REVOKE

revoke_table

revoke_table_col

REVOKE - 图2

revoke_seq

revoke_db

revoke_domain

REVOKE - 图5

revoke_schema

revoke_type

REVOKE - 图7

revoke_role

Any role has the sum of all privileges assigned to it. So, if REVOKE is used to revoke SELECT from PUBLIC, then it does not mean that all roles have lost privilege.If a role had SELECT granted directly to it or inherited it via a group, then it can continue to hold the SELECT privilege.

If GRANT OPTION FOR is specified, only the grant option for the privilege is revoked, not the privilege itself. Otherwise, both the privilege and the grant option are revoked.

Similarly, while revoking a role, if is specified, then only the admin option for the privilege is revoked.

When revoking privileges on a table, the corresponding column privileges (if any) are automatically revoked on each column of the table, as well. On the other hand, if a role has been granted privileges on a table, then revoking the same privileges from individual columns will have no effect.

  • Revoke SELECT privilege for PUBLIC on table ‘stores’
  • Remove user John from SysAdmins group.