ON DELETE CASCADE ON UPDATE NO ACTION;
-- -----------------------------------------------------
--- Table dhcp4_audit_revision
+-- Table `dhcp4_audit_revision`
-- -----------------------------------------------------
CREATE TABLE IF NOT EXISTS dhcp4_audit_revision (
id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
REFERENCES dhcp6_shared_network (id)
ON DELETE CASCADE ON UPDATE NO ACTION;
+-- -----------------------------------------------------
+-- Table `dhcp6_audit_revision`
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS dhcp6_audit_revision (
+ id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
+ modification_ts TIMESTAMP NOT NULL,
+ log_message TEXT,
+ server_id BIGINT(10) UNSIGNED,
+ PRIMARY KEY (id),
+ KEY key_dhcp6_audit_revision_by_modification_ts (modification_ts)
+) ENGINE=InnoDB;
+
+-- -----------------------------------------------------
+-- Drop columns from the dhcp6_audit table which now
+-- belong to the dhcp6_audit_revision.
+-- -----------------------------------------------------
+ALTER TABLE dhcp6_audit
+ DROP COLUMN modification_ts,
+ DROP COLUMN log_message;
+
+-- -----------------------------------------------------
+-- Add column revision_id and the foreign key with a
+-- reference to the dhcp6_audit_revision table.
+-- -----------------------------------------------------
+ALTER TABLE dhcp6_audit
+ ADD COLUMN revision_id BIGINT(20) UNSIGNED NOT NULL;
+
+ALTER TABLE dhcp6_audit
+ ADD CONSTRAINT fk_dhcp6_audit_revision FOREIGN KEY (revision_id)
+ REFERENCES dhcp6_audit_revision (id)
+ ON DELETE NO ACTION ON UPDATE CASCADE;
+
+-- -----------------------------------------------------
+-- Stored procedure which creates a new entry in the
+-- dhcp6_audit_revision table and sets appropriate session
+-- variables to be used while creating the audit entries
+-- by triggers. This procedure should be called at the
+-- beginning of a transaction which modifies configuration
+-- data in the database, e.g. when new subnet is added.
+--
+-- Parameters:
+-- - audit_ts timestamp to be associated with the audit
+-- revision.
+-- - server_tag is used to retrieve the server_id which
+-- associates the changes applied with the particular
+-- server or all servers.
+-- - audit_log_message is a log message associates with
+-- the audit revision.
+-- - cascade_transaction is assigned to a session
+-- variable which is used in some triggers to determine
+-- if the audit entry should be created for them or
+-- not. Specifically, this is used when DHCP options
+-- are inserted, updated or deleted. If such modification
+-- is a part of the larger change (e.g. change in the
+-- subnet the options belong to) the dedicated audit
+-- entry for options must not be created. On the other
+-- hand, if the global option is being added, the
+-- audit entry for the option must be created because
+-- it is the sole object modified in that case.
+-- -----------------------------------------------------
+DROP PROCEDURE IF EXISTS createAuditRevisionDHCP6;
+DELIMITER $$
+CREATE PROCEDURE createAuditRevisionDHCP6(IN audit_ts TIMESTAMP,
+ IN server_tag VARCHAR(256),
+ IN audit_log_message TEXT,
+ IN cascade_transaction TINYINT(1))
+BEGIN
+ DECLARE srv_id BIGINT(20);
+ SELECT id INTO srv_id FROM dhcp6_server WHERE tag = server_tag;
+ INSERT INTO dhcp6_audit_revision (modification_ts, server_id, log_message)
+ VALUES (audit_ts, srv_id, audit_log_message);
+ SET @audit_revision_id = LAST_INSERT_ID();
+ SET @cascade_transaction = cascade_transaction;
+END $$
+DELIMITER ;
+
+-- -----------------------------------------------------
+-- Stored procedure which creates a new entry in the
+-- dhcp6_audit table. It should be called from the
+-- triggers of the tables where the config modifications
+-- are applied. The @audit_revision_id variable contains
+-- the revision id to be placed in the audit entries.
