Museum

Home

Lab Overview

Retrotechnology Articles

⇒ Online Manual

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

AFTER

POSITION

More Information

privilege

identifier

More Information

More Information

More Information

RDB/VMS SQL REVOKE — VMS SQLdev_2.0

 Removes privileges from or entirely deletes an entry in a
 database or table ACL.

 REVOKE -+-+-> privilege -+---+-+
         | +---- , <------+   | |
         +-> ENTRY -----------+ |
         +-> ALL PRIVILEGES --+ |
    +---------------<-----------+
    +-> ON -+-> SCHEMA AUTHORIZATION -+-> auth-id -+-+-+
            |                         +----- , <---+ | |
            +-+-----> ---+-+-+-> table-name -+-+-----+ |
              +-> TABLE -+ | +-> view-name --+ |       |
                           +------ , <---------+       |
    +------------------------- <-----------------------+
    +-> FROM -+-+-> identifier -+-+----------------------------+-+-> ;
              | +-> PUBLIC -----+ +-> AFTER -+-> identifier -+-+ |
              |                   |          +-> PUBLIC -----+ | |
              |                   +-> POSITION n --------------+ |
              +-------------------- , <--------------------------+

Additional information available:

AFTERPOSITION

More Informationprivilegeidentifier

More Information

 The REVOKE statement removes privileges from or entirely deletes
 an entry to the Rdb/VMS access control list (ACL) for a database
 or table.  Each entry in an ACL consists of an identifier and a
 list of privileges assigned to the identifier:

  o  Each identifier specifies a user or a set of users.

  o  The list of privileges specifies what operations that user
     or user group can perform on the database or table.

 When a user tries to perform an operation on a database, SQL
 reads the associated ACL from top to bottom, comparing the
 identifier of the user with each entry.  As soon as SQL finds
 the first match, it revokes the rights listed in that entry and
 stops the search.  All UICs that do not match a previous entry
 "fall through" to the entry [*,*], if it exists.  If there is no
 entry with the UIC [*,*], then unmatched UICs are denied all
 access to the database or relation.

 For this reason both the entries themselves and their order in
 the list are important.

privilege

 One or more of the following privileges you want to delete from
 an existing ACL entry.

 privilege =

 --+-> SELECT ----+-->
   +-> INSERT ----+
   +-> UPDATE ----+
   +-> DELETE ----+
   +-> CREATETAB -+
   +-> ALTER -----+
   +-> DROP ------+
   +-> DBCTRL ----+
   +-> DBADM -----+
   +-> SHOW ------+
   +-> OPERATOR --+

 To revoke all privileges, specify the ALL keyword instead of a
 list of privileges.  To delete an ACL entry altogether, specify
 the ENTRY keyword.

identifier

 Specifies the identifiers for the ACL entry to be modified or
 deleted.

 identifier =

 --+-+-> uic-identifier -----+-+->
   | +-> general-identifier -+ |
   | +-> system-identifier  -+ |
   +------------ + <-----------+

 The identifiers are standard VMS identifiers.  There are three
 types:  UIC identifiers, general identifiers, and system-defined
 identifiers.

 Specifying PUBLIC is equivalent to using the UIC identifier
 [*,*].  You can specify more than one identifier by combining
 them with plus signs (+).  Such identifiers are called multiple
 identifiers.  They identify only users who are common to all the
 groups defined by the individual identifiers.  Users who do not
 match all the identifiers are not controlled by that entry.

AFTER

 Specifies the position of the entry within the ACL to be
 modified or deleted.  If you omit the AFTER argument, SQL
 searches the entire ACL for an identifier list that matches the
 one specified in the FROM clause of the REVOKE statement.  If it
 finds a match, it modifies the ACL entry by deleting the
 privileges specified in the privilege list.  If there is no
 match, SQL generates an error and the REVOKE statement has no
 effect on the ACL.

 In the AFTER argument, the identifier specifies the entry in the
 ACL after which SQL begins its search for the entry to be
 modified or deleted.  If none of the entries in the ACL has an
 identifier that matches the identifier specified in the AFTER
 argument, SQL generates an error and the statement fails.

 Select More_Information to continue.

Additional information available:

More Information

More Information

 Starting after the entry specified by the identifier in the
 AFTER argument, SQL searches entries in the ACL.  If an entry
 has an identifier that matches the identifier specified by the
 FROM clause of the REVOKE statement, SQL modifies or deletes
 that ACL entry.

 If none of the entries has an identifier that matches the
 identifier specified by the FROM clause of the REVOKE statement,
 SQL generates an error and the statement fails (even if an entry
 before the position at which SQL began its search had an
 identifier that matched).

 Specifying PUBLIC in the AFTER clause is the same as specifying
 the UIC identifier [*,*].

POSITION

 Specifies the position of the entry within the ACL to be
 modified or deleted.  If you omit the POSITION argument, SQL
 searches the entire ACL for an identifier list that matches the
 one specified in the FROM clause of the REVOKE statement.  If it
 finds a match, it modifies the ACL entry by deleting the
 privileges specified in the privilege list.  If there is no
 match, SQL generates an error and the REVOKE statement has no
 effect on the ACL.

 Select More_Information to continue.

Additional information available:

More Information

More Information

 In the POSITION argument, the integer specifies the earliest
 relative position in the ACL of the entry to be modified or
 deleted.  If the integer is larger than the number of entries in
 the ACL, SQL generates an error and the statement fails.
 Starting with the position specified by the POSITION argument,
 SQL searches entries in the ACL.  If an entry has an identifier
 that matches the identifier specified by the FROM clause of the
 REVOKE statement, SQL modifies or deletes that ACL entry.

 Select More_Information to continue.

Additional information available:

More Information

More Information

 If none of the entries has an identifier that matches the
 identifier specified by the FROM clause of the REVOKE statement,
 SQL generates an error and the statement fails (even if an entry
 before the position at which SQL began its search had an
 identifier that matched).

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026