HomeMogDBMogDB StackUqbar
Ecological Tools
Doc Tools
中文
v5.0

Documentation:v5.0

Supported Versions:
Current(v5.0)

Other Versions:
v3.1/
v3.0/
v2.1/
v2.0/
v1.1

REVOKE

Function

REVOKE is used to revoke permissions from one or more roles.

Precautions

This section describes only the new syntax of Dolphin. The original syntax of MogDB is not deleted or modified. The ALTER ROUTINE, CRAETE ROUTINE, CREATE TEMPORARY TABLES, CREATE USER, CREATE TABLESPACE and INDEX permissions are added.

Syntax

  • The ALTER ROUTINE permission is added.

The ALTER permission is basically the same as that of the function and procedure.

The syntax after modification is described as follows:

REVOKE { { EXECUTE | ALTER ROUTINE | ALTER | DROP | COMMENT } [, ...] | ALL [ PRIVILEGES ] }
ON {FUNCTION {function_name ( [ {[ argmode ] [ arg_name ] arg_type} [, ...] ] )} | PROCEDURE {proc_name ( [ {[ argmode ] [ arg_name ] arg_type} [, ...] ] )} [, ...] | ALL FUNCTIONS IN SCHEMA schema_name [, ...] | ALL PROCEDURE IN SCHEMA schema_name [, ...] | schema_name.*}
FROM { [ GROUP ] role_name | PUBLIC } [, ...]
[ WITH GRANT OPTION ];
  • The CREATE ROUTINE permission is added.

The permission is basically the same as that of CREATE ANY FUNCTION.

The syntax after modification is described as follows:

REVOKE { CREATE ANY TABLE | ALTER ANY TABLE | DROP ANY TABLE | SELECT ANY TABLE | INSERT ANY TABLE | UPDATE ANY TABLE |
  DELETE ANY TABLE | CREATE ANY SEQUENCE | CREATE ANY INDEX | CREATE ANY FUNCTION | CREATE ROUTINE | EXECUTE ANY FUNCTION |
  CREATE ANY PACKAGE | EXECUTE ANY PACKAGE | CREATE ANY TYPE } [, ...]
  [ON *.*]
  FROM [ GROUP ] role_name [, ...]
  [ WITH ADMIN OPTION ];
  • The CREATE TEMPORARY TABLES permission is added.

The permission is basically the same as that of TEMPORARY.

The syntax after modification is described as follows:

REVOKE { { CREATE | CONNECT | CREATE TEMPORARY TABLES | TEMPORARY | TEMP | ALTER | DROP | COMMENT } [, ...]
    | ALL [ PRIVILEGES ] }
    ON { DATABASE database_name [, ...] | database_name.* }
    FROM { [ GROUP ] role_name | PUBLIC } [, ...]
    [ WITH GRANT OPTION ];
  • The CREATE USER permission is added.

It controls users' permission to create new users, which is basically the same as the CREATEROLE and NOCREATEROLE permissions of users.

The new syntax is described as follows:

REVOKE CREATE USER ON *.* FROM ROLE_NAME;
  • The CREATE TABLESPACE permission is added.

It controls users' permission to create tablespaces.

The new syntax is described as follows:

REVOKE CREATE TABLESPACE ON *.* FROM ROLE_NAME;
  • The INDEX permission is added.

The permission is basically the same as that of CREATE ANY INDEX.

The syntax after modification is described as follows:

REVOKE { CREATE ANY TABLE | ALTER ANY TABLE | DROP ANY TABLE | SELECT ANY TABLE | INSERT ANY TABLE | UPDATE ANY TABLE |
  DELETE ANY TABLE | CREATE ANY SEQUENCE | CREATE ANY INDEX | INDEX | CREATE ANY FUNCTION | EXECUTE ANY FUNCTION |
  CREATE ANY PACKAGE | EXECUTE ANY PACKAGE | CREATE ANY TYPE } [, ...]
  { ON *.* }
  FROM [ GROUP ] role_name [, ...]
  [ WITH ADMIN OPTION ];

Parameter Description

N/A

Examples

REVOKE ALTER ROUTINE ON FUNCTION TEST FROM USER_TESTER;
REVOKE CREATE ANY FUNCTION FROM USER_TESTER;
REVOKE CREATE TEMPORARY TABLES ON DATABASE DATABASE_TEST FROM USER_TESTER; 
REVOKE CREATE USER ON *.* FROM USER_TESTER;
REVOKE CREATE TABLESPACE ON *.* FROM USER_TESTER;
REVOKE INDEX FROM TEST_USER;

REVOKE

HOME

Issue
Copyright © 2011-2024 www.enmotech.com All rights reserved.