# Database for Crime Reports

In this project, we will be creating a PostgreSQL database to store data about crime reports in Boston. Not only are we going to store the data, but also create a correct database environment with the corresponding database, schema, table, users and groups, according to this diagram:
![image.png](attachment:image.png)

----------

## Creating the database and schema

We import the necessary libraries.

In [1]:
import psycopg2, csv

We connect to the Postgres server and create a database called ```crime_db``` to store our data. 

In [2]:
conn = psycopg2.connect('dbname=postgres user=postgres password=admin')
conn.autocommit = True

cur = conn.cursor()
cur.execute('DROP DATABASE crime_db;')
cur.execute('CREATE DATABASE crime_db;')

conn.autocommit = False
conn.close()

We now connect to the newly created database and create a schema called ```crimes```.

In [3]:
conn = psycopg2.connect('dbname=crime_db user=postgres password=admin')
cur = conn.cursor()
cur.execute('CREATE SCHEMA crimes;')
conn.commit()

## Analyzing the dataset and defining the best data types

We open the ```boston.csv``` file and print the header and first row to see how our data looks.

In [4]:
with open('boston.csv', 'r') as file:
    reader = csv.reader(file)
    dataset = list(reader)
    header = dataset[0]
    data = dataset[1:]
    
print(header)
print(data[0])

['incident_number', 'offense_code', 'description', 'date', 'day_of_the_week', 'lat', 'long']
['1', '619', 'LARCENY ALL OTHERS', '2018-09-02', 'Sunday', '42.35779134', '-71.13937053']


We write a function that will return a set with all the distinct values for each column. By doing this, we can decide if it is a good idea to use an enumerated list for any column of our SQL table. 

In [5]:
def get_col_value_set(data, index):
    value_set = set()
    for row in data:
        value = row[index]
        value_set.add(value)
    return value_set

After running the previous function on every column of our dataset, we decide we will use an enumerated list for ```day_of_the_week```, as it has only seven different values. This will only allow any of these seven values to be entered in the respective column, as well as optimizing the query speed and memory. 

We also take advantage of the function we created to define a set list, which includes all the sets for each column, which we will be using later to decide which data type to use for each of the other columns.

In [6]:
print('Distinct values for each column:')
set_list = []
for i in range(len(header)):
    col_name = header[i]
    value_set = get_col_value_set(data, i)
    set_list.append(value_set)
    set_length = len(value_set)
    print('{}: {}'.format(col_name, set_length))

Distinct values for each column:
incident_number: 298329
offense_code: 219
description: 239
date: 1177
day_of_the_week: 7
lat: 18177
long: 18177


We now want to check our text columns to decide the maximum length that will be used in our SQL table for each specific column. We see that ```description```, which is the only text column, has a maximum length of 58, so we can decide to use the type ```varchar(60)``` or ```varchar(70)``` to include some extra space. 

In [7]:
print('Maximum string length for column:')
col_set = set_list[2]
max_length = 0
for value in col_set:
    length = len(value)
    if length > max_length:
        max_length = length
        
print('{}: {}'.format(header[2], max_length))

Maximum string length for column:
description: 58


We now want to check our integer columns and define the bit length for the largest value of each column. After checking this, we see that ```incident_number``` has a bit length of 19 and ```offense_code``` has a bit length of 12. This means that the numbers in ```incident_number``` fit in 4 bytes, which would be the ```integer``` type; while ```offense_code``` fit in 2 bytes, which would be the ```smallint``` type.

In [8]:
print('Bit lengths for integer columns:')
for i in (0,1):
    col_set = set_list[i]
    new_set = set()
    for value in col_set:
        new_set.add(int(value))
    max_value = max(new_set)
    bit_length = max_value.bit_length()
    print('{}: {}'.format(header[i], bit_length))

Bit lengths for integer columns:
incident_number: 19
offense_code: 12


We will now check the float value columns, so we print the maximum and minimum values for each column. We can see that there are always two numbers to the left of the decimal point and a maximum of eight numbers to the right of the decimal point. By knowing these, we can use the ```decimal``` type with a precision of 10 and a scale of eight. 

In [9]:
print('Min and max values for float columns:')
for i in (5,6):
    col_set = set_list[i]
    new_set = set()
    for value in col_set:
        new_set.add(float(value))
    min_value = min(new_set)
    max_value = max(new_set)
    print('{}: {}, {}'.format(header[i], min_value, max_value))

Min and max values for float columns:
lat: 42.2324133, 42.39504158
long: -71.17867378, -70.96367615


## Creating and populating the table

First of all, we create the ```enum``` type for our days of the week. We print the list to check if the information is correct.

In [11]:
days_set = set_list[4]
days_list = []
for value in days_set:
    days_list.append(value)
    
print(days_list)

cur.execute('CREATE TYPE days_of_week AS ENUM (%s, %s, %s, %s, %s, %s, %s);', days_list)

['Thursday', 'Wednesday', 'Sunday', 'Saturday', 'Tuesday', 'Friday', 'Monday']


We now create the ```boston_crimes``` table in our ```crimes_db``` database using the previously defined data types for each of the columns.

