Files
oracle-deep-data-security-lab/scenarios/01-ai-prompt-injection/sql/02_identities.sql
Rodrigo db3d68af10
Some checks failed
Repo Quality / structure (push) Has been cancelled
Terraform Validate / validate (push) Has been cancelled
Improve Deep Data Security lab scenarios
2026-05-13 16:13:04 -03:00

28 lines
1.1 KiB
SQL
Executable File

WHENEVER SQLERROR EXIT SQL.SQLCODE
CREATE END USER alice IDENTIFIED BY "Welcome1_DDS!";
CREATE END USER bruno IDENTIFIED BY "Welcome1_DDS!";
CREATE END USER carla IDENTIFIED BY "Welcome1_DDS!";
CREATE DATA ROLE sales_rep_role;
CREATE DATA ROLE regional_manager_role;
CREATE DATA ROLE hr_global_role;
CREATE ROLE ai_prompt_session_role;
GRANT CREATE SESSION TO ai_prompt_session_role;
GRANT ai_prompt_session_role TO sales_rep_role;
GRANT ai_prompt_session_role TO regional_manager_role;
GRANT ai_prompt_session_role TO hr_global_role;
-- Vulnerable baseline: this broad legacy role simulates an application or AI
-- integration that grants direct object access before Deep Data Security is enforced.
CREATE ROLE ai_prompt_legacy_access_role;
GRANT SELECT ON dds_ai_customers TO ai_prompt_legacy_access_role;
GRANT ai_prompt_legacy_access_role TO sales_rep_role;
GRANT ai_prompt_legacy_access_role TO regional_manager_role;
GRANT ai_prompt_legacy_access_role TO hr_global_role;
GRANT DATA ROLE sales_rep_role TO alice;
GRANT DATA ROLE regional_manager_role TO bruno;
GRANT DATA ROLE hr_global_role TO carla;