WHENEVER SQLERROR EXIT SQL.SQLCODE CREATE USER dds_audit_analyst IDENTIFIED BY "Welcome1_Audit!" ACCOUNT UNLOCK; GRANT CREATE SESSION TO dds_audit_analyst; CREATE END USER auditor IDENTIFIED BY "Welcome1_DDS!"; CREATE END USER payment_operator IDENTIFIED BY "Welcome1_DDS!"; CREATE DATA ROLE audit_read_role; CREATE DATA ROLE payment_operator_role; CREATE ROLE audit_session_role; GRANT CREATE SESSION TO audit_session_role; GRANT audit_session_role TO audit_read_role; GRANT audit_session_role TO payment_operator_role; -- Vulnerable baseline: this broad legacy role simulates an operational payment -- application that grants direct table access before DDS is enforced. CREATE ROLE audit_legacy_broad_access_role; GRANT SELECT ON dds_audit_payments TO audit_legacy_broad_access_role; GRANT audit_legacy_broad_access_role TO audit_read_role; GRANT audit_legacy_broad_access_role TO payment_operator_role; GRANT DATA ROLE audit_read_role TO auditor; GRANT DATA ROLE payment_operator_role TO payment_operator;