5 Add audit schema and initial package table and triggers
7 @contact: Debian FTP Master <ftpmaster@debian.org>
8 @copyright: 2011 Mark Hymers <mhy@debian.org>
9 @license: GNU General Public License version 2 or later
12 # This program is free software; you can redistribute it and/or modify
13 # it under the terms of the GNU General Public License as published by
14 # the Free Software Foundation; either version 2 of the License, or
15 # (at your option) any later version.
17 # This program is distributed in the hope that it will be useful,
18 # but WITHOUT ANY WARRANTY; without even the implied warranty of
19 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20 # GNU General Public License for more details.
22 # You should have received a copy of the GNU General Public License
23 # along with this program; if not, write to the Free Software
24 # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
26 ################################################################################
29 from daklib.dak_exceptions import DBUpdateError
30 from daklib.config import Config
32 ################################################################################
35 Add audit schema and initial package table and triggers
41 c.execute("CREATE SCHEMA audit");
42 c.execute("GRANT USAGE on SCHEMA audit TO public")
43 c.execute("GRANT USAGE on SCHEMA audit TO ftpteam")
44 c.execute("GRANT USAGE on SCHEMA audit TO ftpmaster")
46 c.execute("""CREATE TABLE audit.package_changes (
47 changedate TIMESTAMP NOT NULL DEFAULT now(),
48 package TEXT NOT NULL,
49 version DEBVERSION NOT NULL,
50 architecture TEXT NOT NULL,
58 c.execute("GRANT INSERT ON audit.package_changes TO dak")
59 c.execute("GRANT SELECT ON audit.package_changes TO PUBLIC")
61 c.execute("""CREATE OR REPLACE FUNCTION trigger_binsrc_assoc_update() RETURNS TRIGGER AS $$
62 tablename = TD["table_name"]
65 # We only handle bin/src_associations in this trigger
66 if tablename not in ['bin_associations', 'src_associations']:
72 elif event == 'DELETE':
76 # We don't handle other changes on these tables
79 # Find suite information
80 suite_info = plpy.execute(plpy.prepare("SELECT suite_name FROM suite WHERE id = $1", ["int"]), [dat["suite"]])
82 if len(suite_info) != 1:
84 suite_name = suite_info[0]['suite_name']
86 # Some defaults in case we can't find the overrides
91 if tablename == 'bin_associations':
92 pkg_info = plpy.execute(plpy.prepare("SELECT package, version, arch_string FROM binaries LEFT JOIN architecture ON (architecture.id = binaries.architecture) WHERE binaries.id = $1", ["int"]), [dat["bin"]])
94 # Couldn't find binary: shouldn't happen, but be careful
95 if len(pkg_info) != 1:
98 package = pkg_info[0]['package']
99 version = pkg_info[0]['version']
100 arch = pkg_info[0]['arch_string']
102 bin_override_q = '''SELECT component.name AS component,
103 priority.priority AS priority,
104 section.section AS section,
107 LEFT JOIN override_type ON (override.type = override_type.id)
108 LEFT JOIN priority ON (priority.id = override.priority)
109 LEFT JOIN section ON (section.id = override.section)
110 LEFT JOIN component ON (override.component = component.id)
111 LEFT JOIN suite ON (suite.id = override.suite)
112 WHERE override_type.type != 'dsc'
116 bin_overrides = plpy.execute(plpy.prepare(bin_override_q, ["text", "int"]), [package, dat["suite"]])
117 # Only fill in the values if we find the unique override
118 if len(bin_overrides) == 1:
119 component = bin_overrides[0]['component']
120 priority = bin_overrides[0]['priority']
121 section = bin_overrides[0]['section']
123 elif tablename == 'src_associations':
124 pkg_info = plpy.execute(plpy.prepare("SELECT source, version FROM source WHERE source.id = $1", ["int"]), [dat["source"]])
126 # Couldn't find source: shouldn't happen, but be careful
127 if len(pkg_info) != 1:
130 package = pkg_info[0]['source']
131 version = pkg_info[0]['version']
134 src_override_q = '''SELECT component.name AS component,
135 priority.priority AS priority,
136 section.section AS section,
139 LEFT JOIN override_type ON (override.type = override_type.id)
140 LEFT JOIN priority ON (priority.id = override.priority)
141 LEFT JOIN section ON (section.id = override.section)
142 LEFT JOIN component ON (override.component = component.id)
143 LEFT JOIN suite ON (suite.id = override.suite)
144 WHERE override_type.type = 'dsc'
148 src_overrides = plpy.execute(plpy.prepare(src_override_q, ["text", "int"]), [package, dat["suite"]])
