Doc Map

REVOKE

Function

REVOKE is used to revoke permissions from one or more roles.

Precautions

This section describes only the new syntax of Dolphin. The original syntax of openGauss is not deleted or modified. The ALTER ROUTINE, CRAETE ROUTINE, CREATE TEMPORARY TABLES, CREATE USER, CREATE TABLESPACE and INDEX permissions are added.

Syntax

  • The ALTER ROUTINE permission is added.

The ALTER permission is basically the same as that of the function and procedure.

The syntax after modification is described as follows:

REVOKE { { EXECUTE | ALTER ROUTINE | ALTER | DROP | COMMENT } [, ...] | ALL [ PRIVILEGES ] }
ON {FUNCTION {function_name ( [ {[ argmode ] [ arg_name ] arg_type} [, ...] ] )} | PROCEDURE {proc_name ( [ {[ argmode ] [ arg_name ] arg_type} [, ...] ] )} [, ...] | ALL FUNCTIONS IN SCHEMA schema_name [, ...] | ALL PROCEDURE IN SCHEMA schema_name [, ...] | schema_name.*}
FROM { [ GROUP ] role_name | PUBLIC } [, ...]
[ WITH GRANT OPTION ];
  • The CREATE ROUTINE permission is added.

The permission is basically the same as that of CREATE ANY FUNCTION.

The syntax after modification is described as follows:

REVOKE { CREATE ANY TABLE | ALTER ANY TABLE | DROP ANY TABLE | SELECT ANY TABLE | INSERT ANY TABLE | UPDATE ANY TABLE |
  DELETE ANY TABLE | CREATE ANY SEQUENCE | CREATE ANY INDEX | CREATE ANY FUNCTION | CREATE ROUTINE | EXECUTE ANY FUNCTION |
  CREATE ANY PACKAGE | EXECUTE ANY PACKAGE | CREATE ANY TYPE } [, ...]
  [ON *.*]
  FROM [ GROUP ] role_name [, ...]
  [ WITH ADMIN OPTION ];
  • The CREATE TEMPORARY TABLES permission is added.

The permission is basically the same as that of TEMPORARY.

The syntax after modification is described as follows:

REVOKE { { CREATE | CONNECT | CREATE TEMPORARY TABLES | TEMPORARY | TEMP | ALTER | DROP | COMMENT } [, ...]
    | ALL [ PRIVILEGES ] }
    ON { DATABASE database_name [, ...] | database_name.* }
    FROM { [ GROUP ] role_name | PUBLIC } [, ...]
    [ WITH GRANT OPTION ];
  • The CREATE USER permission is added.

It controls users' permission to create new users, which is basically the same as the CREATEROLE and NOCREATEROLE permissions of users.

The new syntax is described as follows:

REVOKE CREATE USER ON *.* FROM ROLE_NAME;
  • The CREATE TABLESPACE permission is added.

It controls users' permission to create tablespaces.

The new syntax is described as follows:

REVOKE CREATE TABLESPACE ON *.* FROM ROLE_NAME;
  • The INDEX permission is added.

The permission is basically the same as that of CREATE ANY INDEX.

The syntax after modification is described as follows:

REVOKE { CREATE ANY TABLE | ALTER ANY TABLE | DROP ANY TABLE | SELECT ANY TABLE | INSERT ANY TABLE | UPDATE ANY TABLE |
  DELETE ANY TABLE | CREATE ANY SEQUENCE | CREATE ANY INDEX | INDEX | CREATE ANY FUNCTION | EXECUTE ANY FUNCTION |
  CREATE ANY PACKAGE | EXECUTE ANY PACKAGE | CREATE ANY TYPE } [, ...]
  { ON *.* }
  FROM [ GROUP ] role_name [, ...]
  [ WITH ADMIN OPTION ];

Parameter Description

N/A

Examples

REVOKE ALTER ROUTINE ON FUNCTION TEST FROM USER_TESTER;

REVOKE CREATE ANY FUNCTION FROM USER_TESTER;

REVOKE CREATE TEMPORARY TABLES ON DATABASE DATABASE_TEST FROM USER_TESTER; 

REVOKE CREATE USER ON *.* FROM USER_TESTER;

REVOKE CREATE TABLESPACE ON *.* FROM USER_TESTER;

REVOKE INDEX FROM TEST_USER;

Helpful Links

REVOKE

Feedback
编组 3备份

您对 openGauss文档 的整体满意度如何?

0
0-不满意10-非常满意

0/500

感谢您的反馈,如需帮助可联系contact@opengauss.org

问题反馈

contact@opengauss.org

    openGauss 2024-05-19 00:42:09
    cancel