Qualified users can grant roles various privileges on tables. These privileges are any combination of select, insert, update, references, alter and index. Any privilege can be later revoked, which takes any combination of the previously granted privileges.
grantor: CURRENT_USER | CURRENT_ROLE
privileges: object_privileges ON TABLE [ ident | ident ]
object_privileges: ALL [ PRIVILEGES ] | operation ','...
operation: INSERT | DELETE | [ UPDATE | SELECT | REFERENCES ] opt_column_list