+--
+-- The following parameters are passed to this procedure:
+-- - object_type_val: name of the table to be associated
+-- with the applied changes.
+-- - object_id_val: identifier of the modified object in
+-- that table.
+-- - modification_type_val: string value indicating the
+-- type of the change, i.e. "create", "update" or
+-- "delete".
+-- ----------------------------------------------------
+DROP PROCEDURE IF EXISTS createAuditEntryDHCP6;
+DELIMITER $$
+CREATE PROCEDURE createAuditEntryDHCP6(IN object_type_val VARCHAR(256),
+ IN object_id_val BIGINT(20) UNSIGNED,
+ IN modification_type_val VARCHAR(32))
+BEGIN
+ INSERT INTO dhcp6_audit (object_type, object_id, modification_type, revision_id)
+ VALUES (object_type_val, object_id_val, \
+ (SELECT id FROM modification WHERE modification_type = modification_type_val), \
+ @audit_revision_id);
+END $$
+DELIMITER ;
+
+-- -----------------------------------------------------
+-- Triggers used to create entries in the audit
+-- tables upon insertion, update or deletion of the
+-- configuration entries.
+-- -----------------------------------------------------
+
+# Create dhcp6_global_parameter insert trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_global_parameter_AINS AFTER INSERT ON dhcp6_global_parameter
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_global_parameter', NEW.id, "create");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_global_parameter update trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_global_parameter_AUPD AFTER UPDATE ON dhcp6_global_parameter
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_global_parameter', NEW.id, "update");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_global_parameter delete trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_global_parameter_ADEL AFTER DELETE ON dhcp6_global_parameter
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_global_parameter', OLD.id, "delete");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_subnet insert trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_subnet_AINS AFTER INSERT ON dhcp6_subnet
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_subnet', NEW.subnet_id, "create");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_subnet update trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_subnet_AUPD AFTER UPDATE ON dhcp6_subnet
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_subnet', NEW.subnet_id, "update");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_subnet delete trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_subnet_ADEL AFTER DELETE ON dhcp6_subnet
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_subnet', OLD.subnet_id, "delete");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_shared_network insert trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_shared_network_AINS AFTER INSERT ON dhcp6_shared_network
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_shared_network', NEW.id, "create");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_shared_network update trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_shared_network_AUPD AFTER UPDATE ON dhcp6_shared_network
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_shared_network', NEW.id, "update");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_shared_network delete trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_shared_network_ADEL AFTER DELETE ON dhcp6_shared_network
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_shared_network', OLD.id, "delete");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_option_def insert trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_option_def_AINS AFTER INSERT ON dhcp6_option_def
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_option_def', NEW.id, "create");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_option_def update trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_option_def_AUPD AFTER UPDATE ON dhcp6_option_def
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_option_def', NEW.id, "update");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_option_def delete trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_option_def_ADEL AFTER DELETE ON dhcp6_option_def
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_option_def', OLD.id, "delete");
+ END $$
+DELIMITER ;
+
+-- -----------------------------------------------------
+-- Stored procedure which creates an audit entry for a
+-- DHCPv6 option. Depending on the scope of the option
+-- the audit entry can be created for various levels
+-- of configuration hierarchy. If this is a global
+-- option the audit entry is created for this option
+-- for CREATE, UPDATE or DELETE. If the option is being
+-- added for an owning option, e.g. for a subnet, the
+-- audit entry is created as an UPDATE to this object.
+-- From the Kea perspective such option addition will
+-- be seen as a subnet update and the server will fetch
+-- the whole subnet and merge it into its configuration.
+-- The audit entry is not created if it was already
+-- created as part of the current transaction.
+--
+-- The following parameters are passed to the procedure:
+-- - modification_type: "create", "update" or "delete"
+-- - scope_id: identifier of the option scope, e.g.
+-- global, subnet specific etc.
+-- - option_id: identifier of the option.
+-- - subnet_id: identifier of the subnet if the option
+-- belongs to the subnet.
