REVOKE (Object Privileges) command

Enter the syntax information of your reference here (optional).

Syntax

REVOKE [ GRANT OPTION FOR ]
    { ALL PRIVILEGES } | { privilege., ..}
    ON object_name
    FROM PUBLIC | { grantee .,.. };
Keyword Description
privilege Type of access, action, or privilege to revoke
object_name Name of the object on which to revoke privileges
grantee User name(s) to revoke

Use

This statement removes privileges from authorization IDs (users) that have previously received them with the GRANT statement. The privileges follow the definitions and rules outlined under GRANT. The GRANT option is the ability to grant the privileges received in turn to others.

In any case, the revoker of the privilege is the same authorization ID that granted it, and all dependent privileges may be revoked. A privilege (privilege A) depends directly on another (privilege B) if either of the following sets of conditions is met:

All of the following must be true to satisfy this condition set:

  • Privilege A is grantable (has GRANT option)
  • The grantee of A is PUBLIC or the same as the grantee of B
  • A and B are both privileges for the same action on the same object

OR

All of the first three below must be true to satisfy this condition set:

  • B is an automatically generated privilege, indicated by a grantor value of _SYSTEM
  • The actions of the two privileges are the same
  • The grantee of A owns the object (which must be a table, translation, or collation) on which the privileges exist

plus any one of the following:

  • Privilege B is on a view referencing a table on which privilege A is the SELECT privilege (if it is a read-only view) or the privilege at hand (if it is an updatable one)
  • B is the USAGE privilege on a collation defined on a character set on which A is the USAGE privilege
  • B is the USAGE privilege on a translation that uses the character set on which A is the USAGE privilege as either source or target

Example

REVOKE SELECT ON STAFF FROM CLERK