Revoking User Access

From InterBase
Jump to: navigation, search

Go Up to Planning Security


Use the REVOKE statement to remove privileges that were assigned with the GRANT statement.

At a minimum, REVOKE requires parameters that specify the following:

  • One access privilege to remove.
  • The table or view to which the privilege revocation applies.
  • The name of the grantee for which the privilege is revoked.

In its full form, REVOKE removes all the privileges that GRANT can assign.

REVOKE <privileges> ON [TABLE] {tablename | viewname}
 FROM {<object> | <userlist> | GROUP UNIX_group};
<privileges> = ALL [PRIVILEGES] | <privilege_list>
<privilege_list> = {
SELECT
| DELETE
| INSERT
| UPDATE [(col [, col ])]
| REFERENCES [(col [, col ])]
} [, <privilege_list> ]
<object> = {
PROCEDURE procname
| TRIGGER trigname
| VIEW viewname
| PUBLIC
} [, <object> ]
<userlist> = [USER] username [, [USER] username ]

The following statement removes the SELECT privilege for the user, SUSAN, on the DEPARTMENTS table:

REVOKE SELECT ON DEPARTMENTS FROM SUSAN;

The following statement removes the UPDATE privilege for the procedure, MONEY_TRANSFER, on the ACCOUNTS table:

REVOKE UPDATE ON ACCOUNTS FROM PROCEDURE MONEY_TRANSER;

The next statement removes EXECUTE privilege for the procedure, ­ACCT_MAINT, on the MONEY_TRANSFER procedure:

REVOKE EXECUTE ON PROCEDURE MONEY_TRANSER FROM PROCEDURE ACCT_MAINT;

For the complete syntax of REVOKE, see REVOKE.

Topics

Advance To: