SQL$HELP_OLD72.HLB  —  REVOKE  Example
    Example 1: Using REVOKE to manage user access to the database and
    tables

    SQL> attach 'filename DB$:MF_PERSONNEL';
    SQL>
    SQL> -- examine current privileges
    SQL> show protection on database RDB$DBHANDLE;
    Protection on Alias RDB$DBHANDLE
        (IDENTIFIER=SQLNET4RDB,ACCESS=SELECT+INSERT+UPDATE+DELETE+SHOW+CREATE+ALTER+
          DROP+DBCTRL+OPERATOR+DBADM+SECURITY+DISTRIBTRAN)
        (IDENTIFIER=[DOC,DOC_READER],ACCESS=SELECT+CREATE)
        (IDENTIFIER=[DOC,DOC_WRITER],ACCESS=SELECT+INSERT+UPDATE+DELETE+SHOW+CREATE+
          ALTER+DROP+DBCTRL+OPERATOR+DBADM+REFERENCES)
        (IDENTIFIER=[*,*],ACCESS=SELECT+INSERT+UPDATE+DELETE+SHOW+CREATE+ALTER+DROP+
          OPERATOR+DBADM+REFERENCES)
    SQL>
    SQL> -- revoke selected privileges
    SQL> revoke CREATE on database alias RDB$DBHANDLE from DOC_WRITER;
    SQL> revoke DISTRIBTRAN on database alias RDB$DBHANDLE from DOC_REVIEWER;
    SQL> show protection on database RDB$DBHANDLE;
    Protection on Alias RDB$DBHANDLE
        (IDENTIFIER=SQLNET4RDB,ACCESS=SELECT+INSERT+UPDATE+DELETE+SHOW+CREATE+ALTER+
          DROP+DBCTRL+OPERATOR+DBADM+SECURITY+DISTRIBTRAN)
        (IDENTIFIER=[DOC,DOC_READER],ACCESS=SELECT)
        (IDENTIFIER=[DOC,DOC_WRITER],ACCESS=SELECT+INSERT+UPDATE+DELETE+SHOW+ALTER+
          DROP+DBCTRL+OPERATOR+DBADM+REFERENCES)
        (IDENTIFIER=[*,*],ACCESS=SELECT+INSERT+UPDATE+DELETE+SHOW+CREATE+ALTER+DROP+
          OPERATOR+DBADM+REFERENCES)
    SQL>
    SQL> -- No longer all access to DOC_REVIEWER, use wildcard for all tables
    SQL> revoke ALL PRIVILEGES on table * from DOC_REVIEWER;
    SQL> commit;

    Example 2: Revoking DROP Sequence Privileges from a User

    SQL> CREATE SEQUENCE EMPID;
    SQL> SHOW PROTECTION ON SEQUENCE EMPID
    Protection on Sequence EMPID
        (IDENTIFIER=[RDB,STUART],ACCESS=SELECT+SHOW+ALTER+DROP+DBCTRL)
        (IDENTIFIER=[*,*],ACCESS=NONE)
    SQL> GRANT SELECT ON SEQUENCE EMPID TO PUBLIC;
    SQL> SHOW PROTECTION ON SEQUENCE EMPID;
    Protection on Sequence EMPID
        (IDENTIFIER=[RDB,STUART],ACCESS=SELECT+SHOW+ALTER+DROP+DBCTRL)
        (IDENTIFIER=[*,*],ACCESS=SELECT)
    SQL> REVOKE DROP ON SEQUENCE EMPID FROM STUART;
    SQL> SHOW PROTECTION ON SEQUENCE EMPID;
    Protection on Sequence EMPID
        (IDENTIFIER=[RDB,STUART],ACCESS=SELECT+SHOW+ALTER+DBCTRL)
        (IDENTIFIER=[*,*],ACCESS=SELECT)
Close Help