liquid_feedback_core

changeset 235:2a6984869ba3

Delete sessions:
- when they expire
- in function "delete_private_data" (security relevant in certain setups)
- in function "delete_member"

(Sessions had been removed in changeset ed2f94a397cd and re-added in changeset 4e3d8f1ca3a9 without mechanisms for deletion of sessions)
author jbe
date Tue Mar 13 18:04:53 2012 +0100 (2012-03-13)
parents 876f366b2311
children 4346d48b1780
files core.sql lf_update.c
line diff
     1.1 --- a/core.sql	Sun Mar 11 18:48:51 2012 +0100
     1.2 +++ b/core.sql	Tue Mar 13 18:04:53 2012 +0100
     1.3 @@ -2013,6 +2013,16 @@
     1.4  COMMENT ON VIEW "battle_view" IS 'Number of members preferring one initiative (or status-quo) to another initiative (or status-quo); Used to fill "battle" table';
     1.5  
     1.6  
     1.7 +CREATE VIEW "expired_session" AS
     1.8 +  SELECT * FROM "session" WHERE now() > "expiry";
     1.9 +
    1.10 +CREATE RULE "delete" AS ON DELETE TO "expired_session" DO INSTEAD
    1.11 +  DELETE FROM "session" WHERE "ident" = OLD."ident";
    1.12 +
    1.13 +COMMENT ON VIEW "expired_session" IS 'View containing all expired sessions where DELETE is possible';
    1.14 +COMMENT ON RULE "delete" ON "expired_session" IS 'Rule allowing DELETE on rows in "expired_session" view, i.e. DELETE FROM "expired_session"';
    1.15 +
    1.16 +
    1.17  CREATE VIEW "open_issue" AS
    1.18    SELECT * FROM "issue" WHERE "closed" ISNULL;
    1.19  
    1.20 @@ -4034,6 +4044,7 @@
    1.21      DECLARE
    1.22        "issue_id_v" "issue"."id"%TYPE;
    1.23      BEGIN
    1.24 +      DELETE FROM "expired_session";
    1.25        PERFORM "check_activity"();
    1.26        PERFORM "calculate_member_counts"();
    1.27        FOR "issue_id_v" IN SELECT "id" FROM "open_issue" LOOP
    1.28 @@ -4145,6 +4156,7 @@
    1.29        DELETE FROM "member_image"       WHERE "member_id" = "member_id_p";
    1.30        DELETE FROM "contact"            WHERE "member_id" = "member_id_p";
    1.31        DELETE FROM "ignored_member"     WHERE "member_id" = "member_id_p";
    1.32 +      DELETE FROM "session"            WHERE "member_id" = "member_id_p";
    1.33        DELETE FROM "area_setting"       WHERE "member_id" = "member_id_p";
    1.34        DELETE FROM "issue_setting"      WHERE "member_id" = "member_id_p";
    1.35        DELETE FROM "ignored_initiative" WHERE "member_id" = "member_id_p";
    1.36 @@ -4204,6 +4216,7 @@
    1.37        DELETE FROM "member_image";
    1.38        DELETE FROM "contact";
    1.39        DELETE FROM "ignored_member";
    1.40 +      DELETE FROM "session";
    1.41        DELETE FROM "area_setting";
    1.42        DELETE FROM "issue_setting";
    1.43        DELETE FROM "ignored_initiative";
     2.1 --- a/lf_update.c	Sun Mar 11 18:48:51 2012 +0100
     2.2 +++ b/lf_update.c	Tue Mar 13 18:04:53 2012 +0100
     2.3 @@ -54,6 +54,22 @@
     2.4      return 1;
     2.5    }
     2.6  
     2.7 +  // delete expired sessions:
     2.8 +  status = PQexec(db, "DELETE FROM \"expired_session\"");
     2.9 +  if (!status) {
    2.10 +    fprintf(stderr, "Error in pqlib while sending SQL command deleting expired sessions\n");
    2.11 +    err = 1;
    2.12 +  } else if (
    2.13 +    PQresultStatus(status) != PGRES_COMMAND_OK &&
    2.14 +    PQresultStatus(status) != PGRES_TUPLES_OK
    2.15 +  ) {
    2.16 +    fprintf(stderr, "Error while executing SQL command deleting expired sessions:\n%s", PQresultErrorMessage(status));
    2.17 +    err = 1;
    2.18 +    PQclear(status);
    2.19 +  } else {
    2.20 +    PQclear(status);
    2.21 +  }
    2.22 + 
    2.23    // check member activity:
    2.24    status = PQexec(db, "SELECT \"check_activity\"()");
    2.25    if (!status) {

Impressum / About Us