In [12]:
query = '''CREATE TABLE crimes.boston_crimes (
           incident_number INTEGER PRIMARY KEY,
           offense_code SMALLINT, 
           description VARCHAR(60),
           date DATE,
           day_of_the_week DAYS_OF_WEEK,
           lat DECIMAL(10,8),
           long DECIMAL(10,8)
           )'''

cur.execute(query)

We open the ```boston.csv``` file again, but this time we copy all the data to our SQL table using the ```COPY``` command.

In [13]:
with open('boston.csv', 'r') as file:
    cur.copy_expert('COPY crimes.boston_crimes FROM STDIN WITH CSV HEADER', file)
    
conn.commit()

## Managing the database environment

First of all, we revoke all permissions that the public group have over the ```public``` schema and the ```crime_db``` database. This means that if any new user belongs to this group, he or she will not be able to do anything, unless he or she is included in the groups we will create soon.

In [14]:
cur.execute('REVOKE ALL ON SCHEMA public FROM public;')
cur.execute('REVOKE ALL ON DATABASE crime_db FROM public;')

We now create the ```readonly``` and ```readwrite``` groups with the ```NOLOGIN``` option, so nobody can login as the group itself.

In [15]:
cur.execute('CREATE GROUP readonly NOLOGIN;')
cur.execute('CREATE GROUP readwrite NOLOGIN;')

We now allow the two groups we created before to connect to the ```crimes_db``` database.

In [16]:
cur.execute('GRANT CONNECT ON DATABASE crime_db TO readonly;')
cur.execute('GRANT CONNECT ON DATABASE crime_db TO readwrite;')

We now allow both groups to use the schema ```crimes```.

In [17]:
cur.execute('GRANT USAGE ON SCHEMA crimes TO readonly;')
cur.execute('GRANT USAGE ON SCHEMA crimes TO readwrite;')

We now assign the specific permissions each group has over all the tables of the ```crimes``` schema. The ```readonly``` group will only be able to select data, which the ```readwrite``` will be able to select, insert, delete and update information.

In [18]:
cur.execute('GRANT SELECT ON ALL TABLES IN SCHEMA crimes TO readonly;')
cur.execute('GRANT SELECT, INSERT, DELETE, UPDATE ON ALL TABLES IN SCHEMA crimes TO readwrite;')

We create two example users and assign each of them to a different group. The data analyst is assigned to the ```readonly``` group, while the data scientist is assigned to the ```readwrite``` group.

In [19]:
cur.execute("CREATE USER data_analyst WITH PASSWORD 'secret1';")
cur.execute('GRANT readonly TO data_analyst;')

cur.execute("CREATE USER data_scientist WITH PASSWORD 'secret2';")
cur.execute('GRANT readwrite TO data_scientist;')

## Checking the permissions

As a quick check, we get the permissions that the ```readonly``` and ```readwrite``` groups have. We can see that the permissions are just how we defined them.

In [26]:
cur.execute('''SELECT grantee, privilege_type
             FROM information_schema.table_privileges
             WHERE grantee IN ('readonly', 'readwrite');''')

for element in cur.fetchall():
    print(element)

('readonly', 'SELECT')
('readwrite', 'INSERT')
('readwrite', 'SELECT')
('readwrite', 'UPDATE')
('readwrite', 'DELETE')


We now check the roles of the users and groups that we created. We print the headers of the table as reference, but we can see that all the roles and permissions and correctly assigned.

In [27]:
cur.execute("SELECT * FROM pg_roles WHERE rolname NOT LIKE 'p%';")

print(cur.description)
print('\n')

for element in cur.fetchall():
    print(element)

(Column(name='rolname', type_code=19), Column(name='rolsuper', type_code=16), Column(name='rolinherit', type_code=16), Column(name='rolcreaterole', type_code=16), Column(name='rolcreatedb', type_code=16), Column(name='rolcanlogin', type_code=16), Column(name='rolreplication', type_code=16), Column(name='rolconnlimit', type_code=23), Column(name='rolpassword', type_code=25), Column(name='rolvaliduntil', type_code=1184), Column(name='rolbypassrls', type_code=16), Column(name='rolconfig', type_code=1009), Column(name='oid', type_code=26))


('data_analyst', False, True, False, False, True, False, -1, '********', None, False, None, 16512)
('data_scientist', False, True, False, False, True, False, -1, '********', None, False, None, 16513)
('readwrite', False, True, False, False, False, False, -1, '********', None, False, None, 16511)
('readonly', False, True, False, False, False, False, -1, '********', None, False, None, 16510)


**Conclusion:** We now have a relatively optimized database environment, where the table we created have the best data types for the data and where the users and groups follow the "Principle of Least Privilege", so they can only do what they are supposed to do and nothing more. 