I’m trying to complete lab 2.3, and my first result is marked as wrong. I suspect that I misunderstood the requirements for EMPLOYEEPORTAL, where it says: “Can read from HR.employees collection”
There does not seem to be a “read” privilege action, but there is of course the built-in “read” role. The lab says not to inherit roles unless explicitly stated, so I just took the privileges of the read role and added them all manually.
Is it supposed to work that way (and I have to look for my error in other places), or does “Can read from HR.employees collection” mean something else?