Cybersecurityknowledge~30 mins

Role-based access control (RBAC) in Cybersecurity - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Practice Challenge Project Recall Time

Role-based Access Control (RBAC) Basics

📖 Scenario: You are setting up a simple access control system for a small company. Different employees have different roles, and each role has specific permissions to access parts of the company's computer system.

🎯 Goal: Build a clear structure that shows which roles exist, what permissions each role has, and assign users to roles. This will help understand how RBAC works in real life.

📋 What You'll Learn

Create a dictionary called roles with three roles: Admin, Editor, and Viewer.

Each role should have a list of permissions exactly as: Admin has ['read', 'write', 'delete'], Editor has ['read', 'write'], and Viewer has ['read'].

Create a dictionary called users with three users: 'Alice', 'Bob', and 'Charlie'.

Alice should have the role 'Admin', Bob the role 'Editor', and Charlie the role 'Viewer'.

Create a function called get_user_permissions that takes a username and returns the list of permissions for that user's role.

💡 Why This Matters

🌍 Real World

RBAC is used in companies to control who can see or change information, keeping systems safe and organized.

💼 Career

Understanding RBAC is important for cybersecurity roles, system administration, and software development to manage user access securely.

Progress0 / 4 steps

Create the roles dictionary

Create a dictionary called roles with these exact entries: 'Admin': ['read', 'write', 'delete'], 'Editor': ['read', 'write'], and 'Viewer': ['read'].

Cybersecurity

# Create the roles dictionary with exact roles and permissions
# Your code here

Need a hint?

Use a dictionary with role names as keys and lists of permissions as values.

Create the users dictionary

Create a dictionary called users with these exact entries: 'Alice': 'Admin', 'Bob': 'Editor', and 'Charlie': 'Viewer'.

Cybersecurity

roles = {
    'Admin': ['read', 'write', 'delete'],
    'Editor': ['read', 'write'],
    'Viewer': ['read']
}
# Create the users dictionary with exact usernames and roles
# Your code here

Need a hint?

Use a dictionary with usernames as keys and their roles as values.

Define the permission lookup function

Define a function called get_user_permissions that takes a parameter username and returns the list of permissions for that user's role by looking up users and roles dictionaries.

Cybersecurity

roles = {
    'Admin': ['read', 'write', 'delete'],
    'Editor': ['read', 'write'],
    'Viewer': ['read']
}

users = {
    'Alice': 'Admin',
    'Bob': 'Editor',
    'Charlie': 'Viewer'
}

# Define get_user_permissions(username) function
# Your code here

Need a hint?

Use users.get(username) to find the role, then roles.get(role, []) to get permissions.

Complete the RBAC setup

Add a comment at the end of the code explaining that this setup allows checking user permissions based on their role.

Cybersecurity

roles = {
    'Admin': ['read', 'write', 'delete'],
    'Editor': ['read', 'write'],
    'Viewer': ['read']
}

users = {
    'Alice': 'Admin',
    'Bob': 'Editor',
    'Charlie': 'Viewer'
}

def get_user_permissions(username):
    role = users.get(username)
    if role:
        return roles.get(role, [])
    return []

# Add a comment explaining the purpose of this RBAC setup
# Your code here

Need a hint?

Add a clear comment describing the purpose of the code.