REVOKE (User-Defined Type Privileges)

This form of the REVOKE statement removes the privileges on a user-defined type.

Invocation

This statement can be embedded in an application program or issued interactively. It is an executable statement that can be dynamically prepared.

Authorization

The privileges held by the authorization ID of the statement must include at least one of the following:

For each user-defined type identified in the statement:
- Every privilege specified in the statement
- The system authority of *OBJMGT on the user-defined type
- The system authority *EXECUTE on the library containing the user-defined type
Administrative authority

Syntax

                    .-PRIVILEGES-.
>>-REVOKE----+-ALL--+------------+--+--------------------------->
             |  .-,----------.      |
             |  V            |      |
             '----+-ALTER-+--+------'
                  '-USAGE-'
 
                                     .-,------------.
                                     V              |
>----ON--+---------------+---TYPE-------type-name---+----------->
         |          (1)  |
         '-DISTINCT------'
 
           .-,-----------------------.
           V                         |
>----FROM----+-authorization-name-+--+-------------------------><
             '-PUBLIC-------------'

Notes:

The keyword DATA can be used when revoking from any user-defined-type.

Revokes one or more user-defined type privileges from each authorization-name. The privileges revoked are those privileges on the identified user-defined types that were granted to the authorization-names. Note that revoking ALL PRIVILEGES on a user-defined type is not the same as revoking the system authority of *ALL.

If you do not use ALL, you must use one or more of the keywords listed below. Each keyword revokes the privilege described.

ALTER

Revokes the privilege to use the COMMENT ON statement.

USAGE

Revokes the privilege to use user-defined types in tables, functions, procedures, or as the source type in a CREATE DISTINCT TYPE statement.

ON DISTINCT TYPE type-name

Identifies the user-defined types from which you are revoking privileges. The type-name must identify a user-defined type that exists at the current server.

FROM

Identifies from whom the privileges are revoked.

authorization-name,...: Lists one or more authorization IDs. Do not specify the same authorization-name more than once.
PUBLIC: Revokes the specified privileges from PUBLIC.

Notes

If you revoke a privilege on a user-defined type, it nullifies any grant of the privilege on that user-defined type, regardless of who granted it.

When a user-defined type privilege is revoked, the corresponding AS/400 system authorities are revoked. For information on the AS/400 system authorities that correspond to SQL privileges see "GRANT (User-Defined Type Privileges)".

Example

Revoke the USAGE privilege on distinct type SHOESIZE from user JONES.

   REVOKE USAGE
     ON DISTINCT TYPE SHOESIZE
     FROM JONES

[ Top of Page | Previous Page | Next Page | Table of Contents | Index ]