                                                  )
+                                                  ),
+                                       Quotas AS (SELECT /*+ NO_MERGE MATERIALIZE */ Username, COUNT(*) Quota_Cnt FROM DBA_TS_Quotas GROUP BY UserName)
                                   SELECT u.*,
                                          NVL(p.Granted_Roles, 0)      Granted_Roles,
                                          NVL(s.Privilege_Cnt,0)       Privilege_Cnt,
                                          NVL(t.Obj_Grants,0)          Obj_Grants,
                                          NVL(gt.Granted_Obj_Grants,0) Granted_Obj_Grants,
-                                         NVL(o.Object_Cnt, 0)         Object_Cnt
+                                         NVL(o.Object_Cnt, 0)         Object_Cnt,
+                                         NVL(q.Quota_Cnt, 0)          Quota_Cnt
                                   FROM   Users u
-                                  LEFT OUTER JOIN Role_Privs p ON p.Grantee = u.UserName
-                                  LEFT OUTER JOIN Tab_Privs t ON t.Grantee = u.UserName
-                                  LEFT OUTER JOIN Granted_Tab_Privs gt ON gt.Grantor = u.UserName
-                                  LEFT OUTER JOIN Sys_Privs s ON s.Grantee = u.UserName
-                                  LEFT OUTER JOIN Objects o ON o.Owner = u.UserName
+                                  LEFT OUTER JOIN Role_Privs p          ON p.Grantee  = u.UserName
+                                  LEFT OUTER JOIN Tab_Privs t           ON t.Grantee  = u.UserName
+                                  LEFT OUTER JOIN Granted_Tab_Privs gt  ON gt.Grantor = u.UserName
+                                  LEFT OUTER JOIN Sys_Privs s           ON s.Grantee  = u.UserName
+                                  LEFT OUTER JOIN Objects o             ON o.Owner    = u.UserName
+                                  LEFT OUTER JOIN Quotas q              ON q.UserName = u.UserName
                                   ORDER BY u.UserName
                                  "].concat(where_values)
     render_partial
@@ -336,6 +339,14 @@ def list_user_profiles
     render_partial
   end
 
+  def list_ts_quotas
+    @username = prepare_param :username
+
+    @quotas = sql_select_iterator ["SELECT * FROM DBA_TS_Quotas WHERE UserName = ?", @username]
+
+    render_partial
+  end
+
   def list_gradual_password_rollover
     @user_info = sql_select_all("\
       SELECT u.Account_Status, u.Password_Change_Date, u.Profile, u.UserName, u.Last_Login,
diff --git a/app/helpers/ajax_helper.rb b/app/helpers/ajax_helper.rb
@@ -279,6 +279,17 @@ def link_sql_id(update_area, instance, sql_id, childno: nil, parsing_schema_name
     )
   end
 
+  def link_username(update_area, username)
+    ajax_link(username,
+              { controller: :dba_schema,
+                action:      :list_db_users,
+                username:     username,
+                update_area: update_area,
+              },
+              title: "Show details for user '#{username}'"
+    )
+
+  end
   def link_current_or_historic_sql_id(update_area, instance, sql_id, time_selection_start, time_selection_end, parsing_schema_name=nil, con_id=nil)
     unique_id = get_unique_area_id
     prefix = "Show details in SGA or AWR history for SQL-ID = '#{sql_id}'#{", Instance = #{instance}" if instance}"
diff --git a/app/views/dba/_list_db_vault_auths.html.erb b/app/views/dba/_list_db_vault_auths.html.erb
@@ -9,19 +9,11 @@
     }, title: "Show realm #{rec.realm_name} from DBA_DV_REALM")
   end
 
