diff --git a/schema.sql b/schema.sql
index 15bed94..251326b 100644
--- a/schema.sql
+++ b/schema.sql
@@ -69,3 +69,33 @@ BEGIN
     ON CONFLICT DO NOTHING;
 END;
 $$ LANGUAGE plpgsql;
+
+
+CREATE FUNCTION c77_rbac_grant_feature(
+    p_role_name TEXT,
+    p_feature_name TEXT
+) RETURNS VOID AS $$
+DECLARE
+    v_role_id UUID;
+    v_feature_id UUID;
+BEGIN
+    -- Get or create role
+    SELECT role_id INTO v_role_id FROM c77_rbac_roles WHERE name = p_role_name;
+    IF v_role_id IS NULL THEN
+        INSERT INTO c77_rbac_roles (name) VALUES (p_role_name)
+        RETURNING role_id INTO v_role_id;
+    END IF;
+
+    -- Get or create feature
+    INSERT INTO c77_rbac_features (name)
+    VALUES (p_feature_name)
+    ON CONFLICT (name) DO UPDATE SET name = EXCLUDED.name
+    RETURNING feature_id INTO v_feature_id;
+
+    -- Link role to feature
+    INSERT INTO c77_rbac_role_features (role_id, feature_id)
+    VALUES (v_role_id, v_feature_id)
+    ON CONFLICT DO NOTHING;
+END;
+$$ LANGUAGE plpgsql;
+