postgresql/doc/src/sgml/ref/revoke.sgml

<!--
$Header: /cvsroot/pgsql/doc/src/sgml/ref/revoke.sgml,v 1.23 2002/11/21 23:34:43 petere Exp $
PostgreSQL documentation
-->

<refentry id="SQL-REVOKE">
 <refmeta>
  <refentrytitle id="sql-revoke-title">REVOKE</refentrytitle>
  <refmiscinfo>SQL - Language Statements</refmiscinfo>
 </refmeta>

 <refnamediv>
  <refname>REVOKE</refname>
  <refpurpose>remove access privileges</refpurpose>
 </refnamediv>

 <refsynopsisdiv>
<synopsis>
REVOKE { { SELECT | INSERT | UPDATE | DELETE | RULE | REFERENCES | TRIGGER }
    [,...] | ALL [ PRIVILEGES ] }
    ON [ TABLE ] <replaceable class="PARAMETER">tablename</replaceable> [, ...]
    FROM { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]

REVOKE { { CREATE | TEMPORARY | TEMP } [,...] | ALL [ PRIVILEGES ] }
    ON DATABASE <replaceable>dbname</replaceable> [, ...]
    FROM { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]

REVOKE { EXECUTE | ALL [ PRIVILEGES ] }
    ON FUNCTION <replaceable>funcname</replaceable> ([<replaceable>type</replaceable>, ...]) [, ...]
    FROM { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]

REVOKE { USAGE | ALL [ PRIVILEGES ] }
    ON LANGUAGE <replaceable>langname</replaceable> [, ...]
    FROM { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]

REVOKE { { CREATE | USAGE } [,...] | ALL [ PRIVILEGES ] }
    ON SCHEMA <replaceable>schemaname</replaceable> [, ...]
    FROM { <replaceable class="PARAMETER">username</replaceable> | GROUP <replaceable class="PARAMETER">groupname</replaceable> | PUBLIC } [, ...]
</synopsis>
 </refsynopsisdiv>

 <refsect1 id="SQL-REVOKE-description">
  <title>Description</title>

  <para>
   <command>REVOKE</command> allows the creator of an object to revoke
   previously granted permissions from one or more users or groups of users.
   The key word <literal>PUBLIC</literal> refers to the implicitly defined
   group of all users.
  </para>

  <para>
   Note that any particular user will have the sum
   of privileges granted directly to him, privileges granted to any group he
   is presently a member of, and privileges granted to
   <literal>PUBLIC</literal>.  Thus, for example, revoking SELECT privilege
   from <literal>PUBLIC</literal> does not necessarily mean that all users
   have lost SELECT privilege on the object: those who have it granted
   directly or via a group will still have it.
  </para>

  <para>
   See the description of the <xref linkend="sql-grant" endterm="sql-grant-title"> command for
   the meaning of the privilege types.
  </para>
 </refsect1>

 <refsect1 id="SQL-REVOKE-notes">
  <title>Notes</title>

  <para>
   Use <xref linkend="app-psql">'s <command>\z</command> command to
   display the privileges granted on existing objects.  See also <xref
   linkend="sql-grant" endterm="sql-grant-title"> for information about the format.
  </para>
 </refsect1>

 <refsect1 id="SQL-REVOKE-examples">
  <title>Examples</title>

  <para>
   Revoke insert privilege for the public on table
   <literal>films</literal>:

<programlisting>
REVOKE INSERT ON films FROM PUBLIC;
</programlisting>
  </para>

  <para>
   Revoke all privileges from user <literal>manuel</literal> on view <literal>kinds</literal>:

<programlisting>  
REVOKE ALL PRIVILEGES ON kinds FROM manuel;
</programlisting>
  </para>
 </refsect1>

 <refsect1 id="SQL-REVOKE-compatibility">
  <title>Compatibility</title>

  <refsect2>
   <title>SQL92</title>

   <para>
    The compatibility notes of the <xref linkend="sql-grant" endterm="sql-grant-title"> command
    apply analogously to <command>REVOKE</command>.  The syntax summary is:

