summaryrefslogtreecommitdiffstats
path: root/doc/src/sgml/html/sql-revoke.html
diff options
context:
space:
mode:
Diffstat (limited to 'doc/src/sgml/html/sql-revoke.html')
-rw-r--r--doc/src/sgml/html/sql-revoke.html228
1 files changed, 228 insertions, 0 deletions
diff --git a/doc/src/sgml/html/sql-revoke.html b/doc/src/sgml/html/sql-revoke.html
new file mode 100644
index 0000000..fcdc21c
--- /dev/null
+++ b/doc/src/sgml/html/sql-revoke.html
@@ -0,0 +1,228 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>REVOKE</title><link rel="stylesheet" type="text/css" href="stylesheet.css" /><link rev="made" href="pgsql-docs@lists.postgresql.org" /><meta name="generator" content="DocBook XSL Stylesheets V1.79.1" /><link rel="prev" href="sql-reset.html" title="RESET" /><link rel="next" href="sql-rollback.html" title="ROLLBACK" /></head><body id="docContent" class="container-fluid col-10"><div xmlns="http://www.w3.org/TR/xhtml1/transitional" class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="5" align="center">REVOKE</th></tr><tr><td width="10%" align="left"><a accesskey="p" href="sql-reset.html" title="RESET">Prev</a> </td><td width="10%" align="left"><a accesskey="u" href="sql-commands.html" title="SQL Commands">Up</a></td><th width="60%" align="center">SQL Commands</th><td width="10%" align="right"><a accesskey="h" href="index.html" title="PostgreSQL 13.4 Documentation">Home</a></td><td width="10%" align="right"> <a accesskey="n" href="sql-rollback.html" title="ROLLBACK">Next</a></td></tr></table><hr></hr></div><div class="refentry" id="SQL-REVOKE"><div class="titlepage"></div><a id="id-1.9.3.165.1" class="indexterm"></a><div class="refnamediv"><h2><span class="refentrytitle">REVOKE</span></h2><p>REVOKE — remove access privileges</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><pre class="synopsis">
+REVOKE [ GRANT OPTION FOR ]
+ { { SELECT | INSERT | UPDATE | DELETE | TRUNCATE | REFERENCES | TRIGGER }
+ [, ...] | ALL [ PRIVILEGES ] }
+ ON { [ TABLE ] <em class="replaceable"><code>table_name</code></em> [, ...]
+ | ALL TABLES IN SCHEMA <em class="replaceable"><code>schema_name</code></em> [, ...] }
+ FROM <em class="replaceable"><code>role_specification</code></em> [, ...]
+ [ CASCADE | RESTRICT ]
+
+REVOKE [ GRANT OPTION FOR ]
+ { { SELECT | INSERT | UPDATE | REFERENCES } ( <em class="replaceable"><code>column_name</code></em> [, ...] )
+ [, ...] | ALL [ PRIVILEGES ] ( <em class="replaceable"><code>column_name</code></em> [, ...] ) }
+ ON [ TABLE ] <em class="replaceable"><code>table_name</code></em> [, ...]
+ FROM <em class="replaceable"><code>role_specification</code></em> [, ...]
+ [ CASCADE | RESTRICT ]
+
+REVOKE [ GRANT OPTION FOR ]
+ { { USAGE | SELECT | UPDATE }
+ [, ...] | ALL [ PRIVILEGES ] }
+ ON { SEQUENCE <em class="replaceable"><code>sequence_name</code></em> [, ...]
+ | ALL SEQUENCES IN SCHEMA <em class="replaceable"><code>schema_name</code></em> [, ...] }
+ FROM <em class="replaceable"><code>role_specification</code></em> [, ...]
+ [ CASCADE | RESTRICT ]
+
+REVOKE [ GRANT OPTION FOR ]
+ { { CREATE | CONNECT | TEMPORARY | TEMP } [, ...] | ALL [ PRIVILEGES ] }
+ ON DATABASE <em class="replaceable"><code>database_name</code></em> [, ...]
+ FROM <em class="replaceable"><code>role_specification</code></em> [, ...]
+ [ CASCADE | RESTRICT ]
+
+REVOKE [ GRANT OPTION FOR ]
+ { USAGE | ALL [ PRIVILEGES ] }
+ ON DOMAIN <em class="replaceable"><code>domain_name</code></em> [, ...]
