[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
SF.net SVN: ledger-smb:[6314] trunk/sql
- Subject: SF.net SVN: ledger-smb:[6314] trunk/sql
- From: ..hidden..
- Date: Sun, 8 Dec 2013 02:23:43 +0000
Revision: 6314
http://sourceforge.net/p/ledger-smb/code/6314
Author: einhverfr
Date: 2013-12-08 02:23:41 +0000 (Sun, 08 Dec 2013)
Log Message:
-----------
Undoing Herman's audit trail changes, which would have enforced a primary key against person(id), not against entity(id). Currently the trigger requires a database user account, as well as an entry in the users table. This should be quite safe (if even overly restricted) regarding preventing unauthorized access.
Additionally the trigger had a bug in it, so this has been corrected.
I am going to propose instead that we rename the person_id field in 1.5 to entity_id. This would allow addons for managing automated processes as entities as well (perhaps through a different join table).
Modified Paths:
--------------
trunk/sql/Pg-database.sql
trunk/sql/modules/Fixes.sql
Modified: trunk/sql/Pg-database.sql
===================================================================
--- trunk/sql/Pg-database.sql 2013-12-07 15:49:52 UTC (rev 6313)
+++ trunk/sql/Pg-database.sql 2013-12-08 02:23:41 UTC (rev 6314)
@@ -2191,8 +2191,7 @@
formname text,
action text,
transdate timestamp default current_timestamp,
- --person_id integer references person(entity_id) not null,
- person_id integer references person(id) not null,
+ person_id integer references person(entity_id) not null,
entry_id BIGSERIAL PRIMARY KEY
);
@@ -2415,7 +2414,6 @@
DECLARE
t_reference text;
t_row RECORD;
- t_user_id int;
BEGIN
IF TG_OP = 'INSERT' then
@@ -2430,12 +2428,9 @@
t_reference := t_row.reference;
END IF;
-SELECT id into t_user_id from users where username = SESSION_USER;
+INSERT INTO audittrail (trans_id,tablename,reference, action, person__get_my_entity_id())
+values (t_row.id,TG_RELNAME,t_reference, TG_OP, person__get_my_entity_id());
-INSERT INTO audittrail (trans_id,tablename,reference, action, person_id)
---values (t_row.id,TG_RELNAME,t_reference, TG_OP, person__get_my_entity_id());
-values (t_row.id,TG_RELNAME,t_reference, TG_OP, t_user_id);
-
return null; -- AFTER TRIGGER ONLY, SAFE
END;
$$ language plpgsql security definer;
Modified: trunk/sql/modules/Fixes.sql
===================================================================
--- trunk/sql/modules/Fixes.sql 2013-12-07 15:49:52 UTC (rev 6313)
+++ trunk/sql/modules/Fixes.sql 2013-12-08 02:23:41 UTC (rev 6314)
@@ -258,9 +258,8 @@
COMMIT;
BEGIN;
-update audittrail set person_id=(select id from person where last_name='Admin') where person_id not in (select id from person) ;
ALTER TABLE audittrail DROP CONSTRAINT IF EXISTS "audittrail_person_id_fkey";
-ALTER TABLE audittrail ADD CONSTRAINT "audittrail_person_id_fkey" FOREIGN KEY(person_id) REFERENCES person(id);
+ALTER TABLE audittrail ADD CONSTRAINT "audittrail_person_id_fkey" FOREIGN KEY(person_id) REFERENCES entity(id);
CREATE OR REPLACE FUNCTION gl_audit_trail_append()
RETURNS TRIGGER AS
@@ -268,7 +267,6 @@
DECLARE
t_reference text;
t_row RECORD;
- t_user_id int;
BEGIN
IF TG_OP = 'INSERT' then
@@ -283,17 +281,15 @@
t_reference := t_row.reference;
END IF;
-SELECT id into t_user_id from users where username = SESSION_USER;
-
INSERT INTO audittrail (trans_id,tablename,reference, action, person_id)
---values (t_row.id,TG_RELNAME,t_reference, TG_OP, person__get_my_entity_id());
-values (t_row.id,TG_RELNAME,t_reference, TG_OP, t_user_id);
+values (t_row.id,TG_RELNAME,t_reference, TG_OP, person__get_my_entity_id());
return null; -- AFTER TRIGGER ONLY, SAFE
END;
$$ language plpgsql security definer;
COMMIT;
+
BEGIN;
ALTER TABLE ar ADD COLUMN crdate date;
ALTER TABLE ap ADD COLUMN crdate date;
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
------------------------------------------------------------------------------
Sponsored by Intel(R) XDK
Develop, test and display web and hybrid apps with a single code base.
Download it for free now!
http://pubads.g.doubleclick.net/gampad/clk?id=111408631&iu=/4140/ostg.clktrk
_______________________________________________
Ledger-smb-commits mailing list
..hidden..
https://lists.sourceforge.net/lists/listinfo/ledger-smb-commits