SYSCS_DIAG.CONTAINED_ROLES diagnostic table function

The SYSCS_DIAG.CONTAINED_ROLES diagnostic table function returns all the roles contained within the specified role.

The argument that is passed to this table function should be the name of the role, specified as a string in quotes, or the special keyword CURRENT_ROLE, which indicates the current role in effect. For a definition of role containment, see "Syntax for roles" in GRANT statement.

For example:

SELECT * FROM TABLE (SYSCS_DIAG.CONTAINED_ROLES('READER')) AS T1
SELECT * FROM TABLE (SYSCS_DIAG.CONTAINED_ROLES(CURRENT_ROLE)) AS T2

All users can access this diagnostic table function, whether or not the database has authentication and SQL authorization enabled. See "Configuring user authentication" and "Configuring user authorization" in the Derby Security Guide for more information.

The returned table has the column shown in the following table.

Table 1. Column returned by the SYSCS_DIAG.CONTAINED_ROLES table function
Column Name Type Length Nullable Contents
ROLEID VARCHAR 128 false The identifier of the role.
Related reference
SYSCS_DIAG.ERROR_LOG_READER diagnostic table function
SYSCS_DIAG.ERROR_MESSAGES diagnostic table
SYSCS_DIAG.LOCK_TABLE diagnostic table
SYSCS_DIAG.SPACE_TABLE diagnostic table function
SYSCS_DIAG.STATEMENT_CACHE diagnostic table
SYSCS_DIAG.STATEMENT_DURATION diagnostic table function
SYSCS_DIAG.TRANSACTION_TABLE diagnostic table