+ FROM <em class="replaceable"><code>role_specification</code></em> [, ...]
+ [ CASCADE | RESTRICT ]
+
+REVOKE [ GRANT OPTION FOR ]
+ { USAGE | ALL [ PRIVILEGES ] }
+ ON FOREIGN DATA WRAPPER <em class="replaceable"><code>fdw_name</code></em> [, ...]
+ FROM <em class="replaceable"><code>role_specification</code></em> [, ...]
+ [ CASCADE | RESTRICT ]
+
+REVOKE [ GRANT OPTION FOR ]
+ { USAGE | ALL [ PRIVILEGES ] }
+ ON FOREIGN SERVER <em class="replaceable"><code>server_name</code></em> [, ...]
+ FROM <em class="replaceable"><code>role_specification</code></em> [, ...]
+ [ CASCADE | RESTRICT ]
+
+REVOKE [ GRANT OPTION FOR ]
+ { EXECUTE | ALL [ PRIVILEGES ] }
+ ON { { FUNCTION | PROCEDURE | ROUTINE } <em class="replaceable"><code>function_name</code></em> [ ( [ [ <em class="replaceable"><code>argmode</code></em> ] [ <em class="replaceable"><code>arg_name</code></em> ] <em class="replaceable"><code>arg_type</code></em> [, ...] ] ) ] [, ...]
+ | ALL { FUNCTIONS | PROCEDURES | ROUTINES } IN SCHEMA <em class="replaceable"><code>schema_name</code></em> [, ...] }
+ FROM <em class="replaceable"><code>role_specification</code></em> [, ...]
+ [ CASCADE | RESTRICT ]
+
+REVOKE [ GRANT OPTION FOR ]
+ { USAGE | ALL [ PRIVILEGES ] }
+ ON LANGUAGE <em class="replaceable"><code>lang_name</code></em> [, ...]
+ FROM <em class="replaceable"><code>role_specification</code></em> [, ...]
+ [ CASCADE | RESTRICT ]
+
+REVOKE [ GRANT OPTION FOR ]
+ { { SELECT | UPDATE } [, ...] | ALL [ PRIVILEGES ] }
+ ON LARGE OBJECT <em class="replaceable"><code>loid</code></em> [, ...]
+ FROM <em class="replaceable"><code>role_specification</code></em> [, ...]
+ [ CASCADE | RESTRICT ]
+
+REVOKE [ GRANT OPTION FOR ]
+ { { CREATE | USAGE } [, ...] | ALL [ PRIVILEGES ] }
+ ON SCHEMA <em class="replaceable"><code>schema_name</code></em> [, ...]
+ FROM <em class="replaceable"><code>role_specification</code></em> [, ...]
+ [ CASCADE | RESTRICT ]
+
+REVOKE [ GRANT OPTION FOR ]
+ { CREATE | ALL [ PRIVILEGES ] }
+ ON TABLESPACE <em class="replaceable"><code>tablespace_name</code></em> [, ...]
+ FROM <em class="replaceable"><code>role_specification</code></em> [, ...]
+ [ CASCADE | RESTRICT ]
+
+REVOKE [ GRANT OPTION FOR ]
+ { USAGE | ALL [ PRIVILEGES ] }
+ ON TYPE <em class="replaceable"><code>type_name</code></em> [, ...]
+ FROM <em class="replaceable"><code>role_specification</code></em> [, ...]
+ [ CASCADE | RESTRICT ]
+
+REVOKE [ ADMIN OPTION FOR ]
+ <em class="replaceable"><code>role_name</code></em> [, ...] FROM <em class="replaceable"><code>role_specification</code></em> [, ...]
+ [ GRANTED BY <em class="replaceable"><code>role_specification</code></em> ]
+ [ CASCADE | RESTRICT ]
+
+<span class="phrase">where <em class="replaceable"><code>role_specification</code></em> can be:</span>
+
+ [ GROUP ] <em class="replaceable"><code>role_name</code></em>
+ | PUBLIC
+ | CURRENT_USER
+ | SESSION_USER
+</pre></div><div class="refsect1" id="SQL-REVOKE-DESCRIPTION"><h2>Description</h2><p>
+ The <code class="command">REVOKE</code> command revokes previously granted
+ privileges from one or more roles. The key word
+ <code class="literal">PUBLIC</code> refers to the implicitly defined group of
+ all roles.
