<< sql

SQL Privilege

# grant

Use grant to give privileges based on users or roles:

grant <privileges>
on <relation/view>
to <users/roles>
[with grant option];
# revoke

Use revoke to revoke the privileges:

revoke <privileges>
on <relation/view>
from <users/roles>
[restrict | casecade];

Specially, the grant option can also be revoked by revoke grant option for <privileges>.

If some privileges are based on the revoked privileges, they will be revoked also.

# Role

We can create roles to classify users:

create role <role-name>

The role can be grant to user, or to another role:

grant <role> to <user>
grant <role1> to <role2>

As mentioned beforehand, the privilege can be granted to role.

--- grant ...
--- ...
granted by <role>
# Schema Privilege

Only the schema onwer is able to modify schema.

references is also a privilege, since the reference will construct constraints to table.