Entering content frame

REVOKE Statement (revoke_statement) Locate the document in its SAP Library structure

The REVOKE statement revokes privileges.

Syntax

<revoke statement> ::= REVOKE <priv spec>,... FROM <grantee>,... [<cascade_option>]
| REVOKE EXECUTE ON <dbproc_name> FROM <grantee>,...
| REVOKE SELECT ON <sequence_name> FROM <grantee>,... [<cascade_option>]

priv_spec, grantee, cascade_option, dbproc_name, sequence_name

Explanation

The owner of a table can revoke the privileges granted for this table from any user.

If a user is not the owner of the table, he may only revoke the privileges he has granted.

If the SELECT privilege was granted for a table any specified column names, REVOKE SELECT (<column name>,...) can be used to revoke the SELECT privilege (see privilege type) for the specified columns; the SELECT privilege for table columns that have not been specified remains unchanged. The same is true for the UPDATE, REFERENCES, and SELUPD privileges.

The REVOKE statement can cascade; that is, revoking a privilege from one user can result in this privilege being revoked from other users who have received the privilege from the user in question.

Example

Let U1, U2, and U3 be users.
U1 grants U2 the privilege set P WITH GRANT OPTION.
U1 grants U3 the privilege set P' (P'<=P).

If U1 revokes the privilege set P'' (P''<=P) from user U2, the privilege set (P'*P'') is revoked implicitly from user U3.

REVOKE EXECUTE

If REVOKE EXECUTE is specified, the authorization to execute the database procedure is revoked from the user identified by grantee. The authorization for execution can only be revoked by the owner of the database procedure.

Leaving content frame