class ActiveRecord::ConnectionAdapters::PostgreSQLRevokePrivilege
Creates queries for revoking PostgreSQL role privileges.
This class is meant to be used by the revoke_*_privileges methods in the PostgreSQLAdapter
. Different database objects have different privileges that you can apply to a role. See the PostgreSQLPrivilege
PRIVILEGE_TYPES constant for usage. Generally speaking, you usually don’t want to use this class directly, but rather the aforementioned wrapped methods.
When using the revoke_*_privileges methods, you can specify multiple permissions, objects and roles by using Arrays for the appropriate argument. You can also apply the privileges to all objects within a schema by using the :all option in the options Hash and supply the schema name as the first argument.
Examples¶ ↑
revoke_table_privileges([ :table1, :table2 ], :select, :joe) # => REVOKE SELECT ON TABLE "table1", "table2" FROM "joe" revoke_sequence_privileges(:my_seq, [ :select, :update ], :public) # => REVOKE SELECT, UPDATE ON SEQUENCE "my_seq" FROM PUBLIC
You can specify the :grant_option_for
in any of the revoke_*_privilege methods to add a GRANT OPTION FOR clause to the command. Note that this option removes the role’s ability to grant the privilege to other roles, but does not remove the privilege itself.
You can also specify the :cascade
option to cause the privilege revocation to cascade down to depedent privileges.
The cascading stuff is pretty crazy, so you may want to consult the PostgreSQL docs on the subject.