+ </p><p>
+ See the description of the <a class="xref" href="sql-grant.html" title="GRANT"><span class="refentrytitle">GRANT</span></a> command for
+ the meaning of the privilege types.
+ </p><p>
+ Note that any particular role will have the sum
+ of privileges granted directly to it, privileges granted to any role it
+ is presently a member of, and privileges granted to
+ <code class="literal">PUBLIC</code>. Thus, for example, revoking <code class="literal">SELECT</code> privilege
+ from <code class="literal">PUBLIC</code> does not necessarily mean that all roles
+ have lost <code class="literal">SELECT</code> privilege on the object: those who have it granted
+ directly or via another role will still have it. Similarly, revoking
+ <code class="literal">SELECT</code> from a user might not prevent that user from using
+ <code class="literal">SELECT</code> if <code class="literal">PUBLIC</code> or another membership
+ role still has <code class="literal">SELECT</code> rights.
+ </p><p>
+ If <code class="literal">GRANT OPTION FOR</code> is specified, only the grant
+ option for the privilege is revoked, not the privilege itself.
+ Otherwise, both the privilege and the grant option are revoked.
+ </p><p>
+ If a user holds a privilege with grant option and has granted it to
+ other users then the privileges held by those other users are
+ called dependent privileges. If the privilege or the grant option
+ held by the first user is being revoked and dependent privileges
+ exist, those dependent privileges are also revoked if
+ <code class="literal">CASCADE</code> is specified; if it is not, the revoke action
+ will fail. This recursive revocation only affects privileges that
+ were granted through a chain of users that is traceable to the user
+ that is the subject of this <code class="literal">REVOKE</code> command.
+ Thus, the affected users might effectively keep the privilege if it
+ was also granted through other users.
+ </p><p>
+ When revoking privileges on a table, the corresponding column privileges
+ (if any) are automatically revoked on each column of the table, as well.
+ On the other hand, if a role has been granted privileges on a table, then
+ revoking the same privileges from individual columns will have no effect.
+ </p><p>
+ When revoking membership in a role, <code class="literal">GRANT OPTION</code> is instead
+ called <code class="literal">ADMIN OPTION</code>, but the behavior is similar.
+ This form of the command also allows a <code class="literal">GRANTED BY</code>
+ option, but that option is currently ignored (except for checking
+ the existence of the named role).
+ Note also that this form of the command does not
+ allow the noise word <code class="literal">GROUP</code>
+ in <em class="replaceable"><code>role_specification</code></em>.
+ </p></div><div class="refsect1" id="SQL-REVOKE-NOTES"><h2>Notes</h2><p>
+ A user can only revoke privileges that were granted directly by
+ that user. If, for example, user A has granted a privilege with
+ grant option to user B, and user B has in turn granted it to user
+ C, then user A cannot revoke the privilege directly from C.
+ Instead, user A could revoke the grant option from user B and use
+ the <code class="literal">CASCADE</code> option so that the privilege is
+ in turn revoked from user C. For another example, if both A and B
+ have granted the same privilege to C, A can revoke their own grant
+ but not B's grant, so C will still effectively have the privilege.
+ </p><p>
+ When a non-owner of an object attempts to <code class="command">REVOKE</code> privileges
+ on the object, the command will fail outright if the user has no
+ privileges whatsoever on the object. As long as some privilege is
+ available, the command will proceed, but it will revoke only those
+ privileges for which the user has grant options. The <code class="command">REVOKE ALL
+ PRIVILEGES</code> forms will issue a warning message if no grant options are
+ held, while the other forms will issue a warning if grant options for
+ any of the privileges specifically named in the command are not held.
+ (In principle these statements apply to the object owner as well, but
+ since the owner is always treated as holding all grant options, the
+ cases can never occur.)
