REVOKE
Revoke privileges from a SingleStoreDB user or role.
Syntax
REVOKE priv_type [, priv_type] ... ON priv_level
FROM user_or_role [, user_or_role [ ... ]] ...
priv_level:
*
| *.*
| database.*
user_or_role:
user [, user]
| role
user:
'user_name'[@'host_name']
role:
ROLE 'role_name'
priv_type:
SELECT
| INSERT
| UPDATE
| DELETE
| CREATE
| DROP
| RELOAD
| PROCESS
| FILE READ
| FILE WRITE
| GRANT OPTION
| INDEX
| ALTER
| SHOW METADATA
| SUPER
| CREATE TEMPORARY TABLES
| LOCK TABLES
| REPLICATION
| CREATE VIEW
| SHOW VIEW
| CREATE USER
| CLUSTER
| ALTER VIEW
| DROP VIEW
| BACKUP
| CREATE DATABASE
| DROP DATABASE
REVOKE ALL PRIVILEGES, GRANT OPTION
FROM user_or_role [, user_or_role] ...
Remarks
priv_level- privilege levelpriv_type- privilege typeuser_or_role: One or more user attributes or a role attribute. The@'host_name'part is optional. If a hostname is not specified,@'%'will be appended to the user string. For example,'demo-user'is equivalent to'demo-user'@'%'.The'%'wildcard matches any hostname.userandhost_nameneed not be quoted if they are legal as unquoted identifiers. Quotes must be used if ahost_namestring contains wildcard characters (such as%), or a user string contains special characters (such as space or-) or is a restricted keyword.This command can be run on any SingleStoreDB node.
This command causes implicit commits. See COMMIT for more information.
GRANT OPTIONmust be revoked separately from any other privileges.The
REVOKEcommand holds a global lock on the cluster until the processing of the command is completed. See Cluster Level Locks for more info.See the Permission Matrix for the required permission.
Examples
REVOKE INSERT ON *.* FROM 'user'; REVOKE ALL PRIVILEGES, GRANT OPTION FROM 'user'; REVOKE SELECT ON dbTable FROM ROLE 'r1';
Related Topics