# Project: Building a Database for Crime Reports

Application of POSTGRES fundamentals to set up a database for storing crime data.

The goal of the project is to create and set up a database and populate schemas, tables and users with the most appropriate datatypes and applying best practices.

Two major user groups will be set up:
- `readonly`: permission-level to read data only (for data analysts, scientists and those who want a dataview of the reports.
- `readwrite`: permission-level to read and alter data, but not to drop tables.

## Setting up the Database & Schemas

Database Name: `crime_db` and Schema Name: `crimes` to store all tables containing data. The database has not been created yet, so we will log in with DataQuest's default user account for now.

In [3]:
import psycopg2
conn = psycopg2.connect(dbname='dq', user='dq')
# Start Autocommit to Create Databases
conn.autocommit = True
cur = conn.cursor()
cur.execute("CREATE DATABASE crime_db;")
# End Autocommit 
conn.autocommit = False
conn.close()

ProgrammingError: database "crime_db" already exists


In [4]:
conn = psycopg2.connect(dbname='crime_db', user='dq')
cur = conn.cursor()
cur.execute("CREATE SCHEMA crimes;")

## CSV File Export: Inspect Headers and First Row

Header row to be copied to `col_headers` and first row to `first_row`.

In [5]:
import csv
with open('boston.csv', 'r') as file:
    reader = csv.reader(file)
    col_headers = next(reader)
    first_row = next(reader)

In [7]:
col_headers

['incident_number',
 'offense_code',
 'description',
 'date',
 'day_of_the_week',
 'lat',
 'long']

In [8]:
first_row

['1',
 '619',
 'LARCENY ALL OTHERS',
 '2018-09-02',
 'Sunday',
 '42.35779134',
 '-71.13937053']

## Analyze Column Values using a Function

The function `get_col_value_set` will be useful for these two reasons:
1. Checking whether an enumerated `datatype` might be a good choice for representing a column.
2. Computing the maximum length of any text-like column to select appropriate sizes for `VARCHAR` columns.

In [10]:
def get_col_set(csv_filename, col_index):
    values = set()
    with open(csv_filename, 'r') as f:
        next(f) # to skip the header
        reader = csv.reader(f)
        for row in reader:
            values.add(row[col_index])
    return values

for value in range(len(col_headers)):
    values = get_col_set('boston.csv', value)
    print(col_headers[value], len(values), sep='\t')

incident_number	298329
offense_code	219
description	239
date	1177
day_of_the_week	7
lat	18177
long	18177


## Analyzing the Max Length of Long-Text columns

Some columns can have paragraphs, so we'll count the number of characters in the `description` column to find out what `datatype` we should assign it to. `day_of_the_week` are days of the week and Wednesday has the most characters, so it's not a good candidate.

In [11]:
print(col_headers)

['incident_number', 'offense_code', 'description', 'date', 'day_of_the_week', 'lat', 'long']


In [12]:
descriptions = get_col_set('boston.csv', 2) # Description is at Index 2
max_length = 0
for desc in descriptions:
    max_length = max(max_length, len(desc))
print(max_length)

58


## Table Creation

Let's first analyze all column names and find out what datatype should we assign on each of them.

In [14]:
print(col_headers)
print(first_row)

['incident_number', 'offense_code', 'description', 'date', 'day_of_the_week', 'lat', 'long']
['1', '619', 'LARCENY ALL OTHERS', '2018-09-02', 'Sunday', '42.35779134', '-71.13937053']


I believe that `incident_number` and `offense_code` should be `integer numbers`, as they appear as natural numbers. `Description` should be assigned to `string` with at least 58 characters, but the `day_of_the_week` should be converted into an `enum type` table, since there are only seven possible values. `date` as `date`, and `lat` and `long` as `decimals` since they are floats and can be a negative number.

Let's create the table `boston_crimes`, but we'll execute the `weekday` enum table before that.