-  link_column_grantee = proc do |rec|
-    # TODO: distinguish between user and role
-    ajax_link(rec.grantee, {
-      controller:   :dba_schema,
-      action:       :list_db_users,
-      username:     rec.grantee,
-      update_area:  @update_area
-    }, title: "Show user info for '#{rec.grantee}'")
-  end
+ # TODO: distinguish between user and role
 
   column_options = []
   column_options << {caption: 'Realm name',     data: link_column_realm_name,             title: 'Name of DB vault realm'}
-  column_options << {caption: 'Grantee',        data: link_column_grantee,                title: 'Grantee name'}
+  column_options << {caption: 'Grantee',        data: proc{|rec| link_username(@update_area, rec.grantee) }, title: 'Grantee name'}
   column_options << {caption: 'Rule set',       data: proc{|rec| rec.auth_rule_set_name}, title: "Rule set to check before authorizing.\nIf the rule set evaluates to TRUE, then the authorization is allowed."}
   column_options << {caption: 'Auth. options',  data: proc{|rec| rec.auth_options},       title: "Type of realm authorization: either Participant or Owner."}
   column_options << {caption: 'Common auth.',   data: proc{|rec| rec.common_auth},        title: "Type of realm authorization: either Participant or Owner."}
diff --git a/app/views/dba_schema/_list_db_users.html.erb b/app/views/dba_schema/_list_db_users.html.erb
@@ -61,6 +61,16 @@
     )
   end
 
+  link_quotas = proc do |rec|
+    ajax_link(fn(rec.quota_cnt),
+              {action:      :list_ts_quotas,
+               username:     rec.username,
+               update_area: @update_area,
+              },
+              title: "Show tablespace quotas of user '#{rec.username}'"
+    )
+  end
+
   render_action_buttons = proc do |rec|
     retval =
       "<div style=\"float:left\">#{
@@ -91,7 +101,7 @@
   column_options << {caption: 'Auth. type',   data: proc{|rec| rec.authentication_type},      title: 'Indicates the authentication mechanism for the user'}
   column_options << {caption: 'Cm.',          data: proc{|rec| rec.common},                   title: 'Indicates whether a given user is common'} if get_db_version >= '12.1'
   column_options << {caption: 'Orcl. maint.',data: proc{|rec| rec.oracle_maintained},        title: "Denotes whether the user was created, and is maintained, by Oracle-supplied scripts (such as catalog.sql or catproc.sql).\nA user for which this column has the value Y must not be changed in any way except by running an Oracle-supplied script."} if get_db_version >= '12.1'
-  column_options << {caption: 'Pr. o.',       data: proc{|rec| rec.proxy_only_connect},       title: 'Indicates whether a user can connect directly (N) or whether the account can only be proxied (Y) by users who have proxy privileges for this account (that is, by users who have been granted the "connect through" privilege for this account).'} if get_db_version >= '12.1'
+  column_options << {caption: 'Pr. o.',       data: proc{|rec| rec.proxy_only_connect},       title: "Proxy only connect\nIndicates whether a user can connect directly (N) or whether the account can only be proxied (Y) by users who have proxy privileges for this account (that is, by users who have been granted the \"connect through\" privilege for this account)."} if get_db_version >= '12.1'
   column_options << {caption: 'Last login',   data: proc{|rec| localeDateTime(rec.last_login)},title: 'The time of the last user login.'} if get_db_version >= '12.1'
   column_options << {caption: 'Inh.',         data: proc{|rec| rec.inherited},                title: "Indicates whether the user definition was inherited from another container (YES) or not (NO)"} if get_db_version >= '12.2'
   column_options << {caption: 'Default collation', data: proc{|rec| rec.default_collation},   title: "Default collation for the user’s schema"} if get_db_version >= '12.2'
@@ -102,7 +112,8 @@
   column_options << {caption: 'Object privs', data: link_obj_grants,                          title: 'Number of object privileges granted to this user', align: :right}
   column_options << {caption: 'System privs', data: link_privileges,                          title: 'Number of system privileges granted this user', align: :right}
   column_options << {caption: 'Granted object privs', data: link_granted_obj_privs,           title: 'Number of object privileges granted to others by this user', align: :right}
-  column_options << {caption: 'DB objects',   data: link_objects,                             title: 'Number of DB objects owned by this user', align: :right}
+  column_options << {caption: 'DB obj.',      data: link_objects,                             title: 'Number of DB objects owned by this user', align: :right}
+  column_options << {caption: 'TS quot.',     data: link_quotas,                              title: 'Number of tablespace quotas for this user', align: :right}
   column_options << {caption: 'Action',       data: render_action_buttons,                    title: 'Call action for this user'}
 %>
 