+-- - host_id: identifier of the host if the option
+-- - belongs to the host.
+-- - network_name: shared network name if the option
+-- belongs to the shared network.
+-- - pool_id: identifier of the pool if the option
+-- belongs to the pool.
+-- - pd_pool_id: identifier of the pool if the option
+-- belongs to the pd pool.
+-- -----------------------------------------------------
+DROP PROCEDURE IF EXISTS createOptionAuditDHCP6;
+DELIMITER $$
+CREATE PROCEDURE createOptionAuditDHCP6(IN modification_type VARCHAR(32),
+ IN scope_id TINYINT(3) UNSIGNED,
+ IN option_id BIGINT(20) UNSIGNED,
+ IN subnet_id INT(10) UNSIGNED,
+ IN host_id INT(10) UNSIGNED,
+ IN network_name VARCHAR(128),
+ IN pool_id BIGINT(20),
+ IN pd_pool_id BIGINT(20))
+BEGIN
+ # These variables will hold shared network id and subnet id that
+ # we will select.
+ DECLARE snid VARCHAR(128);
+ DECLARE sid INT(10) UNSIGNED;
+
+ # Cascade transaction flag is set to 1 to prevent creation of
+ # the audit entries for the options when the options are
+ # created as part of the parent object creation or update.
+ # For example: when the option is added as part of the subnet
+ # addition, the cascade transaction flag is equal to 1. If
+ # the option is added into the existing subnet the cascade
+ # transaction is equal to 0. Note that depending on the option
+ # scope the audit entry will contain the object_type value
+ # of the parent object to cause the server to replace the
+ # entire subnet. The only case when the object_type will be
+ # set to 'dhcp6_options' is when a global option is added.
+ # Global options do not have the owner.
+ IF @cascade_transaction IS NULL OR @cascade_transaction = 0 THEN
+ # todo: host manager hasn't been updated to use audit
+ # mechanisms so ignore host specific options for now.
+ IF scope_id = 0 THEN
+ # If a global option is added or modified, create audit
+ # entry for the 'dhcp6_options' table.
+ CALL createAuditEntryDHCP6('dhcp6_options', option_id, modification_type);
+ ELSEIF scope_id = 1 THEN
+ # If subnet specific option is added or modified, create
+ # audit entry for the entire subnet, which indicates that
+ # it should be treated as the subnet update.
+ CALL createAuditEntryDHCP6('dhcp6_subnet', subnet_id, "update");
+ ELSEIF scope_id = 4 THEN
+ # If shared network specific option is added or modified,
+ # create audit entry for the shared network which
+ # indicates that it should be treated as the shared
+ # network update.
+ SELECT id INTO snid FROM dhcp6_shared_network WHERE name = network_name LIMIT 1;
+ CALL createAuditEntryDHCP6('dhcp6_shared_network', snid, "update");
+ ELSEIF scope_id = 5 THEN
+ # If pool specific option is added or modified, create
+ # audit entry for the subnet which this pool belongs to.
+ SELECT dhcp6_pool.subnet_id INTO sid FROM dhcp6_pool WHERE id = pool_id;
+ CALL createAuditEntryDHCP6('dhcp6_subnet', sid, "update");
+ ELSEIF scope_id = 6 THEN
+ # If pd pool specific option is added or modified, create
+ # audit entry for the subnet which this pd pool belongs to.