<synopsis>
REVOKE [ GRANT OPTION FOR ] { SELECT | INSERT | UPDATE | DELETE | REFERENCES }
    ON <replaceable class="parameter">object</replaceable> [ ( <replaceable class="parameter">column</replaceable> [, ...] ) ]
    FROM { PUBLIC | <replaceable class="parameter">username</replaceable> [, ...] }
    { RESTRICT | CASCADE }
</synopsis>
   </para>

   <para> 
    If user1 gives a privilege WITH GRANT OPTION to user2,
    and user2 gives it to user3 then user1 can revoke
    this privilege in cascade using the CASCADE keyword.
    If user1 gives a privilege WITH GRANT OPTION to user2,
    and user2 gives it to user3, then if user1 tries to revoke
    this privilege it fails if he specifies the RESTRICT
    keyword.
   </para>
  </refsect2>
 </refsect1>

 <refsect1>
  <title>See Also</title>

  <simpara>
   <xref linkend="sql-grant" endterm="sql-grant-title">
  </simpara>
 </refsect1>

</refentry>

<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:nil
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:1
sgml-indent-data:t
sgml-parent-document:nil
sgml-default-dtd-file:"../reference.ced"
sgml-exposed-tags:nil
sgml-local-catalogs:"/usr/lib/sgml/catalog"
sgml-local-ecat-files:nil
End:
-->
Complete merge of all old man page information. ecpg reference page still needs formatting. 1999-07-22 17:09:15 +02:00			`<!--`
Fixups for man pages 2002-11-22 00:34:43 +01:00			$Header: /cvsroot/pgsql/doc/src/sgml/ref/revoke.sgml,v 1.23 2002/11/21 23:34:43 petere Exp $
Use PostgreSQL consistantly throughout docs. Before, usage was split evenly between Postgres and PostgreSQL. 2001-12-08 04:24:40 +01:00			`PostgreSQL documentation`
Complete merge of all old man page information. ecpg reference page still needs formatting. 1999-07-22 17:09:15 +02:00			`-->`

Minor updates for release. Split reference pages for CREATE TABLE AS and SELECT INTO to allow psgml (the emacs parser) to handle parsing. 1999-06-14 09:37:05 +02:00			`<refentry id="SQL-REVOKE">`
			`<refmeta>`
Initial round of tweakage for man pages 2001-11-18 21:35:02 +01:00			`<refentrytitle id="sql-revoke-title">REVOKE</refentrytitle>`
Minor updates for release. Split reference pages for CREATE TABLE AS and SELECT INTO to allow psgml (the emacs parser) to handle parsing. 1999-06-14 09:37:05 +02:00			`<refmiscinfo>SQL - Language Statements</refmiscinfo>`
			`</refmeta>`
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test. 2001-05-27 11:59:30 +02:00
Minor updates for release. Split reference pages for CREATE TABLE AS and SELECT INTO to allow psgml (the emacs parser) to handle parsing. 1999-06-14 09:37:05 +02:00			`<refnamediv>`
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test. 2001-05-27 11:59:30 +02:00			`<refname>REVOKE</refname>`
Put some kind of grammatical uniformity in the <refpurpose> lines. 2001-09-03 14:57:50 +02:00			`<refpurpose>remove access privileges</refpurpose>`
Minor updates for release. Split reference pages for CREATE TABLE AS and SELECT INTO to allow psgml (the emacs parser) to handle parsing. 1999-06-14 09:37:05 +02:00			`</refnamediv>`

Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test. 2001-05-27 11:59:30 +02:00			`<refsynopsisdiv>`
			`<synopsis>`
Wrap some SQL syntax examples so \h shows them better. 2002-02-21 23:39:36 +01:00			`REVOKE { { SELECT \| INSERT \| UPDATE \| DELETE \| RULE \| REFERENCES \| TRIGGER }`
			`[,...] \| ALL [ PRIVILEGES ] }`
Restructure AclItem representation so that we can have more than eight different privilege bits (might as well make use of the space we were wasting on padding). EXECUTE and USAGE bits for procedures, languages now are separate privileges instead of being overlaid on SELECT. Add privileges for namespaces and databases. The GRANT and REVOKE commands work for these object types, but we don't actually enforce the privileges yet... 2002-04-21 02:26:44 +02:00			`ON [ TABLE ] <replaceable class="PARAMETER">tablename</replaceable> [, ...]`
			`FROM { <replaceable class="PARAMETER">username</replaceable> \| GROUP <replaceable class="PARAMETER">groupname</replaceable> \| PUBLIC } [, ...]`

