2.3 Revoking user privileges
(1) Revoking DBA privileges
- Executor: HiRDB administrator
The REVOKE statement, which is a definition SQL statement, is used to revoke the DBA privilege.
- Example
- Revoke the DBA privilege of the user who manages user privileges (authorization identifier: USER001):
REVOKE DBA FROM USER001
(2) Revoking CONNECT privileges
- Executor: HiRDB administrator or user who manages user privileges (user with DBA privilege)
The REVOKE statement, which is a definition SQL statement, is used to revoke the CONNECT privilege.
- Example
- Revoke the CONNECT privilege of the user whose authorization identifier is USER003:
REVOKE CONNECT FROM USER003
(3) Revoking schema definition privileges
- Executor: HiRDB administrator or user who manages user privileges (user with DBA privilege)
The REVOKE statement, which is a definition SQL statement, is used to revoke the schema definition privilege.
- Example
- Revoke the schema definition privilege of the user whose authorization identifier is USER002:
REVOKE SCHEMA FROM USER002
- Note
- The schema definition privilege of a user who has defined a schema cannot be revoked. When a schema definition privilege is to be revoked, a check should be made to ensure that no schema has been defined by that user.
(4) Revoking RDAREA usage privileges
- Executor: HiRDB administrator or user who manages user privileges (user with DBA privilege)
The REVOKE statement, which is a definition SQL statement, is used to revoke the RDAREA usage privilege.
- Example
- Revoke the RDAREA usage privilege for the RDAREA named RDAREA01 of the user whose authorization identifier is USER002:
REVOKE RDAREA RDAREA01 FROM USER002
- Note
- The RDAREA usage privilege of a user who has defined a table or index in the specified RDAREA cannot be revoked. When an RDAREA usage privilege is to be revoked, a check should be made to ensure that no table or index has been defined in the RDAREA by that user.
(5) Revoking access privileges
- Executor: Table owner
The REVOKE statement, which is a definition SQL statement, is used to revoke access privileges.
- Example
- Revoke the DELETE privilege for a table (authorization-identifier.table-identifier USER002.T001) that was granted to the user with authorization identifier USER004:
REVOKE UPDATE ON USER002.T001 TO USER004
- Note
- When the SELECT table access privilege is revoked, all the user's view tables defined from that table are deleted.