149 # Only fill in the values if we find the unique override
150 if len(src_overrides) == 1:
151 component = src_overrides[0]['component']
152 priority = src_overrides[0]['priority']
153 section = src_overrides[0]['section']
155 # Insert the audit row
156 plpy.execute(plpy.prepare("INSERT INTO audit.package_changes (package, version, architecture, suite, event, priority, component, section) VALUES ($1, $2, $3, $4, $5, $6, $7, $8)",
157 ["text", "text", "text", "text", "text", "text", "text", "text"]),
158 [package, version, arch, suite_name, pkg_event, priority, component, section])
160 $$ LANGUAGE plpythonu VOLATILE SECURITY DEFINER""")
162 c.execute("""CREATE OR REPLACE FUNCTION trigger_override_update() RETURNS TRIGGER AS $$
163 tablename = TD["table_name"]
166 if tablename != 'override':
169 if event != 'UPDATE':
170 # We only care about UPDATE event here
173 # Deal with some pathologically stupid cases we ignore
174 if (TD['new']['package'] != TD['old']['package']) or \
175 (TD['new']['type'] != TD['old']['type']) or \
176 (TD['new']['suite'] != TD['old']['suite']):
179 package = TD['old']['package']
181 # Get the priority, component and section out
182 priority_row = plpy.execute(plpy.prepare("SELECT priority FROM priority WHERE id = $1", ["int"]), [TD['new']['priority']])
183 if len(priority_row) != 1:
185 priority = priority_row[0]['priority']
187 component_row = plpy.execute(plpy.prepare("SELECT name AS component FROM component WHERE id = $1", ["int"]), [TD['new']['component']])
188 if len(component_row) != 1:
190 component = component_row[0]['component']
192 section_row = plpy.execute(plpy.prepare("SELECT section FROM section WHERE id = $1", ["int"]), [TD['new']['section']])
193 if len(section_row) != 1:
195 section = section_row[0]['section']
197 # Find out if we're doing src or binary overrides
198 src_override_types = plpy.execute(plpy.prepare("SELECT id FROM override_type WHERE type = 'dsc'"), [])
199 if len(src_override_types) != 1:
201 src_override_id = src_override_types[0]['id']
203 if TD['old']['type'] == src_override_id:
204 # Doing a src_association link
205 ## Find all of the relevant suites to work on
206 for suite_row in plpy.execute(plpy.prepare('''SELECT source.version, suite_name
208 LEFT JOIN src_associations ON (source.id = src_associations.source)
209 LEFT JOIN suite ON (suite.id = src_associations.suite)
210 WHERE source.source = $1
211 AND suite = $2''', ["text", "int"]), [package, TD['new']['suite']]):
212 # INSERT one row per affected source package
213 plpy.execute(plpy.prepare("INSERT INTO audit.package_changes (package, version, architecture, suite, event, priority, component, section) VALUES ($1, $2, $3, $4, $5, $6, $7, $8)",
214 ["text", "text", "text", "text", "text", "text", "text", "text"]),
215 [package, suite_row['version'], 'source', suite_row['suite_name'],
216 'U', priority, component, section])
218 # Doing a bin_association link; Find all of the relevant suites to work on
219 for suite_row in plpy.execute(plpy.prepare('''SELECT binaries.version, arch_string, suite_name
221 LEFT JOIN bin_associations ON (binaries.id = bin_associations.bin)
222 LEFT JOIN architecture ON (architecture.id = binaries.architecture)
223 LEFT JOIN suite ON (suite.id = bin_associations.suite)
225 AND suite = $2''', ["text", "int"]), [package, TD['new']['suite']]):
226 # INSERT one row per affected binary
227 plpy.execute(plpy.prepare("INSERT INTO audit.package_changes (package, version, architecture, suite, event, priority, component, section) VALUES ($1, $2, $3, $4, $5, $6, $7, $8)",
228 ["text", "text", "text", "text", "text", "text", "text", "text"]),
229 [package, suite_row['version'], suite_row['arch_string'], suite_row['suite_name'],
230 'U', priority, component, section])
232 $$ LANGUAGE plpythonu VOLATILE SECURITY DEFINER;
235 c.execute("CREATE TRIGGER trigger_bin_associations_audit AFTER INSERT OR DELETE ON bin_associations FOR EACH ROW EXECUTE PROCEDURE trigger_binsrc_assoc_update()")
236 c.execute("CREATE TRIGGER trigger_src_associations_audit AFTER INSERT OR DELETE ON src_associations FOR EACH ROW EXECUTE PROCEDURE trigger_binsrc_assoc_update()")
237 c.execute("CREATE TRIGGER trigger_override_audit AFTER UPDATE ON override FOR EACH ROW EXECUTE PROCEDURE trigger_override_update()")
239 c.execute("UPDATE config SET value = '66' WHERE name = 'db_revision'")
242 except psycopg2.ProgrammingError, msg:
244 raise DBUpdateError, 'Unable to apply sick update 66, rollback issued. Error message : %s' % (str(msg))