Ticket #269: Rely on ON CASCADE DELETE for deletion of entries related to connections and users.

extensions/guacamole-auth-mysql/schema/guacamole-auth-mysql-schema.sql

@@ -1,91 +1,153 @@
+
 --
--- Table structure for table `guacamole_connection`
+-- Table of connections. Each connection has a name, protocol, and
+-- associated set of parameters.
 --
 
 CREATE TABLE `guacamole_connection` (
+
   `connection_id`   int(11)      NOT NULL AUTO_INCREMENT,
   `connection_name` varchar(128) NOT NULL,
   `protocol`        varchar(32)  NOT NULL,
+
   PRIMARY KEY (`connection_id`),
   UNIQUE KEY `connection_name` (`connection_name`)
+
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 
 --
--- Table structure for table `guacamole_user`
+-- Table of users. Each user has a unique username and a hashed password
+-- with corresponding salt.
 --
 
 CREATE TABLE `guacamole_user` (
+
   `user_id`       int(11)      NOT NULL AUTO_INCREMENT,
   `username`      varchar(128) NOT NULL,
   `password_hash` binary(32)   NOT NULL,
   `password_salt` binary(32)   NOT NULL,
+
   PRIMARY KEY (`user_id`),
   UNIQUE KEY `username` (`username`)
+
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 
 --
--- Table structure for table `guacamole_connection_parameter`
+-- Table of connection parameters. Each parameter is simply a name/value pair
+-- associated with a connection.
 --
 
 CREATE TABLE `guacamole_connection_parameter` (
+
   `connection_id`   int(11)       NOT NULL,
   `parameter_name`  varchar(128)  NOT NULL,
   `parameter_value` varchar(4096) NOT NULL,
+
   PRIMARY KEY (`connection_id`,`parameter_name`),
-  CONSTRAINT `guacamole_connection_parameter_ibfk_1` FOREIGN KEY (`connection_id`) REFERENCES `guacamole_connection` (`connection_id`)
+
+  CONSTRAINT `guacamole_connection_parameter_ibfk_1`
+    FOREIGN KEY (`connection_id`)
+    REFERENCES `guacamole_connection` (`connection_id`) ON DELETE CASCADE
+
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 
 --
--- Table structure for table `guacamole_connection_permission`
+-- Table of connection permissions. Each connection permission grants a user
+-- specific access to a connection.
 --
 
 CREATE TABLE `guacamole_connection_permission` (
+
   `user_id`       int(11) NOT NULL,
   `connection_id` int(11) NOT NULL,
-  `permission` enum('READ','UPDATE','DELETE','ADMINISTER') NOT NULL,
+  `permission`    enum('READ',
+                       'UPDATE',
+                       'DELETE',
+                       'ADMINISTER') NOT NULL,
+
   PRIMARY KEY (`user_id`,`connection_id`,`permission`),
-  CONSTRAINT `guacamole_connection_permission_ibfk_1` FOREIGN KEY (`connection_id`) REFERENCES `guacamole_connection` (`connection_id`),
-  CONSTRAINT `guacamole_connection_permission_ibfk_2` FOREIGN KEY (`user_id`) REFERENCES `guacamole_user` (`user_id`)
+
+  CONSTRAINT `guacamole_connection_permission_ibfk_1`
+    FOREIGN KEY (`connection_id`)
+    REFERENCES `guacamole_connection` (`connection_id`) ON DELETE CASCADE,
+
+  CONSTRAINT `guacamole_connection_permission_ibfk_2`
+    FOREIGN KEY (`user_id`)
+    REFERENCES `guacamole_user` (`user_id`) ON DELETE CASCADE
+
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 
 --
--- Table structure for table `guacamole_system_permission`
+-- Table of system permissions. Each system permission grants a user a
+-- system-level privilege of some kind.
 --
 
 CREATE TABLE `guacamole_system_permission` (
+
   `user_id`    int(11) NOT NULL,
-  `permission` enum('CREATE_CONNECTION','CREATE_USER','ADMINISTER') NOT NULL,
+  `permission` enum('CREATE_CONNECTION',
+                    'CREATE_USER',
+                    'ADMINISTER') NOT NULL,
+
   PRIMARY KEY (`user_id`,`permission`),
-  CONSTRAINT `guacamole_system_permission_ibfk_1` FOREIGN KEY (`user_id`) REFERENCES `guacamole_user` (`user_id`)
+
+  CONSTRAINT `guacamole_system_permission_ibfk_1`
+    FOREIGN KEY (`user_id`)
+    REFERENCES `guacamole_user` (`user_id`) ON DELETE CASCADE
+
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 
 --
--- Table structure for table `guacamole_user_permission`
+-- Table of user permissions. Each user permission grants a user access to
+-- another user (the "affected" user) for a specific type of operation.
 --
 