+ SELECT dhcp6_pd_pool.subnet_id INTO sid FROM dhcp6_pd_pool WHERE id = pd_pool_id;
+ CALL createAuditEntryDHCP6('dhcp6_subnet', sid, "update");
+ END IF;
+ END IF;
+END $$
+DELIMITER ;
+
+# Create dhcp6_options insert trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_options_AINS AFTER INSERT ON dhcp6_options
+ FOR EACH ROW
+ BEGIN
+ CALL createOptionAuditDHCP6("create", NEW.scope_id, NEW.option_id, NEW.dhcp6_subnet_id,
+ NEW.host_id, NEW.shared_network_name, NEW.pool_id, NEW.pd_pool_id);
+ END $$
+DELIMITER ;
+
+# Create dhcp6_options update trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_options_AUPD AFTER UPDATE ON dhcp6_options
+ FOR EACH ROW
+ BEGIN
+ CALL createOptionAuditDHCP6("update", NEW.scope_id, NEW.option_id, NEW.dhcp6_subnet_id,
+ NEW.host_id, NEW.shared_network_name, NEW.pool_id, NEW.pd_pool_id);
+ END $$
+DELIMITER ;
+
+# Create dhcp6_options delete trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_options_ADEL AFTER DELETE ON dhcp6_options
+ FOR EACH ROW
+ BEGIN
+ CALL createOptionAuditDHCP6("delete", OLD.scope_id, OLD.option_id, OLD.dhcp6_subnet_id,
+ OLD.host_id, OLD.shared_network_name, OLD.pool_id, OLD.pd_pool_id);
+ END $$
+DELIMITER ;
+
+
# Update the schema version number
UPDATE schema_version
SET version = '8', minor = '0';
DROP TRIGGER IF EXISTS dhcp4_options_AINS;
DROP TRIGGER IF EXISTS dhcp4_options_AUPD;
DROP TRIGGER IF EXISTS dhcp4_options_ADEL;
+DROP TABLE IF EXISTS dhcp6_audit_revision;
+DROP PROCEDURE IF EXISTS createAuditRevisionDHCP6;
+DROP PROCEDURE IF EXISTS createAuditEntryDHCP6;
+DROP TRIGGER IF EXISTS dhcp6_global_parameter_AINS;
+DROP TRIGGER IF EXISTS dhcp6_global_parameter_AUPD;
+DROP TRIGGER IF EXISTS dhcp6_global_parameter_ADEL;
+DROP TRIGGER IF EXISTS dhcp6_subnet_AINS;
+DROP TRIGGER IF EXISTS dhcp6_subnet_AUPD;
+DROP TRIGGER IF EXISTS dhcp6_subnet_ADEL;
+DROP TRIGGER IF EXISTS dhcp6_shared_network_AINS;
+DROP TRIGGER IF EXISTS dhcp6_shared_network_AUPD;
+DROP TRIGGER IF EXISTS dhcp6_shared_network_ADEL;
+DROP TRIGGER IF EXISTS dhcp6_option_def_AINS;
+DROP TRIGGER IF EXISTS dhcp6_option_def_AUPD;
+DROP TRIGGER IF EXISTS dhcp6_option_def_ADEL;
+DROP TRIGGER IF EXISTS dhcp6_options_AINS;
+DROP TRIGGER IF EXISTS dhcp6_options_AUPD;
+DROP TRIGGER IF EXISTS dhcp6_options_ADEL;
REFERENCES dhcp6_shared_network (id)
ON DELETE CASCADE ON UPDATE NO ACTION;
+-- -----------------------------------------------------
+-- Table dhcp6_audit_revision
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS dhcp6_audit_revision (
+ id BIGINT(20) UNSIGNED NOT NULL AUTO_INCREMENT,
+ modification_ts TIMESTAMP NOT NULL,
+ log_message TEXT,
+ server_id BIGINT(10) UNSIGNED,
+ PRIMARY KEY (id),
+ KEY key_dhcp6_audit_revision_by_modification_ts (modification_ts)
+) ENGINE=InnoDB;
+
+-- -----------------------------------------------------
+-- Drop columns from the dhcp6_audit table which now
+-- belong to the dhcp6_audit_revision.
+-- -----------------------------------------------------
+ALTER TABLE dhcp6_audit
+ DROP COLUMN modification_ts,
+ DROP COLUMN log_message;
+
+-- -----------------------------------------------------
+-- Add column revision_id and the foreign key with a
+-- reference to the dhcp6_audit_revision table.
