REVOKE (Sequence Privileges)

This form of the REVOKE statement removes the privileges on a sequence.

Invocation

This statement can be embedded in an application program or issued interactively. It is an executable statement that can be dynamically prepared.

Authorization

The privileges held by the authorization ID of the statement must include at least one of the following:

• For each sequence identified in the statement:
  • Every privilege specified in the statement
  • The system authority of *OBJMGT on the sequence
  • The system authority *EXECUTE on the library containing the sequence
• Administrative authority

Syntax

                  .-PRIVILEGES-.
>>-REVOKE--+-ALL--+------------+-+--ON SEQUENCE----------------->
           | .-,---------.       |
           | V           |       |
           '---+-ALTER-+-+-------'
               '-USAGE-'
 
   .-,-------------.        .-,----------------------.
   V               |        V                        |
>----sequence-name-+--FROM----+-authorization-name-+-+---------><
                              '-PUBLIC-------------'
 

Description

ALL or ALL PRIVILEGES

Revokes one or more sequence privileges from each authorization-name. The privileges revoked are those privileges on the identified sequences that were granted to the authorization-names. Note that revoking ALL PRIVILEGES on a sequence is not the same as revoking the system authority of *ALL.

If you do not use ALL, you must use one or more of the keywords listed below. Each keyword revokes the privilege described.

ALTER

Revokes the privilege to use the ALTER SEQUENCE, COMMENT, and LABEL statements on a sequence.

USAGE

Revokes the privilege to use the sequence in NEXT VALUE or PREVIOUS VALUE expressions.

ON SEQUENCE sequence-name

Identifies the sequences from which you are revoking privileges. The sequence-name must identify a sequence that exists at the current server.

FROM

Identifies from whom the privileges are revoked.

authorization-name,...

Lists one or more authorization IDs. Do not specify the same authorization-name more than once.

PUBLIC

Revokes the specified privileges from PUBLIC.

Notes

Multiple grants: If you revoke a privilege on a sequence, it nullifies any grant of the privilege on that sequence, regardless of who granted it.

Revoking WITH GRANT OPTION: The only way to revoke the WITH GRANT OPTION is to revoke ALL.

Privilege warning: Revoking a specific privilege from a user does not necessarily prevent that user from performing an action that requires that privilege. For example, the user may still have the privilege through PUBLIC or administrative privileges.

Corresponding system authorities: When a sequence privilege is revoked, the corresponding system authorities are revoked. For information on the system authorities that correspond to SQL privileges see GRANT (Sequence Privileges).

Example

REVOKE the USAGE privilege from PUBLIC on a sequence called ORG_SEQ.

REVOKE USAGE
  ON SEQUENCE ORG_SEQ
  FROM PUBLIC