REVOKE
From Recital Documentation Wiki
Revision as of 16:20, 19 March 2009 by Yvonnemilne (Talk | contribs)
REVOKE
Class
SQL Applications
Purpose
Revoke access privileges for users to tables.
Syntax
REVOKE ALL | [SELECT [(<column> [,...])]] [UPDATE [(<column> [,...])]]
[INSERT] [DELETE] [ALTER] [READ ONLY [(<column> [,...])]
ON [<database>!]<table> FROM '<user>,<group>' [,...] | PUBLIC
See Also
ALTER TABLE, CREATE TABLE, GETENV(), GRANT, SET TCACHE
Description To revoke access privileges for users to tables. The REVOKE statement can only remove existing user privileges given with the GRANT statement. To revoke privileges you must be the owner of the table or have already been granted ALTER privileges.
| Keywords | Description |
|---|---|
| ALL | All privileges are revoked. |
| SELECT | The ability to name any column in a SELECT statement. The privilege can be restricted to one or more columns by listing them. |
| UPDATE | The ability to name any column in an UPDATE statement. The privilege can be restricted to one or more columns by listing them. |
| INSERT | The ability to INSERT rows into the table. |
| DELETE | The ability to DELETE rows from the table. |
| ALTER | The data type to be stored in that column, and the applicable length or precision. |
| READ ONLY | The ability to read from any column in a SELECT statement. The privilege can be restricted to one or more columns by listing them. |
| database | The name of the database to which the table belongs. Databases in Recital are implemented as directories containing files that correspond to the tables and associated files in the database. Operating System file protection can be applied individually to the files for added security. The directory is a sub-directory of the Recital data directory. The environment variable / symbol DB_DATADIR points to the current Recital data directory and can be queried using the GETENV() function. Files from other directories can be added to the database using the ADD TABLE command or via the database catalog and SET AUTOCATALOG functionality. The '!' character must be included between the database name and the table name. |
| table | The name of the table from which to revoke the privileges. |
| user | The user access control string that will be revoked from the privilege. User access control strings are defined by the operating system. |
| group | The group access control string that will be revoked the privilege. Group access control strings are defined by the operating system. |
| PUBLIC | All users and groups will be revoked privileges |
Example
// Revoke update privilege for columns lastname and firstname and insert on the table EXEC SQL REVOKE UPDATE (lastname, firstname) INSERT ON customer FROM '[20,100]'; // Grant all privileges to all users EXEC SQL REVOKE ALL ON test FROM PUBLIC;
Products
Recital Database Server, Recital Mirage Server, Recital Terminal Developer
