Removing Permissions on a View or Materialized View from a User or Role

Remove permissions from a view or materialized view to a user, user-extended role, or standalone role.

Prerequisites

Database Version	Role-Based Database Object Privileges
SAP Sybase IQ 15.3 and 15.4	Not supported.
SAP Sybase IQ 16.0	You must have one of: MANAGE ANY OBJECT PRIVILEGE system privilege You have administrative rights (with grant option) to the permission You own the database object

The SAP Sybase IQ resource is authenticated and running.
In a multiplex configuration, the coordinator node is running.
The selected resource supports role-based security

Task

The REVOKE command applies to the database object permission itself, not to any administrative right granted on the permission. Therefore, to remove the administrative right only and leave the database object permission intact, do not use the Revoke button. Rather, regrant the specific permission without administrative rights. Only the original grantor can remove the administrative rights only from a granted permission. If another grantor regrants the same permission without administrative rights, a new permission without administrative rights is granted, but the original permission with administrative rights remains and takes precedence over any other non-administrative grants of the same permission to the same user or role.

If multiple permissions are granted, you can revoke some or all of the permissions. However, if you revoke a permission granted administrative rights, and the grantee has granted the permission to other users, who in turn have granted it to other users, and so on, every grantee in the chain who has received the permission indirectly, with or without administrative rights, also has their permission revoked. For example, UserA is granted the SELECT permission with the With grant option. UserA grants SELECT to UserB with the With grant option. UserB grants SELECT to UserC and UserD without administrative rights and to UserE with administrative rights. When you revoke the SELECT permission from UserA, it is also revoked for UserB, UserC, UserD and UserE.

In the Perspective Resources view, select the resource, and select Resource > Administration Console.
In the left pane, expand IQ Servers > Security > Role-Based, and then select Users, User-Extended Roles, or Standalone Roles.
Select a user, user-extended role, or standalone role in the right pane either:
- Click the arrow to the right of the name and select Properties, or
- From the Administration Console menu bar, select Resource > Properties.
In the left pane, select Permissions.
Click the drop-down arrow and select Views.
A list of permissions currently granted to Views appears.
In the right pane, select the view or materialized view containing the permission to be revoked and click Revoke.
A list of permissions currently granted (regardless of administrative rights) appears.
Select one or more permissions to revoke. Click the box in the header row to select all available permissions.

Warning! Revoking permissions may result in unexpected revocation from other users or groups. See Following the User or Role View Permission Grant Trail.
Click Finish to close the permissions wizard.
Do one of:
- Click OK to update any changes to the database and exit the properties view.
- Click Cancel to cancel any changes not updated to the database and exit the properties view.