box.schema.role.revoke() | Tarantool


box.schema.role.revoke(role-name, permissions, object-type, object-name)

Revoke privileges from a role.

  • role-name (string) – the name of the role
  • permissions (string) – one or more permissions to revoke from the role (for example, read or read,write)
  • object-type (string) – a database object type to revoke permissions from (for example, space, role, or function)
  • object-name (string) – the name of a database object to revoke permissions from

The role must exist, and the object must exist, but it is not an error if the role does not have the privilege.

Variation: instead of object-type, object-name say universe which means ‘all object-types and all objects’.

Variation: instead of permissions, object-type, object-name say role-name.

See also: Managing roles.

Found what you were looking for?