DB2 10.5 for Linux, UNIX, and Windows

REVOKE (module privileges) statement

This form of the REVOKE statement revokes the privilege on a module.

Invocation

This statement can be embedded in an application program or issued through the use of dynamic SQL statements. It is an executable statement that can be dynamically prepared only if DYNAMICRULES run behavior is in effect for the package (SQLSTATE 42509).

Authorization

The privileges held by the authorization ID of the statement must include ACCESSCTRL or SECADM authority.

Syntax

Read syntax diagramSkip visual syntax diagram
>>-REVOKE--EXECUTE--ON--MODULE--module-name--------------------->

         .-----------------------------------.   
         V                                   |   
>--FROM----+-+-------+--authorization-name-+-+-----------------><
           | +-USER--+                     |     
           | +-GROUP-+                     |     
           | '-ROLE--'                     |     
           '-PUBLIC------------------------'     

Description

EXECUTE
Revokes the privilege to reference published module objects. This includes revoking the privilege to:
  • Execute any published routine defined in the module.
  • Read from and write to any published global variables defined in the module.
  • Reference any published user-defined types defined in the module.
  • Reference any published conditions defined in the module.
ON MODULE module-name
Identifies the module on which the privilege is revoked. The module-name must identify a module that exists at the current server (SQLSTATE 42704).
FROM
Indicates from whom the privilege is revoked.
USER
Specifies that the authorization-name identifies a user.
GROUP
Specifies that the authorization-name identifies a group name.
ROLE
Specifies that the authorization-name identifies a role name. The role name must exist at the current server (SQLSTATE 42704).
authorization-name
Lists one or more authorization IDs. The same authorization-name must not be specified more than once
PUBLIC
Grants the privilege to a set of users (authorization IDs). For more information, see "Authorization, privileges and object ownership".

Example

The following example demonstrate how to revoke the EXECUTE privilege from a module named myModa from user jones
   REVOKE EXECUTE ON MODULE MYMODA FROM JONES