			`REVOKE { { CREATE \| TEMPORARY \| TEMP } [,...] \| ALL [ PRIVILEGES ] }`
			`ON DATABASE <replaceable>dbname</replaceable> [, ...]`
Allow GRANT/REVOKE to/from more than one user per invocation. Command tag for GRANT/REVOKE is now just that, not "CHANGE". On the way, migrate some of the aclitem internal representation away from the parser and build a real parse tree instead. Also add some 'const' qualifiers. 2001-06-10 01:21:55 +02:00			`FROM { <replaceable class="PARAMETER">username</replaceable> \| GROUP <replaceable class="PARAMETER">groupname</replaceable> \| PUBLIC } [, ...]`
Privileges on functions and procedural languages 2002-02-19 00:11:58 +01:00
			`REVOKE { EXECUTE \| ALL [ PRIVILEGES ] }`
			`ON FUNCTION <replaceable>funcname</replaceable> ([<replaceable>type</replaceable>, ...]) [, ...]`
			`FROM { <replaceable class="PARAMETER">username</replaceable> \| GROUP <replaceable class="PARAMETER">groupname</replaceable> \| PUBLIC } [, ...]`

			`REVOKE { USAGE \| ALL [ PRIVILEGES ] }`
			`ON LANGUAGE <replaceable>langname</replaceable> [, ...]`
			`FROM { <replaceable class="PARAMETER">username</replaceable> \| GROUP <replaceable class="PARAMETER">groupname</replaceable> \| PUBLIC } [, ...]`
Restructure AclItem representation so that we can have more than eight different privilege bits (might as well make use of the space we were wasting on padding). EXECUTE and USAGE bits for procedures, languages now are separate privileges instead of being overlaid on SELECT. Add privileges for namespaces and databases. The GRANT and REVOKE commands work for these object types, but we don't actually enforce the privileges yet... 2002-04-21 02:26:44 +02:00
			`REVOKE { { CREATE \| USAGE } [,...] \| ALL [ PRIVILEGES ] }`
			`ON SCHEMA <replaceable>schemaname</replaceable> [, ...]`
			`FROM { <replaceable class="PARAMETER">username</replaceable> \| GROUP <replaceable class="PARAMETER">groupname</replaceable> \| PUBLIC } [, ...]`
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test. 2001-05-27 11:59:30 +02:00			`</synopsis>`
Minor updates for release. Split reference pages for CREATE TABLE AS and SELECT INTO to allow psgml (the emacs parser) to handle parsing. 1999-06-14 09:37:05 +02:00			`</refsynopsisdiv>`

Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test. 2001-05-27 11:59:30 +02:00			`<refsect1 id="SQL-REVOKE-description">`
			`<title>Description</title>`

Minor updates for release. Split reference pages for CREATE TABLE AS and SELECT INTO to allow psgml (the emacs parser) to handle parsing. 1999-06-14 09:37:05 +02:00			`<para>`
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test. 2001-05-27 11:59:30 +02:00			`<command>REVOKE</command> allows the creator of an object to revoke`
Try to be a little bit clearer about the implications of GRANT TO PUBLIC and REVOKE FROM PUBLIC: the latter is not the same as 'revoke from all users', but the ref page blurred the difference. 2001-11-19 20:03:56 +01:00			`previously granted permissions from one or more users or groups of users.`
			`The key word <literal>PUBLIC</literal> refers to the implicitly defined`
			`group of all users.`
			`</para>`