+ </p><p>
+ If a superuser chooses to issue a <code class="command">GRANT</code> or <code class="command">REVOKE</code>
+ command, the command is performed as though it were issued by the
+ owner of the affected object. Since all privileges ultimately come
+ from the object owner (possibly indirectly via chains of grant options),
+ it is possible for a superuser to revoke all privileges, but this might
+ require use of <code class="literal">CASCADE</code> as stated above.
+ </p><p>
+ <code class="command">REVOKE</code> can also be done by a role
+ that is not the owner of the affected object, but is a member of the role
+ that owns the object, or is a member of a role that holds privileges
+ <code class="literal">WITH GRANT OPTION</code> on the object. In this case the
+ command is performed as though it were issued by the containing role that
+ actually owns the object or holds the privileges
+ <code class="literal">WITH GRANT OPTION</code>. For example, if table
+ <code class="literal">t1</code> is owned by role <code class="literal">g1</code>, of which role
+ <code class="literal">u1</code> is a member, then <code class="literal">u1</code> can revoke privileges
+ on <code class="literal">t1</code> that are recorded as being granted by <code class="literal">g1</code>.
+ This would include grants made by <code class="literal">u1</code> as well as by other
+ members of role <code class="literal">g1</code>.
+ </p><p>
+ If the role executing <code class="command">REVOKE</code> holds privileges
+ indirectly via more than one role membership path, it is unspecified
+ which containing role will be used to perform the command. In such cases
+ it is best practice to use <code class="command">SET ROLE</code> to become the specific
+ role you want to do the <code class="command">REVOKE</code> as. Failure to do so might
+ lead to revoking privileges other than the ones you intended, or not
+ revoking anything at all.
+ </p><p>
+ See <a class="xref" href="ddl-priv.html" title="5.7. Privileges">Section 5.7</a> for more information about specific
+ privilege types, as well as how to inspect objects' privileges.
+ </p></div><div class="refsect1" id="SQL-REVOKE-EXAMPLES"><h2>Examples</h2><p>
+ Revoke insert privilege for the public on table
+ <code class="literal">films</code>:
+
+</p><pre class="programlisting">
+REVOKE INSERT ON films FROM PUBLIC;
+</pre><p>
+ </p><p>
+ Revoke all privileges from user <code class="literal">manuel</code> on view
+ <code class="literal">kinds</code>:
+
+</p><pre class="programlisting">
+REVOKE ALL PRIVILEGES ON kinds FROM manuel;
+</pre><p>
+
+ Note that this actually means <span class="quote">“<span class="quote">revoke all privileges that I
+ granted</span>”</span>.
+ </p><p>
+ Revoke membership in role <code class="literal">admins</code> from user <code class="literal">joe</code>:
+
+</p><pre class="programlisting">
+REVOKE admins FROM joe;
+</pre></div><div class="refsect1" id="SQL-REVOKE-COMPATIBILITY"><h2>Compatibility</h2><p>
+ The compatibility notes of the <a class="xref" href="sql-grant.html" title="GRANT"><span class="refentrytitle">GRANT</span></a> command
+ apply analogously to <code class="command">REVOKE</code>.
+ The keyword <code class="literal">RESTRICT</code> or <code class="literal">CASCADE</code>
+ is required according to the standard, but <span class="productname">PostgreSQL</span>
+ assumes <code class="literal">RESTRICT</code> by default.
+ </p></div><div class="refsect1" id="id-1.9.3.165.9"><h2>See Also</h2><span class="simplelist"><a class="xref" href="sql-grant.html" title="GRANT"><span class="refentrytitle">GRANT</span></a>, <a class="xref" href="sql-alterdefaultprivileges.html" title="ALTER DEFAULT PRIVILEGES"><span class="refentrytitle">ALTER DEFAULT PRIVILEGES</span></a></span></div></div><div xmlns="http://www.w3.org/TR/xhtml1/transitional" class="navfooter"><hr></hr><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="sql-reset.html" title="RESET">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="sql-commands.html" title="SQL Commands">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="sql-rollback.html" title="ROLLBACK">Next</a></td></tr><tr><td width="40%" align="left" valign="top">RESET </td><td width="20%" align="center"><a accesskey="h" href="index.html" title="PostgreSQL 13.4 Documentation">Home</a></td><td width="40%" align="right" valign="top"> ROLLBACK</td></tr></table></div></body></html> \ No newline at end of file