+-- -----------------------------------------------------
+ALTER TABLE dhcp6_audit
+ ADD COLUMN revision_id BIGINT(20) UNSIGNED NOT NULL;
+
+ALTER TABLE dhcp6_audit
+ ADD CONSTRAINT fk_dhcp6_audit_revision FOREIGN KEY (revision_id)
+ REFERENCES dhcp6_audit_revision (id)
+ ON DELETE NO ACTION ON UPDATE CASCADE;
+
+-- -----------------------------------------------------
+-- Stored procedure which creates a new entry in the
+-- dhcp6_audit_revision table and sets appropriate session
+-- variables to be used while creating the audit entries
+-- by triggers. This procedure should be called at the
+-- beginning of a transaction which modifies configuration
+-- data in the database, e.g. when new subnet is added.
+--
+-- Parameters:
+-- - audit_ts timestamp to be associated with the audit
+-- revision.
+-- - server_tag is used to retrieve the server_id which
+-- associates the changes applied with the particular
+-- server or all servers.
+-- - audit_log_message is a log message associates with
+-- the audit revision.
+-- - cascade_transaction is assigned to a session
+-- variable which is used in some triggers to determine
+-- if the audit entry should be created for them or
+-- not. Specifically, this is used when DHCP options
+-- are inserted, updated or deleted. If such modification
+-- is a part of the larger change (e.g. change in the
+-- subnet the options belong to) the dedicated audit
+-- entry for options must not be created. On the other
+-- hand, if the global option is being added, the
+-- audit entry for the option must be created because
+-- it is the sole object modified in that case.
+-- -----------------------------------------------------
+DROP PROCEDURE IF EXISTS createAuditRevisionDHCP6;
+DELIMITER $$
+CREATE PROCEDURE createAuditRevisionDHCP6(IN audit_ts TIMESTAMP,
+ IN server_tag VARCHAR(256),
+ IN audit_log_message TEXT,
+ IN cascade_transaction TINYINT(1))
+BEGIN
+ DECLARE srv_id BIGINT(20);
+ SELECT id INTO srv_id FROM dhcp6_server WHERE tag = server_tag;
+ INSERT INTO dhcp6_audit_revision (modification_ts, server_id, log_message)
+ VALUES (audit_ts, srv_id, audit_log_message);
+ SET @audit_revision_id = LAST_INSERT_ID();
+ SET @cascade_transaction = cascade_transaction;
+END $$
+DELIMITER ;
+
+-- -----------------------------------------------------
+-- Stored procedure which creates a new entry in the
+-- dhcp6_audit table. It should be called from the
+-- triggers of the tables where the config modifications
+-- are applied. The @audit_revision_id variable contains
+-- the revision id to be placed in the audit entries.
+--
+-- The following parameters are passed to this procedure:
+-- - object_type_val: name of the table to be associated
+-- with the applied changes.
+-- - object_id_val: identifier of the modified object in
+-- that table.
+-- - modification_type_val: string value indicating the
+-- type of the change, i.e. "create", "update" or
+-- "delete".
+-- ----------------------------------------------------
+DROP PROCEDURE IF EXISTS createAuditEntryDHCP6;
+DELIMITER $$
+CREATE PROCEDURE createAuditEntryDHCP6(IN object_type_val VARCHAR(256),
+ IN object_id_val BIGINT(20) UNSIGNED,
+ IN modification_type_val VARCHAR(32))
+BEGIN
+ INSERT INTO dhcp6_audit (object_type, object_id, modification_type, revision_id)
+ VALUES (object_type_val, object_id_val, \
+ (SELECT id FROM modification WHERE modification_type = modification_type_val), \
+ @audit_revision_id);
+END $$
+DELIMITER ;
+
+-- -----------------------------------------------------
+-- Triggers used to create entries in the audit
+-- tables upon insertion, update or deletion of the
+-- configuration entries.