			`<para>`
			`Note that any particular user will have the sum`
			`of privileges granted directly to him, privileges granted to any group he`
			`is presently a member of, and privileges granted to`
			`<literal>PUBLIC</literal>. Thus, for example, revoking SELECT privilege`
			`from <literal>PUBLIC</literal> does not necessarily mean that all users`
			`have lost SELECT privilege on the object: those who have it granted`
			`directly or via a group will still have it.`
Minor updates for release. Split reference pages for CREATE TABLE AS and SELECT INTO to allow psgml (the emacs parser) to handle parsing. 1999-06-14 09:37:05 +02:00			`</para>`

Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test. 2001-05-27 11:59:30 +02:00			`<para>`
Initial round of tweakage for man pages 2001-11-18 21:35:02 +01:00			`See the description of the <xref linkend="sql-grant" endterm="sql-grant-title"> command for`
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test. 2001-05-27 11:59:30 +02:00			`the meaning of the privilege types.`
			`</para>`
			`</refsect1>`
Fix markup for docbook2man man page generation. No big deal; fixed lots of other markup at the same time. Bigest change: make sure there is no whitespace in front of <term> contents. This will probably help the other output types too. 1999-07-06 19:16:42 +02:00
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test. 2001-05-27 11:59:30 +02:00			`<refsect1 id="SQL-REVOKE-notes">`
			`<title>Notes</title>`
Minor updates for release. Split reference pages for CREATE TABLE AS and SELECT INTO to allow psgml (the emacs parser) to handle parsing. 1999-06-14 09:37:05 +02:00
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test. 2001-05-27 11:59:30 +02:00			`<para>`
			`Use <xref linkend="app-psql">'s <command>\z</command> command to`
			`display the privileges granted on existing objects. See also <xref`
Fixups for man pages 2002-11-22 00:34:43 +01:00			`linkend="sql-grant" endterm="sql-grant-title"> for information about the format.`
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test. 2001-05-27 11:59:30 +02:00			`</para>`
Minor updates for release. Split reference pages for CREATE TABLE AS and SELECT INTO to allow psgml (the emacs parser) to handle parsing. 1999-06-14 09:37:05 +02:00			`</refsect1>`

Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test. 2001-05-27 11:59:30 +02:00			`<refsect1 id="SQL-REVOKE-examples">`
			`<title>Examples</title>`

Minor updates for release. Split reference pages for CREATE TABLE AS and SELECT INTO to allow psgml (the emacs parser) to handle parsing. 1999-06-14 09:37:05 +02:00			`<para>`
Try to be a little bit clearer about the implications of GRANT TO PUBLIC and REVOKE FROM PUBLIC: the latter is not the same as 'revoke from all users', but the ref page blurred the difference. 2001-11-19 20:03:56 +01:00			`Revoke insert privilege for the public on table`
Fix markup for docbook2man man page generation. No big deal; fixed lots of other markup at the same time. Bigest change: make sure there is no whitespace in front of <term> contents. This will probably help the other output types too. 1999-07-06 19:16:42 +02:00			`<literal>films</literal>:`

Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test. 2001-05-27 11:59:30 +02:00			`<programlisting>`
Minor updates for release. Split reference pages for CREATE TABLE AS and SELECT INTO to allow psgml (the emacs parser) to handle parsing. 1999-06-14 09:37:05 +02:00			`REVOKE INSERT ON films FROM PUBLIC;`
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test. 2001-05-27 11:59:30 +02:00			`</programlisting>`
Fix markup for docbook2man man page generation. No big deal; fixed lots of other markup at the same time. Bigest change: make sure there is no whitespace in front of <term> contents. This will probably help the other output types too. 1999-07-06 19:16:42 +02:00			`</para>`

			`<para>`
			`Revoke all privileges from user <literal>manuel</literal> on view <literal>kinds</literal>:`
Minor updates for release. Split reference pages for CREATE TABLE AS and SELECT INTO to allow psgml (the emacs parser) to handle parsing. 1999-06-14 09:37:05 +02:00
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test. 2001-05-27 11:59:30 +02:00			`<programlisting>`
			`REVOKE ALL PRIVILEGES ON kinds FROM manuel;`
			`</programlisting>`
Minor updates for release. Split reference pages for CREATE TABLE AS and SELECT INTO to allow psgml (the emacs parser) to handle parsing. 1999-06-14 09:37:05 +02:00			`</para>`
			`</refsect1>`

Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test. 2001-05-27 11:59:30 +02:00			`<refsect1 id="SQL-REVOKE-compatibility">`
			`<title>Compatibility</title>`
Minor updates for release. Split reference pages for CREATE TABLE AS and SELECT INTO to allow psgml (the emacs parser) to handle parsing. 1999-06-14 09:37:05 +02:00
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test. 2001-05-27 11:59:30 +02:00			`<refsect2>`
			`<title>SQL92</title>`
Complete merge of all old man page information. ecpg reference page still needs formatting. 1999-07-22 17:09:15 +02:00
Minor updates for release. Split reference pages for CREATE TABLE AS and SELECT INTO to allow psgml (the emacs parser) to handle parsing. 1999-06-14 09:37:05 +02:00			`<para>`
Initial round of tweakage for man pages 2001-11-18 21:35:02 +01:00			`The compatibility notes of the <xref linkend="sql-grant" endterm="sql-grant-title"> command`
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test. 2001-05-27 11:59:30 +02:00			`apply analogously to <command>REVOKE</command>. The syntax summary is:`

			`<synopsis>`
			`REVOKE [ GRANT OPTION FOR ] { SELECT \| INSERT \| UPDATE \| DELETE \| REFERENCES }`
			`ON <replaceable class="parameter">object</replaceable> [ ( <replaceable class="parameter">column</replaceable> [, ...] ) ]`
			`FROM { PUBLIC \| <replaceable class="parameter">username</replaceable> [, ...] }`
			`{ RESTRICT \| CASCADE }`
			`</synopsis>`
Minor updates for release. Split reference pages for CREATE TABLE AS and SELECT INTO to allow psgml (the emacs parser) to handle parsing. 1999-06-14 09:37:05 +02:00			`</para>`

			`<para>`
			`If user1 gives a privilege WITH GRANT OPTION to user2,`
			`and user2 gives it to user3 then user1 can revoke`
			`this privilege in cascade using the CASCADE keyword.`
			`If user1 gives a privilege WITH GRANT OPTION to user2,`
Fix typo 2000-10-12 23:23:34 +02:00			`and user2 gives it to user3, then if user1 tries to revoke`
Try to be a little bit clearer about the implications of GRANT TO PUBLIC and REVOKE FROM PUBLIC: the latter is not the same as 'revoke from all users', but the ref page blurred the difference. 2001-11-19 20:03:56 +01:00			`this privilege it fails if he specifies the RESTRICT`
Minor updates for release. Split reference pages for CREATE TABLE AS and SELECT INTO to allow psgml (the emacs parser) to handle parsing. 1999-06-14 09:37:05 +02:00			`keyword.`
			`</para>`
			`</refsect2>`
			`</refsect1>`
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test. 2001-05-27 11:59:30 +02:00
			`<refsect1>`
			`<title>See Also</title>`

			`<simpara>`
Fixups for man pages 2002-11-22 00:34:43 +01:00			`<xref linkend="sql-grant" endterm="sql-grant-title">`
Make UPDATE and DELETE privileges distinct. Add REFERENCES and TRIGGER privileges. INSERT and COPY FROM now require INSERT (only). Add privileges regression test. 2001-05-27 11:59:30 +02:00			`</simpara>`
			`</refsect1>`

Minor updates for release. Split reference pages for CREATE TABLE AS and SELECT INTO to allow psgml (the emacs parser) to handle parsing. 1999-06-14 09:37:05 +02:00			`</refentry>`

			`<!-- Keep this comment at the end of the file`
			`Local variables:`
			`mode: sgml`
			`sgml-omittag:nil`
			`sgml-shorttag:t`
			`sgml-minimize-attributes:nil`
			`sgml-always-quote-attributes:t`
			`sgml-indent-step:1`
			`sgml-indent-data:t`
			`sgml-parent-document:nil`
			`sgml-default-dtd-file:"../reference.ced"`
			`sgml-exposed-tags:nil`
			`sgml-local-catalogs:"/usr/lib/sgml/catalog"`
			`sgml-local-ecat-files:nil`
			`End:`
			`-->`