Revoking User Access
From InterBase
Go Up to Planning Security
Use the REVOKE statement to remove privileges that were assigned with the GRANT statement.
At a minimum, REVOKE requires parameters that specify the following:
- One access privilege to remove.
- The table or view to which the privilege revocation applies.
- The name of the grantee for which the privilege is revoked.
In its full form, REVOKE removes all the privileges that GRANT can assign.
REVOKE <privileges> ON [TABLE] {tablename | viewname}
FROM {<object> | <userlist> | GROUP UNIX_group};
<privileges> = ALL [PRIVILEGES] | <privilege_list>
<privilege_list> = {
SELECT
| DELETE
| INSERT
| UPDATE [(col [, col …])]
| REFERENCES [(col [, col …])]
} [, <privilege_list> …]
<object> = {
PROCEDURE procname
| TRIGGER trigname
| VIEW viewname
| PUBLIC
} [, <object> …]
<userlist> = [USER] username [, [USER] username …]
The following statement removes the SELECT privilege for the user, SUSAN, on the DEPARTMENTS table:
REVOKE SELECT ON DEPARTMENTS FROM SUSAN;
The following statement removes the UPDATE privilege for the procedure, MONEY_TRANSFER, on the ACCOUNTS table:
REVOKE UPDATE ON ACCOUNTS FROM PROCEDURE MONEY_TRANSER;
The next statement removes EXECUTE privilege for the procedure, ACCT_MAINT, on the MONEY_TRANSFER procedure:
REVOKE EXECUTE ON PROCEDURE MONEY_TRANSER FROM PROCEDURE ACCT_MAINT;
For the complete syntax of REVOKE, see REVOKE.
Topics
- Revocation Restrictions
- Revoking Multiple Privileges
- Revoking All Privileges
- Revoking Privileges for a List of Users
- Revoking Privileges for a Role
- Revoking a Role from Users
- Revoking EXECUTE Privileges
- Revoking Privileges from Objects
- Revoking Privileges for All Users
- Revoking Grant Authority