|
|
|
REVOKE (RBAC on)
Description
When RBAC is active, revokes various privileges to the specified role(s) for the database. There are three forms of the REVOKE statement:
To grant or remove privileges for system administration (DBA) or general creation (RESOURCE), simply enable/disable database-level permissions.
Syntax
REVOKE { RESOURCE | DBA }
FROM { role_name [ , role_name ] ... } ;
REVOKE
{ privilege [ , privilege, ] ... | ALL [ PRIVILEGES ] }
ON table_name
FROM { role_name [ , role_name ] ... | PUBLIC } ;
REVOKE EXECUTE ON procedure_name
FROM { role_name [ , role_name ] ... | PUBLIC } ;
privilege ::
{ SELECT | INSERT | DELETE | ALTER | INDEX | UPDATE }
Arguments
GRANT OPTION FOR
Revokes the grant option for the privilege from the specified users. The actual privilege itself is not revoked.
{ privilege [ , privilege, ] ... | ALL [ PRIVILEGES ] }
List of privileges to be revoked. See the description in GRANT (GRANT, SQL GRANT) for details on specific privileges. Revoking RESOURCE and DBA rights can only be done by the administrator or a user with DBA rights.
Using the keyword ALL revokes all the rights granted on the table/view.
ON table_name
The table or view for which FairCom DB SQL revokes the specified privileges.
EXECUTE ON procedure_name
Revokes the right to execute the specified stored procedure.
FROM {role_name [ , role_name ] ...
Revokes the specified rights on the table or view from the specified list of roles.
FROM PUBLIC
Revokes the specified rights on the table or view from any role with access to the system.
Example
REVOKE INSERT ON customer FROM dbuser1 ;
REVOKE ALTER ON cust_view FROM dbuser2 ;
Authorization
The user revoking DBA or RESOURCE privileges must have the DBA privilege.
The user revoking privileges on a table must have any of the following privileges:
SQL Compliance |
SQL-92, ODBC Core SQL grammar. Extensions: ALTER, INDEX, RESOURCE, DBA privileges |
Environment |
Embedded SQL, interactive SQL, ODBC applications |
Related Statements |
See also
