Previous Topic Next topic Print topic


REVOKE (Sequence Privileges)

This form of the REVOKE statement revokes the privileges on a user-defined sequence.
Restriction: This topic applies to Windows environments only.

Syntax

REVOKE {ALTER | USAGE} [,...] ON SEQUENCE sequence-name [,...]
FROM {authorization-name | PUBLIC} [,...]
[BY {authorization-name | ALL} [,...]]
[RESTRICT]
Note: The keyword SELECT is an alternative keyword for USAGE.

Description

ALTER

Revokes the privilege to alter a sequence or record a comment on a sequence.

USAGE

Revokes the USAGE privilege to use a sequence. This privilege is needed when the NEXT VALUE or PREVIOUS VALUE expression is invoked for a sequence name.

SEQUENCE sequence-name

Identifies the sequence. The name, including the implicit or explicit schema qualifier, must uniquely identify an existing sequence at the current server. If no sequence by this name exists in the explicitly or implicitly specified schema, an error occurs. sequence-name must not be the name of an internal sequence object that is generated by the system for an identity column.

FROM

Specifies from what authorization IDs the privileges are revoked.

authorization-name,...

Lists one or more authorization IDs. Do not use the same authorization ID more than once. The value of CURRENT RULES determines if you can use the ID of the REVOKE statement itself (to revoke privileges from yourself). When CURRENT RULES is:

DB2 You cannot use the ID of the REVOKE statement.
STD You can use the ID of the REVOKE statement.

PUBLIC

Revokes a grant of privileges to PUBLIC.

PUBLIC AT ALL LOCATIONS

Revokes a grant of privileges to PUBLIC AT ALL LOCATIONS.

BY

Lists grantors who have granted privileges and revokes each named privilege that was explicitly granted to some named user by one of the named grantors. Only an authorization ID with SYSADM or SYSCTRL authority can use BY, even if the authorization ID names only itself in the BY clause.

authorization-name,...

Lists one or more authorization IDs of users who were the grantors of the privileges named. Do not use the same authorization ID more than once. Each grantor listed must have explicitly granted some named privilege to all named users.

ALL

Revokes each named privilege from all named users who were explicitly granted the privilege, regardless of who granted it.

RESTRICT

Prevents the USAGE privilege from being revoked on a sequence if the revokee owns one of the following objects and does not have the USAGE privilege from another source:

  • A trigger that specifies the sequence in a NEXT VALUE or PREVIOUS VALUE expression
  • An inline SQL function that specifies the sequence in a NEXT VALUE or PREVIOUS VALUE expression
Previous Topic Next topic Print topic