SQL$HELP72.HLB  —  REVOKE_ANSI, Examples
    Example 1: Managing User Access with the REVOKE statement

    SQL> attach 'filename DB$:ANSI_PERSONNEL';
    SQL>
    SQL> -- examine current privileges
    SQL> show protection on database RDB$DBHANDLE;
    Protection on Alias RDB$DBHANDLE
    [DOC,DOC_WRITER]:
      With Grant Option:        SELECT,INSERT,UPDATE,DELETE,SHOW,CREATE,ALTER,DROP,
                                DBCTRL,OPERATOR,DBADM,SECURITY,DISTRIBTRAN
      Without Grant Option:     SELECT,INSERT,UPDATE,DELETE,SHOW,CREATE,ALTER,DROP,
                                DBCTRL,OPERATOR,DBADM,SECURITY,DISTRIBTRAN
    [DOC,DOC_READER]:
      With Grant Option:        NONE
      Without Grant Option:     SELECT,CREATE
    [*,*]:
      With Grant Option:        NONE
      Without Grant Option:     NONE
    SQL>
    SQL> -- revoke selected privileges
    SQL> revoke CREATE on database alias RDB$DBHANDLE from DOC_READER;
    SQL> revoke DISTRIBTRAN on database alias RDB$DBHANDLE from DOC_WRITER;
    SQL> show protection on database RDB$DBHANDLE;
    Protection on Alias RDB$DBHANDLE
    [DOC,DOC_WRITER]:
      With Grant Option:        SELECT,INSERT,UPDATE,DELETE,SHOW,CREATE,ALTER,DROP,
                                DBCTRL,OPERATOR,DBADM,SECURITY
      Without Grant Option:     SELECT,INSERT,UPDATE,DELETE,SHOW,CREATE,ALTER,DROP,
                                DBCTRL,OPERATOR,DBADM,SECURITY
    [DOC,DOC_READER]:
      With Grant Option:        NONE
      Without Grant Option:     SELECT
    [*,*]:
      With Grant Option:        NONE
      Without Grant Option:     NONE
    SQL>
    SQL> -- prevent drop by revoking the privilege
    SQL> revoke DROP on table * from DOC_READER;
    SQL> commit;

    Example 2: Revoking a privilege granted with the WITH GRANT
    OPTION clause

    When the privilege is revoked from the grantee, rdb_doc, who
    received the privilege with the WITH GRANT OPTION clause,
    the privilege is also revoked from all users who received the
    privilege from that grantee.

    SQL> SHOW PROTECTION ON TABLE EMPLOYEES;
    [*,*]:
      With Grant Option:        NONE
      Without Grant Option:     SELECT
    [SQL,WARRING]:
      With Grant Option:        SELECT,INSERT,UPDATE,DELETE,SHOW,CREATE,ALTER,
                                DROP,DBCTRL,OPERATOR,DBADM,REFERENCES
      Without Grant Option:     SELECT,INSERT,UPDATE,DELETE,SHOW,CREATE,ALTER,
                                DROP,DBCTRL,DBADM,REFERENCES
    [RDB,RDB_DOC]:
      With Grant Option:        SHOW
      Without Grant Option:     NONE
    SQL>
    SQL> REVOKE SHOW ON EMPLOYEES FROM [rdb,rdb_doc];
    SQL> SHOW PROTECTION ON EMPLOYEES;
    Protection on Table EMPLOYEES
    [*,*]:
      With Grant Option:        NONE
      Without Grant Option:     SELECT
    [RDB,RDB_DOC]:
      With Grant Option:        NONE
      Without Grant Option:     NONE

    Example 3: Revoking column privileges

    This example shows how to restrict privileges on a specific
    column by revoking the UPDATE privilege that has been granted
    for that column.

    SQL> SHOW PROTECTION ON COLUMN EMPLOYEES.EMPLOYEE_ID;
    [RDB,RDB_DOC]:
      With Grant Option:        NONE
      Without Grant Option:     UPDATE
    SQL> REVOKE UPDATE ON COLUMN EMPLOYEES.EMPLOYEE_ID FROM [rdb,rdb_doc];
    SQL> SHOW PROTECTION ON COLUMN EMPLOYEES.EMPLOYEE_ID;
    [RDB,RDB_DOC]:
      With Grant Option:        NONE
      Without Grant Option:     NONE

    Example 4: Revoking DROP Privilege from a Sequence for a User

    This example shows the action of REVOKE for a SEQUENCE in an ANSI
    style database.

    SQL> create sequence EMPLOYEE_ID_GEN;
    SQL> grant select on sequence EMPLOYEE_ID_GEN to public;
    SQL> grant all privileges on sequence EMPLOYEE_ID_GEN to stuart;
    SQL> show protection on sequence EMPLOYEE_ID_GEN;
    Protection on Sequence EMPLOYEE_ID_GEN
    [DOCS,STUART]:
      With Grant Option:        NONE
      Without Grant Option:     SELECT,SHOW,ALTER,DROP,DBCTRL,REFERENCES
    [DOCS,FREEMAN]:
      With Grant Option:        SELECT,SHOW,ALTER,DROP,DBCTRL,REFERENCES
      Without Grant Option:     NONE
    [*,*]:
      With Grant Option:        NONE
      Without Grant Option:     SELECT
    SQL> revoke drop on sequence EMPLOYEE_ID_GEN from stuart;
    SQL> show protection on sequence EMPLOYEE_ID_GEN;
    Protection on Sequence EMPLOYEE_ID_GEN
    [DOCS,STUART]:
      With Grant Option:        NONE
      Without Grant Option:     SELECT,SHOW,ALTER,DBCTRL,REFERENCES
    [DOCS,FREEMAN]:
      With Grant Option:        SELECT,SHOW,ALTER,DROP,DBCTRL,REFERENCES
      Without Grant Option:     NONE
    [*,*]:
      With Grant Option:        NONE
      Without Grant Option:     SELECT
    SQL>
Close Help