BORANA UNIVERSITY

College of Natural and Computational science

Department of Computer Science
Advanced database system Miniproject (20%)

1)
a) Create Bank Manager has a database administrator DBA user and create the
Customer table with the relevant attributes and insert at least 10 customer records
under Bank Manager user login. (Note:- Assume what all attributes required for a
customer in bank).

To create a Bank Manager user with a database administrator (DBA) role and
create the Customer table with relevant attributes and insert 10 customer records:

- The first step is to create the Bank Manager user with DBA privileges. This can be
done by executing the following command:
`CREATE USER BankManager IDENTIFIED BY <password>;`
This command creates a user named "BankManager" with a specified password.

- Next, we need to grant DBA privileges to the Bank Manager. This can be done
using the GRANT statement:
`GRANT DBA TO BankManager;`
This command grants the Bank Manager user the DBA role, which gives them
administrative privileges over the database.

1
- Now, let's create the Customer table. We define the relevant attributes for a
customer in a bank, such as customer_id, name, account_number, balance, address,
and phone_number. The command to create the table would look like this:

Command:
CREATE TABLE Customer (
customer_id INT PRIMARY KEY,
name VARCHAR(50),
address VARCHAR(100),
phone_number VARCHAR(15),
account_number VARCHAR(20),
balance DECIMAL(10, 2)
);
--This command creates a table named "Customer" with the specified attributes
and their data types.

- Finally, we need to insert 10 customer records into the Customer table. We use the
INSERT INTO statement to achieve this. Each record consists of values for the
attributes defined in the table

INSERT INTO Customer (customer_id, name, address, phone_number,

account_number, balance)
VALUES (1, 'Galgalo Boru', 'Yabello', '+251-456-7890', '1000396242', 6000.35),
(2, 'Malkamu Nuguse', 'Bule Hora', '+251-654-3210', '10004354662', 5466.98),
(3, 'Abduba Doyo', 'Dololo', '+251-555-5555', '100053434', 7643.54),
(4, 'Gadise kalbesa', 'Gida Ayana', '+251-2-3333', '1000432754', 6298.23),
(5, 'David Waqo', 'Moyale', '+251-444-4444', '1000867686', 9854.00),
(6, 'Emily Baro', 'Mega', '+251-888-9999', '10008796867', 4563.00),
(7, 'Shanqo Smith', 'Asosa', '+251-333-4444', '1000453642', 2955.00),
(8, 'Gamada Tolera', 'Shambu', '+251-888-7777', '100735556',7654.77 ),
(9, 'Sabona Marara', 'Fincha', '+251-777-8888', '1000978645', 20000.00),
(10, 'Sura Emiru ', 'Gimbi', '+251-222-1111', '100032435556', 10000.00);

2
b) Create 4 different users in the bank for each work under Bank Manager login.
(like clerk, cashier, auditor & manager). - First, create a user for each role under
the Bank Manager login. For example, to create the Clerk user, use the CREATE
USER statement:
`CREATE USER Clerk IDENTIFIED BY <password>;`
Repeat this step for the Cashier, Auditor, and Manager users, replacing the
username and password accordingly.

Command:
CREATE USER clerk IDENTIFIED BY password;
CREATE USER cashier IDENTIFIED BY password;
CREATE USER auditor IDENTIFIED BY password;
CREATE USER manager IDENTIFIED BY password;

c) Create different views for every user which you created in the 2nd Step which is
necessary for that particular user as per the bank role.
- Create a view for each user that includes only the relevant information for their
role. For example, to create a view for the Clerk user, use the CREATE VIEW
statement:
`CREATE VIEW ClerkView AS SELECT * FROM Customer;`
This command creates a view named "ClerkView" that selects all columns from
the Customer table. Customize the SELECT statement to include only the necessary
columns for each user's view.

- Repeat this step for the CashierView, AuditorView, and ManagerView,

customizing the SELECT statement for each user's view.

Command:

CREATE VIEW clerk_view AS SELECT customer_id, name, address FROM

Customer;
CREATE VIEW cashier_view AS SELECT customer_id, name, address,
account_number, balance FROM Customer;
CREATE VIEW auditor_view AS SELECT * FROM Customer;

3
CREATE VIEW manager_view AS SELECT * FROM Customer;

d) Give any user only view permission as per the realistic bank role.

