CREATE OR REPLACE VIEW users.list_users WITH (security_barrier) AS
    SELECT
        r.rolname,
        p.username,
        CAST('' AS varchar) AS pw,
        p.country,
        p.map_extent,
        p.email_address
    FROM internal.user_profiles p
        JOIN pg_roles u ON p.username = u.rolname
        JOIN pg_auth_members a ON u.oid = a.member
        JOIN pg_roles r ON a.roleid = r.oid
    WHERE p.username = current_user
        OR pg_has_role('waterway_admin', 'MEMBER')
            AND p.country = (
                SELECT country FROM internal.user_profiles
                    WHERE username = current_user)
            AND r.rolname <> 'sys_admin'
        OR pg_has_role('sys_admin', 'MEMBER')