REVOKE { { SELECT | INSERT | UPDATE | DELETE | RULE | REFERENCES | TRIGGER } [,...] | ALL [ PRIVILEGES ] } ON [ TABLE ] tablename [, ...] FROM { username | GROUP groupname | PUBLIC } [, ...] REVOKE { { CREATE | TEMPORARY | TEMP } [,...] | ALL [ PRIVILEGES ] } ON DATABASE dbname [, ...] FROM { username | GROUP groupname | PUBLIC } [, ...] REVOKE { EXECUTE | ALL [ PRIVILEGES ] } ON FUNCTION funcname ([type, ...]) [, ...] FROM { username | GROUP groupname | PUBLIC } [, ...] REVOKE { USAGE | ALL [ PRIVILEGES ] } ON LANGUAGE langname [, ...] FROM { username | GROUP groupname | PUBLIC } [, ...] REVOKE { { CREATE | USAGE } [,...] | ALL [ PRIVILEGES ] } ON SCHEMA schemaname [, ...] FROM { username | GROUP groupname | PUBLIC } [, ...]
REVOKE allows the creator of an object to revoke previously granted permissions from one or more users or groups of users. The key word PUBLIC refers to the implicitly defined group of all users.
Note that any particular user will have the sum of privileges granted directly to him, privileges granted to any group he is presently a member of, and privileges granted to PUBLIC. Thus, for example, revoking SELECT privilege from PUBLIC does not necessarily mean that all users have lost SELECT privilege on the object: those who have it granted directly or via a group will still have it.
See the description of the GRANT command for the meaning of the privilege types.
Use psql's \z command to display the privileges granted on existing objects. See also GRANT for information about the format.
Revoke insert privilege for the public on table films:
REVOKE INSERT ON films FROM PUBLIC;
Revoke all privileges from user manuel on view kinds:
REVOKE ALL PRIVILEGES ON kinds FROM manuel;
The compatibility notes of the GRANT command apply analogously to REVOKE. The syntax summary is:
REVOKE [ GRANT OPTION FOR ] { SELECT | INSERT | UPDATE | DELETE | REFERENCES } ON object [ ( column [, ...] ) ] FROM { PUBLIC | username [, ...] } { RESTRICT | CASCADE }
If user1 gives a privilege WITH GRANT OPTION to user2, and user2 gives it to user3 then user1 can revoke this privilege in cascade using the CASCADE keyword. If user1 gives a privilege WITH GRANT OPTION to user2, and user2 gives it to user3, then if user1 tries to revoke this privilege it fails if he specifies the RESTRICT keyword.