REVOKE (Type Privileges)

This form of the REVOKE statement removes the privileges on a type.

Invocation

This statement can be embedded in an application program or issued interactively. It is an executable statement that can be dynamically prepared.

Authorization

The privileges held by the authorization ID of the statement must include at least one of the following:

For each distinct type or array type identified in the statement:
- Every privilege specified in the statement
- The system authority of *OBJMGT on the type
- The system authority *EXECUTE on the library containing the type
Administrative authority

Syntax


                  .-PRIVILEGES-.     
>>-REVOKE--+-ALL--+------------+-+------------------------------>
           | .-,---------.       |   
           | V           |       |   
           '---+-ALTER-+-+-------'   
               '-USAGE-'             

             .-,----------------------.   
             V                        |   
>--ON -TYPE----+-distinct-type-name-+-+------------------------->
               '-array-type-name----'     

         .-,----------------------.   
         V                        |   
>--FROM----+-authorization-name-+-+----------------------------><
           '-PUBLIC-------------'

Description

ALL or ALL PRIVILEGES

Revokes one or more type privileges from each authorization-name. The privileges revoked are those privileges on the identified user-defined types that were granted to the authorization-names. Note that revoking ALL PRIVILEGES on a type is not the same as revoking the system authority of *ALL.

If you do not use ALL, you must use one or more of the keywords listed below. Each keyword revokes the privilege described.

ALTER

Revokes the privilege to use the COMMENT and LABEL statements. End of change

USAGE

Revokes the privilege to use user-defined types in tables, functions, procedures, or as the source type in a CREATE TYPE statement. End of change

ON TYPE distinct-type-name or array-type-name

Identifies the distinct type from which the privilege is revoked. The distinct-type-name or array-type-name must identify a user-defined type that exists at the current server. End of change

FROM

Identifies from whom the privileges are revoked.

authorization-name,…: Lists one or more authorization IDs. Do not specify the same authorization-name more than once.
PUBLIC: Revokes a grant of the privilege to PUBLIC. For more information, see Authorization, privileges and object ownership.

Notes

Multiple grants: If authorization ID A granted the same privilege to authorization ID B more than once, revoking that privilege from B nullifies all those grants.

Revoking WITH GRANT OPTION: The only way to revoke the WITH GRANT OPTION is to revoke ALL.

Privilege warning: Revoking a specific privilege from a user does not necessarily prevent that user from performing an action that requires that privilege. For example, the user may still have the privilege through PUBLIC or administrative privileges.

Start of change Corresponding system authorities: When a type privilege is revoked, the corresponding system authorities are revoked. For information about the system authorities that correspond to SQL privileges see GRANT (Type Privileges). End of change

Syntax alternatives: The following keywords are synonyms supported for compatibility to prior releases. These keywords are non-standard and should not be used:

The keywords DATA TYPE or DISTINCT TYPE can be used as a synonym for TYPE.

Example

Revoke the USAGE privilege on distinct type SHOESIZE from user JONES.

   REVOKE USAGE
     ON DISTINCT TYPE SHOESIZE
     FROM JONES