From 00dbfd9dd3c37cf6ae95edbbb265967ea62cd0de Mon Sep 17 00:00:00 2001 From: trogers1884 Date: Sun, 25 May 2025 09:42:17 -0500 Subject: [PATCH] Adjustment to TUTORIAL 1&2 --- TUTORIAL-P1.md | 20 ++++++++++++++++++-- TUTORIAL-P2.md | 10 ++++++++++ 2 files changed, 28 insertions(+), 2 deletions(-) diff --git a/TUTORIAL-P1.md b/TUTORIAL-P1.md index 07752e6..64bf6a3 100644 --- a/TUTORIAL-P1.md +++ b/TUTORIAL-P1.md @@ -88,16 +88,20 @@ SELECT extname, extversion FROM pg_extension WHERE extname = 'c77_rbac'; -- Grant necessary privileges to application user GRANT CONNECT ON DATABASE techcorp_tutorial TO techcorp_app; +GRANT CREATE ON DATABASE techcorp_tutorial TO techcorp_app; GRANT USAGE ON SCHEMA public TO techcorp_app; +GRANT CREATE ON SCHEMA public TO techcorp_app; GRANT SELECT ON ALL TABLES IN SCHEMA public TO techcorp_app; GRANT EXECUTE ON ALL FUNCTIONS IN SCHEMA public TO techcorp_app; GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO techcorp_app; -- Set default privileges -ALTER DEFAULT PRIVILEGES IN SCHEMA public +ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT SELECT ON TABLES TO techcorp_app; -ALTER DEFAULT PRIVILEGES IN SCHEMA public +ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT EXECUTE ON FUNCTIONS TO techcorp_app; +ALTER DEFAULT PRIVILEGES IN SCHEMA public + GRANT USAGE, SELECT ON SEQUENCES TO techcorp_app; ``` ### Step 4: Verify RBAC Installation @@ -122,6 +126,18 @@ SELECT public.c77_rbac_revoke_feature('test_role', 'test_feature'); **✅ Checkpoint 1:** You should now have c77_rbac installed and working! +### Important: Switch to Application User + +From this point forward in the tutorial, you should work as the `techcorp_app` user, not as the postgres superuser. This simulates real-world usage where your application connects with limited privileges. + +```bash +# Exit current session if needed +\q + +# Connect as the application user +psql -d techcorp_tutorial -U techcorp_app -W +# Enter the password: secure_tutorial_password + --- ## What's Next? diff --git a/TUTORIAL-P2.md b/TUTORIAL-P2.md index 80ba3bb..1664670 100644 --- a/TUTORIAL-P2.md +++ b/TUTORIAL-P2.md @@ -10,6 +10,16 @@ --- +### Prerequisites + +Make sure you're connected as the `techcorp_app` user created in Part 1: + +```bash +# If not already connected as techcorp_app: +psql -d techcorp_tutorial -U techcorp_app -W +``` + + ## Chapter 2: Creating the TechCorp Database Schema Now we'll create a realistic multi-department company database that will demonstrate all aspects of the c77_rbac system.