Code Room
System designHardsd-g372
Subject Rag llm infraLevel Senior–Staff~50 minCommon in Security interviewsIndustries Technology, Software development

Question

Design the retrieval and permissioning layer of an enterprise RAG assistant over a company's internal documents (wikis, tickets, code, chat) where the killer requirement is that the assistant must NEVER surface content a given user isn't allowed to see — and permissions change constantly (someone leaves a team, a doc is reshared). Corpus is ~50M chunks across heterogeneous sources with different ACL models. Walk through how you enforce per-user authorization on retrieval, how you keep chunking/retrieval quality high across such varied content, and how you evaluate that the system is both helpful and never leaking.

What a strong answer looks like

Clarify scale and constraints first. Propose a clean component breakdown, then go deep on the hard parts — data model, bottlenecks, consistency, failure modes — and name the trade-offs you are making.

Narrate your design
Loading whiteboard…
Run or narrate your approach, then ask the coach.