Mimer SQL Documentation TOC PREV NEXT INDEX

Mimer SQL Developer Site


REVOKE OBJECT PRIVILEGE


Revokes object privileges from one or more idents.



where routine-specification is:



Usage

Embedded/Interactive/ODBC/JDBC.

Description

The specified object privilege is revoked from the ident(s) listed. If the privilege is revoked from a GROUP ident, all members of the group lose the privilege.

The object privileges are described under GRANT OBJECT PRIVILEGE.

The GRANT OPTION FOR clause specifies that only the WITH GRANT OPTION is to be revoked from the specified instance(s) of the privilege(s).

The keywords CASCADE and RESTRICT specifies whether the REVOKE statement will allow recursive effects that causes views to be dropped or FOREIGN KEY constraints to be removed, because access privileges are revoked as a result of a REVOKE MEMBER statement. See the Notes section for REVOKE ACCESS PRIVILEGE for a description of when views are dropped and FOREIGN KEY constraints are removed due to recursive effects.

If CASCADE is specified, such recursive effects will be allowed.

If RESTRICT is specified, the REVOKE statement will return an error if it would cause such recursive effects, and no access privileges will be revoked.

If neither CASCADE nor RESTRICT is specified, then RESTRICT is implicit.

Restrictions

Privileges may only be explicitly revoked by the grantor.

Notes

If an object privilege has been granted to the same ident more than once (by different grantors), the REVOKE statement will only revoke (or will revoke the WITH GRANT OPTION from) the single instance of the privilege that was granted by the current ident.

The object rights attached to the privilege (or the WITH GRANT OPTION) will only be lost when the last instance of the privilege has been revoked.

Revoking object privileges has recursive effects. Privileged actions are performed under the authorization of the most recently granted instance of the access.

When the last instance of a privilege WITH GRANT OPTION is revoked, all instances of the privilege granted by the ident under that authorization are recursively revoked.

If MEMBER privilege on a group is revoked from an ident, all privileges granted through the group are revoked from the ident.

An ident may not revoke privileges from himself.

Revoking TABLE privilege does not drop the tables created when the privilege was held.

Revoking SEQUENCE privilege does not drop the sequences created when the privilege was held.

Revoking USAGE privilege on a domain, user-defined type or sequence preserves the uses of the domain, user-defined type or sequence which were set up when the privilege was held, however, new instances of usage of the domain, user-defined type or sequence are prevented.

Revoking EXECUTE privilege immediately prevents the ident from invoking the routine or entering the PROGRAM ident.

Example

 REVOKE EXECUTE ON PROCEDURE coming_soon FROM joe, jane;
 

For more information, see the Mimer SQL User's Manual, Revoking Object Privileges.

Standard Compliance

Standard
Compliance
Comments
SQL-2011
Core
Fully compliant.
SQL-2011
Features outside core
Feature F034, "Extended REVOKE statement" support for REVOKE CASCADE and REVOKE GRANT OPTION FOR.
Feature F251, "Domain support" support for revoke usage on domain.
Feature F690, "Collation support" support for revoke usage on collation.

Mimer SQL extension
Revoke MEMBER, revoke SEQUENCE, revoke TABLE and revoke EXECUTE (on statement and program) are Mimer SQL extensions


Mimer
Mimer Information Technology AB
Voice: +46 18 780 92 00
Fax: +46 18 780 92 40
info@mimer.se
Mimer SQL Documentation TOC PREV NEXT INDEX