The ExpandedMembersOfRole function takes
one role name parameter and returns the locally assigned and inherited users and
groups of a role that an object has including the users of those groups as well.
The ExpandedMembersOfRole function can be used along with the following
operators as a filter in the WHERE clause: =, !=, = ANY (...), != ANY (...), =
ALL(...), != ALL (...), EXISTS and NOT EXISTS.
For example, the Object1
object has the User1 user and Group1 user group assigned locally to the role
Role1 that inherits the Group2 assignment. The Group2 group has the User2 user.
The following filters would find the object:
•ExpandedMembersOfRole('Role1') = 'User1'
•ExpandedMembersOfRole('Role1') = all('User1','Group1','Group2')
•ExpandedMembersOfRole('Role1') = any('User1','Group1')
•ExpandedMembersOfRole('Role1') = 'Group2'
•ExpandedMembersOfRole('Role1') = 'User2'
For any name specified as a value of the
filter, the name is treated as a user if there exist a user and a group by the
same name. To avoid ambiguity, avoid naming users and groups by the same
names.
The ExpandedMembersOfRole function cannot be used in the SELECT
list.