Click here to view and discuss this page in DocCommentXchange. In the future, you will be sent there automatically.

SQL Anywhere 10.0.1 » SQL Anywhere Server - Database Administration » Managing User IDs and Permissions » Managing individual user IDs and permissions

Granting and revoking remote permissions Next Page

Revoking user permissions

Any user's permissions are a combination of those that have been granted and those that have been revoked. By revoking and granting permissions, you can manage the pattern of user permissions on a database.

The REVOKE statement is the exact opposite of the GRANT statement. To disallow M_Haneef from executing my_procedure, the command is:

ON my_procedure
FROM M_Haneef;

The DBA or the owner of the procedure must issue this command.

When you add a user to a group, the user inherits all the permissions assigned to that group. SQL Anywhere does not allow you to revoke a subset of the permissions that a user inherits as a member of a group because you can only revoke permissions that are explicitly given by a GRANT statement. If you need to have different permissions for different users, you can create different groups with the appropriate permissions, or you can explicitly grant each user the permissions they require.

If you are revoking connect permissions or table permissions from another user, the other user must not be connected to the database. You cannot revoke connect permissions from dbo.

Permission to delete rows from sample_table may be revoked by issuing the following command:

ON sample_table
FROM M_Haneef;
See also