This form of the REVOKE statement revokes the privilege
on a module.
Invocation
This statement can be embedded in
an application program or issued through the use of dynamic SQL statements.
It is an executable statement that can be dynamically prepared only
if DYNAMICRULES run behavior is in effect for the package (SQLSTATE
42509).
Authorization
The privileges held by the authorization
ID of the statement must include ACCESSCTRL or SECADM authority.
Syntax
>>-REVOKE--EXECUTE--ON--MODULE--module-name--------------------->
.-----------------------------------.
V |
>--FROM----+-+-------+--authorization-name-+-+-----------------><
| +-USER--+ |
| +-GROUP-+ |
| '-ROLE--' |
'-PUBLIC------------------------'
Description
- EXECUTE
- Revokes the privilege to reference published module objects. This
includes revoking the privilege to:
- Execute any published routine defined in the module.
- Read from and write to any published global variables defined
in the module.
- Reference any published user-defined types defined in the module.
- Reference any published conditions defined in the
module.
- ON MODULE module-name
- Identifies the module on which the privilege is revoked. The module-name must
identify a module that exists at the current server (SQLSTATE
42704).
- FROM
- Indicates from whom the privilege is revoked.
- USER
- Specifies that the authorization-name identifies
a user.
- GROUP
- Specifies that the authorization-name identifies
a group name.
- ROLE
- Specifies that the authorization-name identifies
a role name. The role name must exist at the current server (SQLSTATE
42704).
- authorization-name
- Lists one or more authorization IDs. The same authorization-name must
not be specified more than once
- PUBLIC
- Grants the privilege to a set of users (authorization IDs). For
more information, see "Authorization, privileges and object ownership".
Example
The following example demonstrate
how to revoke the EXECUTE privilege from a module named
myModa from
user
jones REVOKE EXECUTE ON MODULE MYMODA FROM JONES