haochengsama's picture
Add files using upload-large-folder tool
3a28a9e verified
|
Raw
History Blame Contribute Delete
1.27 kB
Set up basic database security with role-based access control and Row-Level Security (RLS) for the LEGO database.
## Your Tasks:
### 1. Create Database Role and Permissions
Create a new database role called `theme_analyst` with the following permissions:
* `SELECT` permissions on all reference tables: `lego_themes`, `lego_colors`, `lego_parts`, `lego_part_categories`
* `SELECT` permissions on main data tables: `lego_sets`, `lego_inventories`, `lego_inventory_parts`
* No `INSERT`, `UPDATE`, or `DELETE` permissions on any tables
### 2. Enable Row-Level Security
Enable RLS on the following tables:
* `lego_sets`
* `lego_inventories`
* `lego_inventory_parts`
## Requirements:
- Use `CREATE ROLE` to create the `theme_analyst` role
- Use `GRANT SELECT` statements to assign the appropriate permissions
- Use `ALTER TABLE ... ENABLE ROW LEVEL SECURITY` to enable RLS on each table
## Expected Outcome:
After completing these tasks:
- The `theme_analyst` role should exist with read-only access to specified tables
- Row-Level Security should be enabled (but not yet enforced with policies) on the three main data tables
- The role should have no write permissions on any table
This sets up the foundation for implementing theme-based data isolation policies.