Skip to content
interviewdb.com
BrowsePricingSign in
← All companies

Stripe

25 questions

Stripe

RBAC Role Resolver

Onsite

You need to build a Role-Based Access Control (RBAC) system. This system manages user roles across a structure of accounts. The accounts are organized like a tree (hierarchy).

You have two inputs:

Accounts: A list showing how accounts are connected (parents and children). User Role Assignments: A list showing which users have which roles on specific accounts. accounts = [ {"accountId": "org_1", "parent": None}, {"accountId": "wksp_1", "parent": "org_1"}, {"accountId": "wksp_2", "parent": "org_1"}, {"accountId": "team_1", "parent": "wksp_1"} ]

user_role_assignments = [ {"userId": "usr_1", "accountId": "org_1", "role": "admin"}, {"userId": "usr_2", "accountId": "wksp_1", "role": "editor"}, {"userId": "usr_3", "accountId": "wksp_1", "role": "viewer"}, {"userId": "usr_1", "accountId": "wksp_2", "role": "editor"} ] The Rules An account has only one parent. There are no loops. The tree is small (max 3 levels deep: Organization → Workspace → Team). Inheritance: If a user has a role at a parent account, they automatically have that role on all child accounts. Example Logic

usr_1 is an admin at org_1

If we ask for usr_1's roles at wksp_1 (a child of org_1):

- usr_1 inherits "admin" from org_1

rbac = RBACRoleResolver(accounts, user_role_assignments) rbac.getUserRoles("usr_1", "org_1") # Returns: ["admin"] rbac.getUserRoles("usr_1", "wksp_1") # Returns: ["admin"] (inherited) rbac.getUserRoles("usr_1", "wksp_2") # Returns: ["admin", "editor"] rbac.getUserRoles("usr_2", "wksp_1") # Returns: ["editor"] rbac.getUserRoles("usr_2", "org_1") # Returns: [] (no role at the top level) Phase 1: Direct Role Lookup Task Requirements Write a class that finds roles assigned directly to a user for a specific account. Do not worry about inheritance yet.

class RBACRoleResolver: def init(self, accounts: list[dict], user_role_assignments: list[dict]): """ Setup the resolver with accounts and assignments.

    Args:
        accounts: List of account objects
        user_role_assignments: List of who has what role where
    """
    pass

def getUserRoles(self, userId: str, accountId: str) -> list[str]:
    """
    Get roles directly assigned to the user for this account.

    Returns:
        List of role names (e.g., ["admin", "editor"])
    """
    pass

Usage Example rbac = RBACRoleResolver(accounts, user_role_assignments) rbac.getUserRoles("usr_1", "org_1") # Returns: ["admin"] rbac.getUserRoles("usr_1", "wksp_2") # Returns: ["editor"] rbac.getUserRoles("usr_2", "wksp_1") # Returns: ["editor"] rbac.getUserRoles("usr_3", "org_1") # Returns: []