The REVOKE statement takes away permissions already GRANTed to users. When a user account is set up in SQL, in order for it to be able to do anything with the database, it must have permissions. These are given through the GRANT statement. However, there are times when the administrator will want to take some or all of those permissions away. This is done through the REVOKE statement. The syntax is very similar to GRANT:

REVOKE privilege
ON object
FROM user or PUBLIC or role

Privilege might be anything from SELECT to ALL. The object is the table, column, etcetera that might be acted upon. In order to execute this statement, the user doing so must first have the GRANT ability. This is not always readily available, especially in smaller applications of mySQL. An example of the REVOKE statement:

ON fict_chars
FROM user1

This would totally exclude user1 from the fict_chars table. In some SQL versions ROLE is available. A ROLE is an object that has been assigned specific permissions and users may be allocated to a specific ROLE. As the ROLE has priveleges GRANTed or REVOKEd so does the user. REVOKE is a statement in the DCL (Data Control Language) part of SQL.

< GRANTStatement | Return to Index >

Interesting Pages