The SYSROLES table stores the roles in the database.
A row in the SYSROLES table represents one of the following:
The keys for the SYSROLES table are:
The following table shows the contents of the SYSROLES system table.
Column Name | Type | Length | Nullable | Contents |
---|---|---|---|---|
UUID | CHAR | 36 | false | A unique identifier for this role |
ROLEID | VARCHAR | 128 | false | The role name, after conversion to case normal form |
GRANTEE | VARCHAR | 128 | false | If the row represents a role grant, this is the authorization identifier of a user or role to which this role is granted. If the row represents a role definition, this is the database owner's user name. |
GRANTOR | VARCHAR | 128 | false | This is the authorization identifier of the user that granted this role. If the row represents a role definition, this is the authorization identifier _SYSTEM. If the row represents a role grant, this is the database owner's user name (since only the database owner can create and grant roles). |
WITHADMINOPTION | CHAR | 1 | false | A role definition is modelled as a grant from _SYSTEM to the database owner, so if the row represents a role definition, the value is always 'Y'. This means that the creator (the database owner) is always allowed to grant the newly created role. Currently roles cannot be granted WITH ADMIN OPTION, so if the row represents a role grant, the value is always 'N'. |
ISDEF | CHAR | 1 | false | If the row represents a role definition, this value is 'Y'. If the row represents a role grant, the value is 'N'. |