diff --git a/app/views/dba_schema/_list_dependency_grants.html.erb b/app/views/dba_schema/_list_dependency_grants.html.erb
@@ -4,12 +4,7 @@
   link_grantee = proc do |rec|
     case rec.grantee_type
     when 'USER' then
-      ajax_link(rec.grantee, {
-        action:       :list_db_users,
-        username:     rec.grantee,
-        update_area:  @update_area
-      }, title: "Show user details"
-      )
+      link_username(@update_area, rec.grantee)
     when 'ROLE' then
       ajax_link(rec.grantee, {
         action:       :list_roles,
diff --git a/app/views/dba_schema/_list_granted_sys_privileges.html.erb b/app/views/dba_schema/_list_granted_sys_privileges.html.erb
@@ -4,13 +4,7 @@
   link_grantee = proc do |rec|
     case rec.grantee_type
     when 'USER' then
-      ajax_link(rec.grantee,
-                {action:      :list_db_users,
-                 username:    rec.grantee,
-                 update_area: @update_area,
-                },
-                title: "Show details for user '#{rec.grantee}'"
-      )
+      link_username(@update_area, rec.grantee)
     when 'ROLE' then
       ajax_link(rec.grantee,
                 {action:      :list_roles,
diff --git a/app/views/dba_schema/_list_grants.html.erb b/app/views/dba_schema/_list_grants.html.erb
@@ -5,12 +5,7 @@
   link_grantee = proc do |rec|
     case rec.grantee_type
     when 'USER' then
-      ajax_link(rec.grantee, {
-        action:       :list_db_users,
-        username:     rec.grantee,
-        update_area:  @update_area
-      }, title: "Show user details"
-      )
+      link_username(@update_area, rec.grantee)
     when 'ROLE' then
       ajax_link(rec.grantee, {
         action:       :list_roles,
diff --git a/app/views/dba_schema/_list_obj_grants.html.erb b/app/views/dba_schema/_list_obj_grants.html.erb
@@ -4,13 +4,7 @@
   link_grantee = proc do |rec|
     case rec.grantee_type
     when 'USER' then
-      ajax_link(rec.grantee,
-                {action:      :list_db_users,
-                 username:    rec.grantee,
-                 update_area: @update_area,
-                },
-                title: "Show details for user '#{rec.grantee}'"
-      )
+      link_username(@update_area, rec.grantee)
     when 'ROLE' then
       ajax_link(rec.grantee,
                 {action:      :list_roles,
@@ -23,24 +17,13 @@
     end
   end
 
