REVOKE OBJECT PRIVILEGE
Revokes object privileges from one or more idents.
The specified object privilege is revoked from the ident(s) listed. If the privilege is revoked from a
GROUPident, all members of the group lose the privilege.
The object privileges are described under
GRANT OBJECT PRIVILEGE.
GRANT OPTION FORclause specifies that only the
WITH GRANT OPTIONis to be revoked from the specified instance(s) of the privilege(s).
RESTRICTspecifies whether the
REVOKEstatement will allow recursive effects that causes views to be dropped or
FOREIGN KEYconstraints to be removed, because access privileges are revoked as a result of a REVOKE MEMBER statement. See the Notes section for REVOKE ACCESS PRIVILEGE for a description of when views are dropped and
FOREIGN KEYconstraints are removed due to recursive effects.
CASCADEis specified, such recursive effects will be allowed.
RESTRICTis specified, the
REVOKEstatement will return an error if it would cause such recursive effects, and no access privileges will be revoked.
RESTRICTis specified, then
Privileges may only be explicitly revoked by the grantor.
If an object privilege has been granted to the same ident more than once (by different grantors), the
REVOKEstatement will only revoke (or will revoke the
WITH GRANT OPTIONfrom) the single instance of the privilege that was granted by the current ident.
The object rights attached to the privilege (or the
WITH GRANT OPTION) will only be lost when the last instance of the privilege has been revoked.
Revoking object privileges has recursive effects. Privileged actions are performed under the authorization of the most recently granted instance of the access.
When the last instance of a privilege
WITH GRANT OPTIONis revoked, all instances of the privilege granted by the ident under that authorization are recursively revoked.
MEMBERprivilege on a group is revoked from an ident, all privileges granted through the group are revoked from the ident.
An ident may not revoke privileges from himself.
TABLEprivilege does not drop the tables created when the privilege was held.
SEQUENCEprivilege does not drop the sequences created when the privilege was held.
USAGEprivilege on a domain, user-defined type or sequence preserves the uses of the domain, user-defined type or sequence which were set up when the privilege was held, however, new instances of usage of the domain, user-defined type or sequence are prevented.
EXECUTEprivilege immediately prevents the ident from invoking the routine or entering the
ExampleREVOKE EXECUTE ON PROCEDURE coming_soon FROM joe, jane;
For more information, see the Mimer SQL User's Manual, Revoking Object Privileges.
SQL-2011 Core Fully compliant. SQL-2011 Features outside core Feature F034, "Extended REVOKE statement" support for REVOKE CASCADE and REVOKE GRANT OPTION FOR.Feature F251, "Domain support" support for revoke usage on domain.Feature F690, "Collation support" support for revoke usage on collation. Mimer SQL extension Revoke MEMBER, revoke SEQUENCE, revoke TABLE and revoke EXECUTE (on statement and program) are Mimer SQL extensions
Mimer Information Technology AB
Voice: +46 18 780 92 00
Fax: +46 18 780 92 40