From 1ac838edba409abe87649c6820a9ee492cb1a1c5 Mon Sep 17 00:00:00 2001 From: "Thomas G. Lockhart" Date: Mon, 14 Jun 1999 07:37:05 +0000 Subject: Minor updates for release. Split reference pages for CREATE TABLE AS and SELECT INTO to allow psgml (the emacs parser) to handle parsing. --- doc/src/sgml/ref/revoke.sgml | 767 ++++++++++++++++++++++--------------------- 1 file changed, 396 insertions(+), 371 deletions(-) (limited to 'doc/src/sgml/ref/revoke.sgml') diff --git a/doc/src/sgml/ref/revoke.sgml b/doc/src/sgml/ref/revoke.sgml index 5fc793ea1d..ad6184cca7 100644 --- a/doc/src/sgml/ref/revoke.sgml +++ b/doc/src/sgml/ref/revoke.sgml @@ -1,384 +1,409 @@ - - - -REVOKE - -SQL - Language Statements - - - -REVOKE - - -Revokes access privilege from a user, a group or all users. - - - - -1998-09-24 - - - - -REVOKE privilege [, ...] - ON object [, ...] - FROM { PUBLIC | GROUP group | username } - + + + + REVOKE + + SQL - Language Statements + + + + REVOKE + + + Revokes access privilege from a user, a group or all users. + + + + + 1998-09-24 + + +REVOKE privilege [, ...] + ON object [, ...] + FROM { PUBLIC | GROUP ER">gBLE> | username } + - - - 1998-09-24 - - - Inputs - - - - - - - privilege - - - - The possible privileges are: - - - + + + 1998-09-24 + + + Inputs + + - - - SELECT - - - - Privilege to access all of the columns of a specific - table/view. - - - - - - - INSERT - - - - Privilege to insert data into all columns of a - specific table. - - - - - - - UPDATE - - - - Privilege to update all columns of a specific - table. - - - - - - - DELETE - - - - Privilege to delete rows from a specific table. - - - - - - - RULE - - - - Privilege to define rules on table/view. - (See CREATE RULE). - - - - - - - ALL - - - - Rescind all privileges. - - - - - - - object - - - - The name of an object from which to revoke access. - The possible objects are: - - - - table - - - - - - view - - - - - - sequence - - - - - - index - - - - - - - - - - group - - - - The name of a group from whom to revoke privileges. - - - - - - - username - - - - The name of a user from whom revoke privileges. Use the PUBLIC keyword - to specify all users. - - - - - - - PUBLIC - - - - Rescind the specified privilege(s) for all users. - - - - - - + + + + privilege + + + + The possible privileges are: + + + - - - 1998-09-24 - - - Outputs - - - - - - - CHANGE - - - - Message returned if successfully. - - - - - - - ERROR - - - - Message returned if object is not available or impossible - to revoke privileges from a group or users. - - - - - - - - - - - 1998-09-24 - - - Description - - - REVOKE allows creator of an object to revoke permissions granted - before, from all users (via PUBLIC) or a certain user or group. - + + + SELECT + + + + Privilege to access all of the columns of a specific + table/view. + + + - - - 1998-09-24 - - - Notes - - - Refer to psql \z command for further information about permissions - on existing objects: - - - Database = lusitania - +------------------+---------------------------------------------+ - | Relation | Grant/Revoke Permissions | - +------------------+---------------------------------------------+ - | mytable | {"=rw","miriam=arwR","group todos=rw"} | - +------------------+---------------------------------------------+ - Legend: - uname=arwR -- privileges granted to a user - group gname=arwR -- privileges granted to a GROUP - =arwR -- privileges granted to PUBLIC - - r -- SELECT - w -- UPDATE/DELETE - a -- INSERT - R -- RULE - arwR -- ALL - - - - - Currently, to create a GROUP you have to insert - data manually into table pg_group as: - - INSERT INTO pg_group VALUES ('todos'); - CREATE USER miriam IN GROUP todos; - - - + + + INSERT + + + + Privilege to insert data into all columns of a + specific table. + + + - - + + + UPDATE + + + + Privilege to update all columns of a specific + table. + + + - - - Usage - - - - -- revoke insert privilege from all users on table films: - -- - REVOKE INSERT ON films FROM PUBLIC; - - -- revoke all privileges from user manuel on view kinds: - -- - REVOKE ALL ON kinds FROM manuel; - - - - - - - Compatibility - - - - - 1998-09-01 - - - SQL92 - - - The SQL92 syntax for REVOKE - has additional capabilities for rescinding - privileges, including those on individual columns in tables: + + + DELETE + + + + Privilege to delete rows from a specific table. + + + - - - - - REVOKE { SELECT | DELETE | USAGE | ALL PRIVILEGES } [, ...] - ON object - FROM { PUBLIC | username [, ...] } { RESTRICT | CASCADE } - REVOKE { INSERT | UPDATE | REFERENCES } [, ...] [ ( column [, ...] ) ] - ON object - FROM { PUBLIC | username [, ...] } { RESTRICT | CASCADE } - - - - - Refer to the GRANT command for details on individual fields. - - - - - - - - REVOKE GRANT OPTION FOR privilege [, ...] - ON object - FROM { PUBLIC | username [, ...] } { RESTRICT | CASCADE } - - - - - Rescinds authority for a user to grant the specified privilege to others. - Refer to the GRANT command for details on individual fields. - - - - + + + RULE + + + + Privilege to define rules on table/view. + (See CREATE RULE). + + + + + + + ALL + + + + Rescind all privileges. + + + + + + + object + + + + The name of an object from which to revoke access. + The possible objects are: + + + + table + + + - The possible objects are: - - [ TABLE ] table/view - - CHARACTER SET character-set - - COLLATION collation - - TRANSLATION translation - - DOMAIN domain - - + view - - If user1 gives a privilege WITH GRANT OPTION to user2, - and user2 gives it to user3 then user1 can revoke - this privilege in cascade using the CASCADE keyword. + + + + + sequence + + + - If user1 gives a privilege WITH GRANT OPTION to user2, - and user2 gives it to user3 then if user1 try revoke - this privilege it fails if he/she specify the RESTRICT - keyword. + index - - - + + + + + + + + + group + + + + The name of a group from whom to revoke privileges. + + + + + + + username + + + + The name of a user from whom revoke privileges. Use the PUBLIC keyword + to specify all users. + + + + + + + PUBLIC + + + + Rescind the specified privilege(s) for all users. + + + + + + + + + + 1998-09-24 + + + Outputs + + + + + + + CHANGE + + + + Message returned if successfully. + + + + + + + ERROR + + + + Message returned if object is not available or impossible + to revoke privileges from a group or users. + + + + + + + + + + + 1998-09-24 + + + Description + + + REVOKE allows creator of an object to revoke permissions granted + before, from all users (via PUBLIC) or a certain user or group. + + + + + 1998-09-24 + + + Notes + + + Refer to psql \z command for further information about permissions + on existing objects: + + +Database = lusitania ++------------------+---------------------------------------------+ +| Relation | Grant/Revoke Permissions | ++------------------+---------------------------------------------+ +| mytable | {"=rw","miriam=arwR","group todos=rw"} | ++------------------+---------------------------------------------+ +Legend: + uname=arwR -- privileges granted to a user + group gname=arwR -- privileges granted to a GROUP + =arwR -- privileges granted to PUBLIC + + r -- SELECT + w -- UPDATE/DELETE + a -- INSERT + R -- RULE + arwR -- ALL + + + + + Currently, to create a GROUP you have to insert + data manually into table pg_group as: + +INSERT INTO pg_group VALUES ('todos'); +CREATE USER miriam IN GROUP todos; + + + + + + + + + + Usage + + + +-- revoke insert privilege from all users on table films: +-- +REVOKE INSERT ON films FROM PUBLIC; + + + +-- revoke all privileges from user manuel on view kinds: +-- +REVOKE ALL ON kinds FROM manuel; + + + + + + + Compatibility + + + + + 1998-09-01 + + + SQL92 + + + The SQL92 syntax for REVOKE + has additional capabilities for rescinding + privileges, including those on individual columns in tables: + + + + + +REVOKE { SELECT | DELETE | USAGE | ALL PRIVILEGES } [, ...] + ON object + FROM { PUBLIC | username [, ...] } { RESTRICT | CASCADE } +REVOKE { INSERT | UPDATE | REFERENCES } [, ...] [ ( column [, ...] ) ] + ON object + FROM { PUBLIC | username [, ...] } { RESTRICT | CASCADE } + + + + + Refer to GRANT for details on individual fields. + + + + + + + +REVOKE GRANT OPTION FOR privilege [, ...] + ON object + FROM { PUBLIC | username [, ...] } { RESTRICT | CASCADE } + + + + + Rescinds authority for a user to grant the specified privilege + to others. + Refer to the GRANT command for details + on individual fields. + + + + + + + The possible objects are: + + + [ TABLE ] table/view + + + CHARACTER SET character-set + + + COLLATION collation + + + TRANSLATION translation + + + DOMAIN domain + + + + + + If user1 gives a privilege WITH GRANT OPTION to user2, + and user2 gives it to user3 then user1 can revoke + this privilege in cascade using the CASCADE keyword. + + + If user1 gives a privilege WITH GRANT OPTION to user2, + and user2 gives it to user3 then if user1 try revoke + this privilege it fails if he/she specify the RESTRICT + keyword. + + + + + + -- cgit v1.2.1