+-- -----------------------------------------------------
+
+# Create dhcp6_global_parameter insert trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_global_parameter_AINS AFTER INSERT ON dhcp6_global_parameter
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_global_parameter', NEW.id, "create");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_global_parameter update trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_global_parameter_AUPD AFTER UPDATE ON dhcp6_global_parameter
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_global_parameter', NEW.id, "update");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_global_parameter delete trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_global_parameter_ADEL AFTER DELETE ON dhcp6_global_parameter
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_global_parameter', OLD.id, "delete");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_subnet insert trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_subnet_AINS AFTER INSERT ON dhcp6_subnet
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_subnet', NEW.subnet_id, "create");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_subnet update trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_subnet_AUPD AFTER UPDATE ON dhcp6_subnet
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_subnet', NEW.subnet_id, "update");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_subnet delete trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_subnet_ADEL AFTER DELETE ON dhcp6_subnet
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_subnet', OLD.subnet_id, "delete");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_shared_network insert trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_shared_network_AINS AFTER INSERT ON dhcp6_shared_network
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_shared_network', NEW.id, "create");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_shared_network update trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_shared_network_AUPD AFTER UPDATE ON dhcp6_shared_network
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_shared_network', NEW.id, "update");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_shared_network delete trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_shared_network_ADEL AFTER DELETE ON dhcp6_shared_network
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_shared_network', OLD.id, "delete");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_option_def insert trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_option_def_AINS AFTER INSERT ON dhcp6_option_def
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_option_def', NEW.id, "create");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_option_def update trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_option_def_AUPD AFTER UPDATE ON dhcp6_option_def
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_option_def', NEW.id, "update");
+ END $$
+DELIMITER ;
+
+# Create dhcp6_option_def delete trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_option_def_ADEL AFTER DELETE ON dhcp6_option_def
+ FOR EACH ROW
+ BEGIN
+ CALL createAuditEntryDHCP6('dhcp6_option_def', OLD.id, "delete");
+ END $$
+DELIMITER ;
+
+-- -----------------------------------------------------
+-- Stored procedure which creates an audit entry for a
+-- DHCPv6 option. Depending on the scope of the option
+-- the audit entry can be created for various levels
+-- of configuration hierarchy. If this is a global
+-- option the audit entry is created for this option
+-- for CREATE, UPDATE or DELETE. If the option is being
+-- added for an owning option, e.g. for a subnet, the
+-- audit entry is created as an UPDATE to this object.
+-- From the Kea perspective such option addition will
+-- be seen as a subnet update and the server will fetch
+-- the whole subnet and merge it into its configuration.
+-- The audit entry is not created if it was already
+-- created as part of the current transaction.
+--
+-- The following parameters are passed to the procedure:
+-- - modification_type: "create", "update" or "delete"
+-- - scope_id: identifier of the option scope, e.g.
+-- global, subnet specific etc.
+-- - option_id: identifier of the option.
+-- - subnet_id: identifier of the subnet if the option
+-- belongs to the subnet.
+-- - host_id: identifier of the host if the option
+-- - belongs to the host.
+-- - network_name: shared network name if the option
+-- belongs to the shared network.
+-- - pool_id: identifier of the pool if the option
+-- belongs to the pool.
+-- - pd_pool_id: identifier of the pool if the option
+-- belongs to the pd pool.
+-- -----------------------------------------------------
+DROP PROCEDURE IF EXISTS createOptionAuditDHCP6;
+DELIMITER $$
+CREATE PROCEDURE createOptionAuditDHCP6(IN modification_type VARCHAR(32),
+ IN scope_id TINYINT(3) UNSIGNED,
+ IN option_id BIGINT(20) UNSIGNED,
+ IN subnet_id INT(10) UNSIGNED,
+ IN host_id INT(10) UNSIGNED,
+ IN network_name VARCHAR(128),
+ IN pool_id BIGINT(20),
+ IN pd_pool_id BIGINT(20))
+BEGIN
+ # These variables will hold shared network id and subnet id that
+ # we will select.
+ DECLARE snid VARCHAR(128);
+ DECLARE sid INT(10) UNSIGNED;
+
+ # Cascade transaction flag is set to 1 to prevent creation of
+ # the audit entries for the options when the options are
+ # created as part of the parent object creation or update.
