Is This Content Helpful?
We're glad to know this article was helpful.
When revoking privileges on a versioned feature class, the select privileges are not revoked from the versioned table's adds and deletes tables.
Even though the privileges are not revoked from the adds and deletes tables, users will not be able to select or edit the versioned table with ArcGIS. However, the users will continue to have access to the tables directly with SQL. This may be considered a security risk.
The cause of the problem resides in the ArcSDE function, which revokes privileges from objects. The adds and deletes tables are mistakenly skipped when privileges are revoked.
Explicitly revoke privileges on the versioned classes adds and deletes table using SQL or the DBMS's administration utilities.
For example, in Oracle, to revoke the privileges on a versioned tables adds and deletes table, one must first identify the table's registration_id and then revoke the privilege.
SQL> SELECT registration_id FROM sde.table_registry WHERE table_name = 'GAS_MAINS';
SQL> REVOKE SELECT ON a45 FROM brent;
SQL> REVOKE SELECT ON d45 FROM brent;