...
Code Block | ||
---|---|---|
| ||
REVOKE [ADMIN OPTION FOR] role_name [, role_name] ...
FROM principal_specification [, principal_specification] ... ;
principal_specification
: USER user
| ROLE role |
Revokes the membership of the roles from the user/roles in the FROM clause.
Currently revoking Revoking just the ADMIN OPTION is not possible . You need to revoke the principal’s role grant, and then grant the role to principal without admin optionwith the use of REVOKE ADMIN OPTION FOR <role>.
Show Role Grant
Code Block | ||
---|---|---|
| ||
SHOW ROLE GRANT (USER|ROLE) principal_name; |
...
Code Block | ||
---|---|---|
| ||
REVOKE [GRANT OPTION FOR]
priv_type [, priv_type ] ...
ON table_or_view_name
FROM principal_specification [, principal_specification] ... ;
principal_specification
: USER user
| ROLE role |
If a user is granted a privilege WITH GRANT OPTION on a user or a role, then the user can also grant other users the privileges it has on those tables. The grant option for a privilege can be removed while still keeping the privilege using REVOKE GRANT OPTION FOR <privilege>.
Note that in case of the REVOKE statement, the DROP-BEHAVIOR option of CASCADE is not currently supported (which is in SQL standard). As a result, the revoke statement will not drop any dependent privileges. For details on CASCADE behavior, you can check the Postgres revoke documentation.
...