[
https://issues.apache.org/jira/browse/TRAFODION-2156?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15684819#comment-15684819
]
ASF GitHub Bot commented on TRAFODION-2156:
-------------------------------------------
Github user DaveBirdsall commented on a diff in the pull request:
https://github.com/apache/incubator-trafodion/pull/845#discussion_r88995013
--- Diff: docs/sql_reference/src/asciidoc/_chapters/sql_statements.adoc ---
@@ -5802,102 +5823,102 @@ IMPORTANT: This statement works only when
authentication and authorization are e
REVOKE [GRANT OPTION FOR]
{privilege [,privilege]...| ALL [PRIVILEGES]}
ON [object-type] [schema.]object
- FROM {grantee [,grantee]...}
- [[GRANTED] BY grantor] [RESTRICT | CASCADE]
+ FROM {grantee}
+ [[GRANTED] BY grantor]
privilege is:
- SELECT
- | DELETE
- | INSERT
- | REFERENCES
- | UPDATE
- | EXECUTE
+ DELETE
+ | EXECUTE
+ | INSERT [column-list]
+ | REFERENCES [column-list]
+ | SELECT [column-list]
+ | UPDATE [column-list]
| USAGE
object-type is:
- TABLE
- | PROCEDURE
+ FUNCTION
| LIBRARY
- | FUNCTION
+ | PROCEDURE
+ | SEQUENCE
+ | TABLE
grantee is:
auth-name
grantor is:
role-name
+
+column-list is:
+ (column [,column]...)
+
```
=== Syntax Description of REVOKE
* `GRANT OPTION FOR`
+
-specifies that the grantee’s authority to grant the specified privileges
to other users or roles (that is, WITH GRANT
+Specifies that the grantee’s authority to grant the specified privileges
to other users or roles (that is, WITH GRANT
OPTION) be revoked. This is an optional clause. When this clause is
specified, only the ability to grant the privilege
to another user is revoked.
* `_privilege_ [, _privilege_ ] … | ALL [ PRIVILEGES ]`
+
-specifies the privileges to revoke. You can specify these privileges for
an object:
+Specifies the privileges to revoke. You can specify these privileges for
an object:
+
[cols="20%,80%"]
|===
-| SELECT | Revokes the ability to use the SELECT statement.
-| DELETE | Revokes the ability to use the DELETE statement.
-| INSERT | Revokes the ability to use the INSERT statement.
-| REFERENCES | Revokes the ability to create constraints that reference
the object.
-| UPDATE | Revokes the ability to use the UPDATE statement.
-| EXECUTE | Revokes the ability to execute a stored procedure using a
CALL statement or revokes the ability
+| DELETE | Revokes the ability to use the DELETE
statement.
+| EXECUTE | Revokes the ability to execute a stored
procedure using a CALL statement or revokes the ability
+| INSERT [columm-list] | Revokes the ability to use the INSERT
statement.
+| REFERENCES [column-list] | Revokes the ability to create constraints
that reference the object.
+| SELECT [column-list] | Revokes the ability to use the SELECT
statement.
+| UPDATE [column-list] | Revokes the ability to use the UPDATE
statement.
to execute a user-defined function (UDF).
-| USAGE | Revokes the ability to access a library using the CREATE
PROCEDURE or CREATE FUNCTION statement.
+| USAGE | Revokes the ability to access a library using
the CREATE PROCEDURE or CREATE FUNCTION statement.
Revokes read access to the library’s underlying library file.
-| ALL | Revokes the ability to use all privileges that apply to
the object type.
-When you specify ALL for a table or view, this includes the SELECT,
DELETE, INSERT, REFERENCES, and UPDATE
-privileges. When the object is a stored procedure or user-defined function
(UDF), this includes the EXECUTE privilege.
-When the object is a library, this includes the UPDATE and USAGE
privileges.
+| ALL | Revokes the ability to use all privileges
that apply to the object type.
+When you specify ALL for a table or view, this includes the SELECT,
DELETE, INSERT, REFERENCES, and
+UPDATE privileges. When the object is a stored procedure or user-defined
function (UDF), this includes
+the EXECUTE privilege. When the object is a library, this includes the
UPDATE and USAGE privileges.
+When the object is a sequence generator, only the usage privilege is
applied.
|===
* `ON [_object-type_] [_schema_.]_object_`
+
-specifies an object on which to grant privileges. _object-type_ can be:
+Specifies an object on which to grant privileges. See
<<database_object_names,"Database Object Names>>. _object-type_ can be:
-** [TABLE] [_schema_.]_object_, where _object_ is a table or view. See
<<database_object_names,Database Object Names>>.
-** [PROCEDURE] [_schema_.]_procedure-name_, where _procedure-name_ is the
name of a stored procedure in Java (SPJ)
-registered in the database. See <<database_object_names,"Database Object
Names>>.
-** [LIBRARY] [_schema_.]_library-name_, where _library-name_ is the name
of a library object in the database. See
-<<database_object_names,"Database Object Names>>,
** [FUNCTION] [_schema_.]_function-name_, where _function-name_ is the
name of a user-defined function in the database.
-See <<database_object_names,"Database Object Names>>
+** [LIBRARY] [_schema_.]_library-name_, where _library-name_ is the name
of a library object in the database.
--- End diff --
See my earlier comment about square brackets around the object type.
> Update SQL reference manual for column level privileges
> -------------------------------------------------------
>
> Key: TRAFODION-2156
> URL: https://issues.apache.org/jira/browse/TRAFODION-2156
> Project: Apache Trafodion
> Issue Type: Improvement
> Components: documentation
> Reporter: Roberta Marton
> Assignee: Roberta Marton
>
> Column level privileges support should be documented in the reference manual.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
