Improve view bypass lab before and after flow
Some checks failed
Repo Quality / structure (push) Has been cancelled

This commit is contained in:
2026-05-18 12:22:35 -03:00
parent 07390ff902
commit 1d11986e94
7 changed files with 164 additions and 24 deletions

View File

@@ -2,6 +2,7 @@ WHENEVER SQLERROR EXIT SQL.SQLCODE
CREATE END USER emma IDENTIFIED BY "Welcome1_DDS!";
CREATE END USER marvin IDENTIFIED BY "Welcome1_DDS!";
CREATE END USER erik IDENTIFIED BY "Welcome1_DDS!";
CREATE DATA ROLE account_owner_role;
@@ -9,5 +10,13 @@ CREATE ROLE mac_session_role;
GRANT CREATE SESSION TO mac_session_role;
GRANT mac_session_role TO account_owner_role;
-- Vulnerable baseline: this broad role simulates legacy direct table and view
-- access before DDS mandatory enforcement is enabled.
CREATE ROLE mac_legacy_broad_access_role;
GRANT SELECT ON dds_mac_accounts TO mac_legacy_broad_access_role;
GRANT SELECT ON dds_mac_accounts_view TO mac_legacy_broad_access_role;
GRANT mac_legacy_broad_access_role TO account_owner_role;
GRANT DATA ROLE account_owner_role TO emma;
GRANT DATA ROLE account_owner_role TO marvin;
GRANT DATA ROLE account_owner_role TO erik;