-  link_grantor = proc do |rec|
-    ajax_link(rec.grantor,
-              {action:      :list_db_users,
-               username:    rec.grantor,
-               update_area: @update_area,
-              },
-              title: "Show details for user '#{rec.grantor}'"
-    )
-  end
-
-
   column_options = []
   column_options << {caption: 'Grantee',      data: link_grantee,                             title: 'Name of the user or role receiving the grant'}
   column_options << {caption: 'Grantee type', data: proc{|rec| rec.grantee_type},             title: 'Type of grantee'}
   column_options << {caption: 'Owner',        data: proc{|rec| rec.owner},                    title: 'Owner of the object'}
   column_options << {caption: 'Object name',  data: proc{|rec| link_object_description(@update_area, rec.owner, rec.table_name, rec.table_name)},               title: 'Name of the object. The object can be any object, including tables, packages, indexes, sequences, and so on.'}
   column_options << {caption: 'Object type',  data: proc{|rec| rec.type},                     title: 'Type of the object'} if get_db_version >= '12.1'
-  column_options << {caption: 'Grantor',      data: link_grantor,                             title: 'Name of the user who performed the grant'}
+  column_options << {caption: 'Grantor',      data: proc{|rec| link_username(@update_area, rec.grantor)}, title: 'Name of the user who performed the grant'}
   column_options << {caption: 'Privilege',    data: proc{|rec| rec.privilege},                title: "Granted object privilege"}
   column_options << {caption: 'Grantable',    data: proc{|rec| rec.grantable},                title: "Indicates whether the privilege was granted with the GRANT OPTION (YES) or not (NO)"}
   column_options << {caption: 'Hierarchy',    data: proc{|rec| rec.hierarchy},                title: "Indicates whether the privilege was granted with the HIERARCHY OPTION (YES) or not (NO)"}
diff --git a/app/views/dba_schema/_list_role_grants.html.erb b/app/views/dba_schema/_list_role_grants.html.erb
@@ -4,13 +4,7 @@
   link_grantee = proc do |rec|
     case rec.grantee_type
     when 'USER' then
-      ajax_link(rec.grantee,
-                {action:      :list_db_users,
-                 username:    rec.grantee,
-                 update_area: @update_area,
-                },
-                title: "Show details for user '#{rec.grantee}'"
-      )
+      link_username(@update_area, rec.grantee)
     when 'ROLE' then
       ajax_link(rec.grantee,
                 {action:      :list_roles,
diff --git a/app/views/dba_schema/_list_ts_quotas.html.erb b/app/views/dba_schema/_list_ts_quotas.html.erb
@@ -0,0 +1,30 @@
+<% @update_area = get_unique_area_id
+
+   show_quota = proc do |rec|
+     if rec.max_bytes == -1
+       'UNLIMITED'
+     else
+       fn(rec.max_bytes.to_f / (1024*1024)) if !rec.max_bytes.nil?
+     end
+   end
+
+   show_charged = proc do |rec|
+     fn(rec.bytes.to_f / (1024*1024)) if !rec.bytes.nil?
+   end
+
+   column_options = []
+   column_options << {caption: 'User name',    data: proc{|rec| link_username(@update_area, rec.username)},    title: 'Name of user'}
+   column_options << {caption: 'Tablespace',   data: proc{|rec| rec.tablespace_name},     title: "Name of tablespace"}
+   column_options << {caption: "Quota (MB)",   data: show_quota,                          title: "Maximum quota in tablespace for this schema in MB", data_title: proc{|rec| "%t\n#{size_explain((rec.max_bytes.to_f / (1024*1024) rescue nil)) if rec.max_bytes != -1 && !rec.max_bytes.nil?}"}, align: :right}
+   column_options << {caption: "Charged (MB)", data: show_charged,                        title: "MB charged for quota in tablespace for this schema from DBA_TS_QUOTAS", data_title: proc{|rec| "%t\n#{size_explain((rec.bytes.to_f / (1024*1024) rescue nil)) if !rec.bytes.nil?}"}, align: :right}
+%>
+
+<%= gen_slickgrid(@quotas,
+                  column_options,
+                  { caption: "Tablespace quotas for user from DBA_TS_Quotas",
+                    max_height: 450,
+                    show_pin_icon: 1,
+                    update_area: @update_area
+                  }
+    )
+%>
diff --git a/test/controllers/dba_schema_controller_test.rb b/test/controllers/dba_schema_controller_test.rb
@@ -403,6 +403,11 @@ class DbaSchemaControllerTest < ActionDispatch::IntegrationTest
     assert_response :success
   end
 
+  test 'list ts quotas' do
+    post '/dba_schema/list_ts_quotas', params: {format: :html, username: 'SYS' }
+    assert_response :success
+  end
+
   test 'list roles' do
     # call without parameters is tested as first level menu entry
     post '/dba_schema/list_roles', params: {format: :html, role: 'CONNECT' }