In [15]:
cur.execute("""
    CREATE TYPE weekday AS ENUM(
        'Monday', 'Tuesday', 'Wednesday',
        'Thursday', 'Friday', 'Saturday',
        'Sunday'
    );
""")
cur.execute("""
    CREATE TABLE crimes.boston_crimes(
        incident_number INTEGER PRIMARY KEY,
        offense_code INTEGER,
        description VARCHAR(100),
        date DATE,
        day_of_the_week weekday,
        lat decimal,
        long decimal
    );
""")
conn.commit()

## Load Data into Table

Let's use the `copy_expert` method to export the csv data into the table.

In [17]:
with open("boston.csv", 'r') as f:
    cur.copy_expert("COPY crimes.boston_crimes FROM STDIN WITH CSV HEADER;", f)
    cur.execute("SELECT * FROM crimes.boston_crimes;")
print(len(cur.fetchall()))

298329


## Revoke Privileges

As per best practices in database creation, we have to revoke all privileges from the public schema and group (both called `public`) and since we created both the table and the schema, they automatically inherit the grant privileges on public.

In [18]:
cur.execute("REVOKE ALL ON SCHEMA public FROM public;")
cur.execute("REVOKE ALL ON DATABASE crime_db FROM public;")

## Read-Only & Read-Write Group creation

Let's create the `readonly` and `readwrite` groups with `NOLOGIN`, per best practices. Only difference is that `readonly` is for data analysts and `readwrite` is for data scientists.

### ReadWrite

In [19]:
cur.execute("CREATE GROUP readwrite NOLOGIN;")
cur.execute("GRANT CONNECT ON DATABASE crime_db TO readwrite;")
cur.execute("GRANT USAGE ON SCHEMA crimes TO readwrite;")
cur.execute("GRANT SELECT, INSERT, UPDATE, DELETE ON ALL TABLES IN SCHEMA crimes TO readwrite;")

### ReadOnly

In [20]:
cur.execute("CREATE GROUP readonly NOLOGIN;")
cur.execute("GRANT CONNECT ON DATABASE crime_db TO readonly;")
cur.execute("GRANT USAGE ON SCHEMA crimes TO readonly;")
cur.execute("GRANT SELECT ON ALL TABLES IN SCHEMA crimes TO readonly;")

## User creation

Users `data_analyst` and `data_scientist` will be created.
1. Data Analysts will have `readonly` privileges with password `secret1`
2. Data Scientists will have `readwrite` privileges with password `secret2`

In [21]:
cur.execute("CREATE USER data_analyst WITH PASSWORD 'secret1';")
cur.execute("GRANT readonly TO data_analyst;")

cur.execute("CREATE USER data_scientist WITH PASSWORD 'secret2';")
cur.execute("GRANT readwrite TO data_scientist;")

## Database Testing

For our final step, we will test the database setup using SQL queries on the `pg_roles` table and `information_schema.table_privileges`.

In the `pg_roles` table we will check database related privileges and for that we will look at the following columns:

- `rolname`: The name of the user / group that the privilege refers to.
- `rolsuper`: Whether this user / group is a super user. It should be set to False on every user / group that we have created.
- `rolcreaterole`: Whether user / group can create users, groups or roles. It should be False on every user / group that we have created.
- `rolcreatedb`: Whether user / group can create databases. It should be False on every user / group that we have created.
- `rolcanlogin`: Whether user / group can login. It should be True on the users and False on the groups that we have created.

In the `information_schema.table_privileges` we will check privileges related to SQL queries on tables. We will list the privileges of each group that we have created.

In [23]:
conn.close()

conn = psycopg2.connect(dbname="crime_db", user="dq")
cur = conn.cursor()
cur.execute("""
    SELECT rolname, rolsuper, rolcreaterole, rolcreatedb, rolcanlogin FROM pg_roles
    WHERE rolname IN ('readonly', 'readwrite', 'data_analyst', 'data_scientist');
""")
for user in cur:
    print(user)
print()
# check privileges
cur.execute("""
    SELECT grantee, privilege_type
    FROM information_schema.table_privileges
    WHERE grantee IN ('readonly', 'readwrite');
""")
for user in cur:
    print(user)
conn.close()


