Revoking Permissions on a Table

Remove table permissions from users and roles.

Prerequisites
Database Version Database Object Privileges
SAP Sybase IQ 15.3 and 15.4 You must have one of:
  • DBA authority
  • PERMS ADMIN authority
  • You have administrative rights (with grant option) to the permission
  • You own the database object
SAP Sybase IQ 16.0 You must have one of:
  • MANAGE ANY OBJECT PRIVILEGE system privilege
  • You have administrative rights (with grant option) to the permission
  • You own the database object
Task

The REVOKE command applies to the database object permission itself, not to any administrative right granted on the permission. Therefore, to remove the administrative right only and leave the database object permission intact, do not use the Revoke button. Rather, regrant the specific permission without administrative rights. Only the original grantor can remove the administrative rights only from a granted permission. If another grantor regrants the same permission without administrative rights, a new permission without administrative rights is granted, but the original permission with administrative rights remains and takes precedence over any other non-administrative grants of the same permission to the same user or role.

If multiple permissions are granted, you can revoke some or all of the permissions. However, if you revoke a permission granted administrative rights, and the grantee has granted the permission to other users, who in turn have granted it to other users, and so on, every grantee in the chain who has received the permission indirectly, with or without administrative rights, also has their permission revoked. For example, UserA is granted the SELECT permission with the With grant option. UserA grants SELECT to UserB with the With grant option. UserB grants SELECT to UserC and UserD without administrative rights and to UserE with administrative rights. When you revoke the SELECT permission from UserA, it is also revoked for UserB, UserC, UserD and UserE.

  1. In the Perspective Resources view, select the resource, and select Resource > Administration Console.
  2. In the left pane, expand IQ Servers > Schema Objects > Tables, and then select Tables or Global Temporary Tables.
  3. Select a table from the right pane and either:
    • Click the arrow to the right of the name and select Properties, or
    • From the Administration Console menu bar, select Resource > Properties.
    The Table Properties view appears.
  4. In the left pane, click Permissions.
  5. In the right pane, select a user or role granted permissions to be revoked, and click Revoke.
    A list of permissions currently granted (regardless of administrative rights) appears..
  6. Select one or more permissions to revoke. Click the box in the header row to select all available permissions.
    Warning!  Revoking permissions may result in unexpected revocation from other users or groups. See Following the Table Permission Grant Trail.
  7. Click Finish to close the permissions wizard.
  8. Do one of:
    • Click OK to update any changes to the database and exit the properties view.
    • Click Cancel to cancel any changes not updated to the database and exit the properties view.
Parent topic: Table Permissions
Related concepts
About the Tables Permissions List
Following the Table Permissions Grant Trail
Manage Permissions on a Proxy Table
Related tasks
Granting Permissions on a Table
Removing Administrative Rights Only from a Table Permission
Adding Administrative Rights to a Granted Table Permission
Authenticating a Login Account for a Managed Resource
Related reference
Table Permissions Privilege Summary