- Grant view permission to each user for their specific view. For example, to grant
the Clerk user view permission on the ClerkView:
`GRANT SELECT ON ClerkView TO Clerk;`
This command grants the SELECT permission to the Clerk user on the ClerkView.
Repeat this step for the Cashier, Auditor, and Manager users and their respective
views.

Command:

GRANT SELECT ON clerk_view TO clerk;

GRANT SELECT ON cashier_view TO cashier;
GRANT SELECT ON auditor_view TO auditor;
GRANT SELECT ON manager_view TO manager;

e) Give any user only update permission the balance attribute when there is a cash
deposit or cash withdrawal as per the realistic bank role.

- Grant update permission to the user who needs to update the balance attribute.
For example, to grant the Cashier user update permission on the balance attribute:
`GRANT UPDATE (balance) ON Customer TO Cashier;`
This command grants the UPDATE permission on the balance attribute of the
Customer table to the Cashier user. Repeat this step for other users who require this
permission

Command:
GRANT UPDATE (balance) ON Customer TO cashier;

f) Give auditor only delete permission and show any delete transaction.

- Grant delete permission to the Auditor user. For example, to grant delete
permission on the Customer table to the Auditor user:

4
 `GRANT DELETE ON Customer TO Auditor;`
This command grants the DELETE permission on the Customer table to the
Auditor user.

Command:
GRANT DELETE ON Customer TO auditor;
- The Auditor user can then query the database to view any delete transactions.
They can use the DELETE statement to delete records or query the database to view
existing delete transactions.

2. Suppose that the database administrator (DBA) creates four users: user1, user2,
user3, and user4. DBA issues the following GRANT command in SQL

"GRANT CREATETAB TO user2;"

5
And suppose that user2 creates the three base tables department, student, and
course. Do the following questions based on the given direction.

a) Write SQL command, if user2 wants to grant user3 the privilege to enter and
read rows in the student relation, and also user2 wants user3 to be able to
propagate these privileges to other users.

To grant user3 the privilege to enter and read rows in the student relation, and also
allow user3 to propagate these privileges to other users, user2 can use the following
SQL command:

Command:
GRANT INSERT, SELECT ON student TO user3 WITH GRANT OPTION;

This command grants user3 the ability to insert and select rows in the student
relation. The "WITH GRANT OPTION" allows user3 to grant these privileges to
other users.

b) Write SQL command, based on question number A, if user3 wants to grant

user1 the privilege to insert data in the student relation, but user3 does not
want user1 to be able to propagate these privileges to other users.

To grant user1 the privilege to insert data in the student relation, but prevent user1
from propagating these privileges to other users, user3 can use the following SQL
command:

Command:
GRANT INSERT ON student TO user1;

This command grants user1 the ability to insert rows in the student relation.
Without the "WITH GRANT OPTION" clause, user1 won't be able to grant this
privilege to other users.

c) Write SQL command, if user2 wants to grant all users the privilege to insert,
delete, update, and delete rows in the three relations, but each user does not
want to be able to propagate these privileges to other users.

6
To grant all users the privilege to insert, delete, update, and delete rows in the three
relations (department, student, and course), while preventing them from
propagating these privileges to other users, user2 can use the following SQL
commands:

Command:
GRANT INSERT, DELETE, UPDATE, SELECT ON department, student, course
TO PUBLIC```sql
-- Grant insert privilege to all users
GRANT INSERT ON department, student, course TO user1, user2, user3, user4;

-- Grant delete privilege to all users

GRANT DELETE ON department, student, course TO user1, user2, user3, user4;

-- Grant update privilege to all users

GRANT UPDATE ON department, student, course TO user1, user2, user3, user4;

-- Grant select privilege to all users

GRANT SELECT ON department, student, course TO user1, user2, user3, user4;
```

These commands grant the specified privileges (insert, delete, update, and select) to
all users (user1, user2, user3, and user4) on the three specified relations
(department, student, and course). However, the users won't be able to grant these
privileges to other users.
;

d) Write SQL command, Based on question number C if user 2 decides to

revoke the insert and delete privilege on all relations from user1 and user4.

Based on question number C, if user2 wants to grant user3 the same privileges as
all users (insert, delete, update, and select) on the three relations (department,
student, and course), the following SQL commands can be used:

```sql

7
-- Grant insert, delete, update, and select privileges to user3
GRANT INSERT, DELETE, UPDATE, SELECT ON department, student, course
TO user3;
```

This command grants user3 the ability to insert, delete, update, and select rows in
the department, student, and course relations. However, user3 won't be able to
grant these privileges to other users.;