+ # For example: when the option is added as part of the subnet
+ # addition, the cascade transaction flag is equal to 1. If
+ # the option is added into the existing subnet the cascade
+ # transaction is equal to 0. Note that depending on the option
+ # scope the audit entry will contain the object_type value
+ # of the parent object to cause the server to replace the
+ # entire subnet. The only case when the object_type will be
+ # set to 'dhcp6_options' is when a global option is added.
+ # Global options do not have the owner.
+ IF @cascade_transaction IS NULL OR @cascade_transaction = 0 THEN
+ # todo: host manager hasn't been updated to use audit
+ # mechanisms so ignore host specific options for now.
+ IF scope_id = 0 THEN
+ # If a global option is added or modified, create audit
+ # entry for the 'dhcp6_options' table.
+ CALL createAuditEntryDHCP6('dhcp6_options', option_id, modification_type);
+ ELSEIF scope_id = 1 THEN
+ # If subnet specific option is added or modified, create
+ # audit entry for the entire subnet, which indicates that
+ # it should be treated as the subnet update.
+ CALL createAuditEntryDHCP6('dhcp6_subnet', subnet_id, "update");
+ ELSEIF scope_id = 4 THEN
+ # If shared network specific option is added or modified,
+ # create audit entry for the shared network which
+ # indicates that it should be treated as the shared
+ # network update.
+ SELECT id INTO snid FROM dhcp6_shared_network WHERE name = network_name LIMIT 1;
+ CALL createAuditEntryDHCP6('dhcp6_shared_network', snid, "update");
+ ELSEIF scope_id = 5 THEN
+ # If pool specific option is added or modified, create
+ # audit entry for the subnet which this pool belongs to.
+ SELECT dhcp6_pool.subnet_id INTO sid FROM dhcp6_pool WHERE id = pool_id;
+ CALL createAuditEntryDHCP6('dhcp6_subnet', sid, "update");
+ ELSEIF scope_id = 6 THEN
+ # If pd pool specific option is added or modified, create
+ # audit entry for the subnet which this pd pool belongs to.
+ SELECT dhcp6_pd_pool.subnet_id INTO sid FROM dhcp6_pd_pool WHERE id = pd_pool_id;
+ CALL createAuditEntryDHCP6('dhcp6_subnet', sid, "update");
+ END IF;
+ END IF;
+END $$
+DELIMITER ;
+
+# Create dhcp6_options insert trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_options_AINS AFTER INSERT ON dhcp6_options
+ FOR EACH ROW
+ BEGIN
+ CALL createOptionAuditDHCP6("create", NEW.scope_id, NEW.option_id, NEW.dhcp6_subnet_id,
+ NEW.host_id, NEW.shared_network_name, NEW.pool_id, NEW.pd_pool_id);
+ END $$
+DELIMITER ;
+
+# Create dhcp6_options update trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_options_AUPD AFTER UPDATE ON dhcp6_options
+ FOR EACH ROW
+ BEGIN
+ CALL createOptionAuditDHCP6("update", NEW.scope_id, NEW.option_id, NEW.dhcp6_subnet_id,
+ NEW.host_id, NEW.shared_network_name, NEW.pool_id, NEW.pd_pool_id);
+ END $$
+DELIMITER ;
+
+# Create dhcp6_options delete trigger
+DELIMITER $$
+CREATE TRIGGER dhcp6_options_ADEL AFTER DELETE ON dhcp6_options
+ FOR EACH ROW
+ BEGIN
+ CALL createOptionAuditDHCP6("delete", OLD.scope_id, OLD.option_id, OLD.dhcp6_subnet_id,
+ OLD.host_id, OLD.shared_network_name, OLD.pool_id, OLD.pd_pool_id);
+ END $$
+DELIMITER ;
+
+
# Update the schema version number
UPDATE schema_version
SET version = '8', minor = '0';
projects / thirdparty / kea.git / commitdiff
