haochengsama's picture
Add files using upload-large-folder tool
3a28a9e verified
|
Raw
History Blame Contribute Delete
1.27 kB

Set up basic database security with role-based access control and Row-Level Security (RLS) for the LEGO database.

Your Tasks:

1. Create Database Role and Permissions

Create a new database role called theme_analyst with the following permissions:

  • SELECT permissions on all reference tables: lego_themes, lego_colors, lego_parts, lego_part_categories
  • SELECT permissions on main data tables: lego_sets, lego_inventories, lego_inventory_parts
  • No INSERT, UPDATE, or DELETE permissions on any tables

2. Enable Row-Level Security

Enable RLS on the following tables:

  • lego_sets
  • lego_inventories
  • lego_inventory_parts

Requirements:

  • Use CREATE ROLE to create the theme_analyst role
  • Use GRANT SELECT statements to assign the appropriate permissions
  • Use ALTER TABLE ... ENABLE ROW LEVEL SECURITY to enable RLS on each table

Expected Outcome:

After completing these tasks:

  • The theme_analyst role should exist with read-only access to specified tables
  • Row-Level Security should be enabled (but not yet enforced with policies) on the three main data tables
  • The role should have no write permissions on any table

This sets up the foundation for implementing theme-based data isolation policies.