 CREATE TABLE `guacamole_user_permission` (
+
   `user_id`          int(11) NOT NULL,
   `affected_user_id` int(11) NOT NULL,
-  `permission` enum('READ','UPDATE','DELETE','ADMINISTER') NOT NULL,
+  `permission`       enum('READ',
+                          'UPDATE',
+                          'DELETE',
+                          'ADMINISTER') NOT NULL,
+
   PRIMARY KEY (`user_id`,`affected_user_id`,`permission`),
-  CONSTRAINT `guacamole_user_permission_ibfk_1` FOREIGN KEY (`affected_user_id`) REFERENCES `guacamole_user` (`user_id`),
-  CONSTRAINT `guacamole_user_permission_ibfk_2` FOREIGN KEY (`user_id`) REFERENCES `guacamole_user` (`user_id`)
+
+  CONSTRAINT `guacamole_user_permission_ibfk_1`
+    FOREIGN KEY (`affected_user_id`)
+    REFERENCES `guacamole_user` (`user_id`) ON DELETE CASCADE,
+
+  CONSTRAINT `guacamole_user_permission_ibfk_2`
+    FOREIGN KEY (`user_id`)
+    REFERENCES `guacamole_user` (`user_id`) ON DELETE CASCADE
+
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
 
 --
--- Table structure for table `guacamole_connection_history`
+-- Table of connection history records. Each record defines a specific user's
+-- session, including the connection used, the start time, and the end time
+-- (if any).
 --
 
 CREATE TABLE `guacamole_connection_history` (
+
   `history_id`    int(11)  NOT NULL AUTO_INCREMENT,
   `user_id`       int(11)  NOT NULL,
   `connection_id` int(11)  NOT NULL,
   `start_date`    datetime NOT NULL,
   `end_date`      datetime DEFAULT NULL,
+
   PRIMARY KEY (`history_id`),
   KEY `user_id` (`user_id`),
   KEY `connection_id` (`connection_id`),
-  CONSTRAINT `guacamole_connection_history_ibfk_1` FOREIGN KEY (`user_id`) REFERENCES `guacamole_user` (`user_id`),
-  CONSTRAINT `guacamole_connection_history_ibfk_2` FOREIGN KEY (`connection_id`) REFERENCES `guacamole_connection` (`connection_id`)
+
+  CONSTRAINT `guacamole_connection_history_ibfk_1`
+    FOREIGN KEY (`user_id`)
+    REFERENCES `guacamole_user` (`user_id`) ON DELETE CASCADE,
+
+  CONSTRAINT `guacamole_connection_history_ibfk_2`
+    FOREIGN KEY (`connection_id`)
+    REFERENCES `guacamole_connection` (`connection_id`) ON DELETE CASCADE
+
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8
 

extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/ConnectionDirectory.java

@@ -47,7 +47,6 @@ import net.sourceforge.guacamole.net.auth.mysql.dao.ConnectionParameterMapper;
 import net.sourceforge.guacamole.net.auth.mysql.dao.ConnectionPermissionMapper;
 import net.sourceforge.guacamole.net.auth.mysql.model.ConnectionParameter;
 import net.sourceforge.guacamole.net.auth.mysql.model.ConnectionParameterExample;
-import net.sourceforge.guacamole.net.auth.mysql.model.ConnectionPermissionExample;
 import net.sourceforge.guacamole.net.auth.mysql.model.ConnectionPermissionKey;
 import net.sourceforge.guacamole.net.auth.mysql.service.ConnectionService;
 import net.sourceforge.guacamole.net.auth.mysql.service.PermissionCheckService;
@@ -221,16 +220,6 @@ public class ConnectionDirectory implements Directory<String, Connection>{
         MySQLConnection mySQLConnection =
                 connectionService.retrieveConnection(identifier);
 
-        // Delete all configuration values
-        ConnectionParameterExample connectionParameterExample = new ConnectionParameterExample();
-        connectionParameterExample.createCriteria().andConnection_idEqualTo(mySQLConnection.getConnectionID());
-        connectionParameterDAO.deleteByExample(connectionParameterExample);
-
-        // Delete all permissions that refer to this connection
-        ConnectionPermissionExample connectionPermissionExample = new ConnectionPermissionExample();
-        connectionPermissionExample.createCriteria().andConnection_idEqualTo(mySQLConnection.getConnectionID());
-        connectionPermissionDAO.deleteByExample(connectionPermissionExample);
-
         // Delete the connection itself
         connectionService.deleteConnection(mySQLConnection.getConnectionID());
 

extensions/guacamole-auth-mysql/src/main/java/net/sourceforge/guacamole/net/auth/mysql/service/UserService.java

@@ -327,26 +327,6 @@ public class UserService {
         MySQLUser mySQLUser = retrieveUser(username);
         int user_id = mySQLUser.getUserID();
 
-        // Delete all user permissions
-        UserPermissionExample userPermissionExample = new UserPermissionExample();
-        userPermissionExample.createCriteria().andUser_idEqualTo(user_id);
-        userPermissionDAO.deleteByExample(userPermissionExample);
-
-        // Delete all connection permissions
-        ConnectionPermissionExample connectionPermissionExample = new ConnectionPermissionExample();
-        connectionPermissionExample.createCriteria().andUser_idEqualTo(user_id);
-        connectionPermissionDAO.deleteByExample(connectionPermissionExample);
-
-        // Delete all system permissions
-        SystemPermissionExample systemPermissionExample = new SystemPermissionExample();
-        systemPermissionExample.createCriteria().andUser_idEqualTo(user_id);
-        systemPermissionDAO.deleteByExample(systemPermissionExample);
-
-        // Delete all permissions that refer to this user
-        userPermissionExample.clear();
-        userPermissionExample.createCriteria().andAffected_user_idEqualTo(user_id);
-        userPermissionDAO.deleteByExample(userPermissionExample);
-
         // Delete the user in the database
         userDAO.deleteByPrimaryKey(user_id);