Revoke, collection or general, privileges from a user. See grant for more information on how access privileges can be set for a user.

To use this function, at least CHANGE privileges on the @thingsdb scope and GRANT privileges on the target scope are required.

This function generates a change.


revoke(target, user, mask)


Argument Type Description
target int/raw Can be either the @node, @thingsdb, or a @collection scope.
user str User to revoke privileges from.
mask int Bit-mask for revoking privileges.

Return value

Returns nil when successful. A lookup_err() is raised if the user or target does not exist.


Revoke all privileges for user iris on collection stuff:

revoke('@:stuff', 'iris', FULL);

Return value in JSON format