REVOKE

Syntax

REVOKE priv_type [, priv_type] ... ON priv_level
    FROM user_or_role [, user_or_role [ ... ]] ...

priv_level:
    *
  | *.*
  | database.*

user_or_role:
  user [, user]
  | role

user:
  'user_name'[@'host_name']

role:
  ROLE 'role_name'

priv_type:
    SELECT
  | INSERT
  | UPDATE
  | DELETE
  | CREATE
  | DROP
  | RELOAD
  | PROCESS
  | FILE READ
  | FILE WRITE
  | GRANT OPTION
  | INDEX
  | ALTER
  | SHOW METADATA
  | SUPER
  | CREATE TEMPORARY TABLES
  | LOCK TABLES
  | REPLICATION
  | CREATE VIEW
  | SHOW VIEW
  | CREATE USER
  | CLUSTER
  | ALTER VIEW
  | DROP VIEW
  | BACKUP
  | CREATE DATABASE
  | DROP DATABASE            

REVOKE ALL PRIVILEGES, GRANT OPTION
    FROM user_or_role [, user_or_role] ...

Remarks

• priv_level - privilege level

• priv_type - privilege type

• user_or_role: One or more user attributes or a role attribute. The @'host_name' part is optional. If a hostname is not specified, @'%' will be appended to the user string. For example, 'demo-user' is equivalent to 'demo-user'@'%'.The '%' wildcard matches any hostname. user and host_name need not be quoted if they are legal as unquoted identifiers. Quotes must be used if a host_name string contains wildcard characters (such as %), or a user string contains special characters (such as space or -) or is a restricted keyword.

• This command can be run on any SingleStoreDB node.

• This command causes implicit commits. See COMMIT for more information.

• GRANT OPTION must be revoked separately from any other privileges.

• The REVOKE command holds a global lock on the cluster until the processing of the command is completed. See Cluster Level Locks for more info.

• Refer to the Permission Matrix for the required permission.

Examples

REVOKE INSERT ON *.* FROM 'user';

REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'user';

REVOKE SELECT ON dbTable FROM ROLE 'r1';

Related Topics

• REVOKE GROUP

• REVOKE ROLE