Skip to main content

REVOKE

Revoke privileges from a SingleStoreDB user or role.

Syntax

    REVOKE priv_type [, priv_type] ... ON priv_level
        FROM user_or_role [, user_or_role [ ... ]] ...

    priv_level:
        *
      | *.*
      | database.*

    user_or_role:
      user [, user]
      | role

    user:
      'user_name'[@'host_name']

    role:
      ROLE 'role_name'

    priv_type:
        SELECT
      | INSERT
      | UPDATE
      | DELETE
      | CREATE
      | DROP
      | RELOAD
      | PROCESS
      | FILE READ
      | FILE WRITE
      | GRANT OPTION
      | INDEX
      | ALTER
      | SHOW METADATA
      | SUPER
      | CREATE TEMPORARY TABLES
      | LOCK TABLES
      | REPLICATION
      | CREATE VIEW
      | SHOW VIEW
      | CREATE USER
      | CLUSTER
      | ALTER VIEW
      | DROP VIEW
      | BACKUP
      | CREATE DATABASE
      | DROP DATABASE            

    REVOKE ALL PRIVILEGES, GRANT OPTION
        FROM user_or_role [, user_or_role] ...

Remarks

  • priv_level - privilege level

  • priv_type - privilege type

  • user_or_role: One or more user attributes or a role attribute. The @'host_name' part is optional. If a hostname is not specified, @'%' will be appended to the user string. For example, 'demo-user' is equivalent to 'demo-user'@'%'.The '%' wildcard matches any hostname. user and host_name need not be quoted if they are legal as unquoted identifiers. Quotes must be used if a host_name string contains wildcard characters (such as %), or a user string contains special characters (such as space or -) or is a restricted keyword.

  • This command can be run on any SingleStoreDB node.

  • This command causes implicit commits. See COMMIT for more information.

  • GRANT OPTION must be revoked separately from any other privileges.

  • The REVOKE command holds a global lock on the cluster until the processing of the command is completed. See Cluster Level Locks for more info.

  • See the Permission Matrix for the required permission.

Examples

REVOKE INSERT ON *.* FROM 'user';

REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'user';

REVOKE SELECT ON dbTable FROM ROLE 'r1';

Related Topics