• Article

Revoke Method (UserDefinedFunction)

This feature will be removed in a future version of Microsoft SQL Server. Avoid using this feature in new development work, and plan to modify applications that currently use this feature.

The Revoke method undoes a grant or deny of a user-defined function permission for one or more Microsoft SQL Server users or roles.

Syntax

object.Revoke(Privileges, RevokeeNames , 
[ GrantGrant ] , 
[ RevokeGrantOption ] , 
[ AsRole ] )

Parts

  • object
    Expression that evaluates to an object in the Applies To list

  • Privileges
    Long integer that specifies one or more user-defined function permissions as described in Settings.

  • RevokeeNames
    SQL Distributed Management Objects (SQL-DMO) multistring that lists users or roles.

  • GrantGrant
    When TRUE, the grantee(s) specified are granted the ability to execute the REVOKE statement referencing the user-defined function. When FALSE (default), the ability to limit permission is not granted.

  • RevokeGrantOption
    When TRUE, the ability to extend permission is revoked. When FALSE (default), no change is made to the ability to extend permission.

  • AsRole
    String that identifies a role to which the connected user belongs as described in Remarks.

Prototype (C/C++)

HRESULT Revoke(
SQLDMO_PRIVILEGE_TYPE iPrivileges, 
SQLDMO_LPCSTR RevokeeNames, 
BOOL GrantGrant, 
BOOL RevokeGrantOption, 
SQLDMO_LPCSTR AsRole);

Settings

Set Privileges by using these SQLDMO_PRIVILEGE_TYPE values. To specify more than a single permission, combine values by using an OR logical operator.

Constant

Value

Description

SQLDMOPriv_AllObjectPrivs

63

Revoke all granted or denied permissions on the referenced stored procedure.

SQLDMOPriv_Execute

16

Revoke granted or denied execute permission on the referenced stored procedure.

Remarks

When a user is a member of more than a single role, the user can have permission to grant access to a user-defined function under one role and not under another. In this case, SQL Server security mechanisms prevent execution of the Revoke method on the UserDefinedFunction object referencing that user-defined function. Use the AsRole argument to specify the role under which permission to execute the grant exists.

Granting permissions to database users and roles by using the Revoke method of the UserDefinedFunction object requires appropriate privilege. The SQL Server login used for SQLServer object connection must be granted the ability to execute GRANT referencing the user-defined function, the owner of the user-defined function, or a member of a role with greater privilege.

For more information about setting multistring parameters, see Using SQL-DMO Multistrings.

Note

If an application call the Revoke method of the UserDefinedFunction object on an instance of SQL Server version 7.0, NULL is returned.