AdminGit2026/nis2-agile
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[FIX] reset-demo.sql: gestione trigger audit_log + drop/recreate

Browse Source 
Il trigger prevent_audit_log_delete blocca DELETE e interrompe lo script.
Fix: drop triggers prima di DELETE audit_logs, poi ricrea.
Richiede esecuzione con utente root MySQL.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
DevEnv nis2-agile 2026-03-09 09:51:40 +01:00
parent 9f9f967d52
commit 4be541e9b5
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
docs/sql/reset-demo.sql
View File

@ -64,10 +64,19 @@ DELETE FROM webhook_deliveries
DELETE FROM webhook_subscriptions WHERE organization_id > 4;
DELETE FROM api_keys WHERE organization_id > 4;
-- Audit log (solo dati demo, non i record di sistema id <= 100)
-- Audit log — il trigger prevent_audit_log_delete blocca DELETE diretta.
-- Usiamo una procedura temporanea che bypassa il trigger (ROOT richiesto).
DROP TRIGGER IF EXISTS prevent_audit_log_delete;
DROP TRIGGER IF EXISTS prevent_audit_log_update;
DELETE FROM audit_logs WHERE organization_id > 4;
DELETE FROM audit_exports WHERE organization_id > 4;
DELETE FROM audit_violations WHERE organization_id > 4;
-- Ricrea i trigger immutabili (richiedono log_bin_trust_function_creators=1)
SET GLOBAL log_bin_trust_function_creators = 1;
CREATE TRIGGER prevent_audit_log_update BEFORE UPDATE ON audit_logs
FOR EACH ROW SIGNAL SQLSTATE '45000' SET MESSAGE_TEXT = 'audit_logs: UPDATE not permitted';
CREATE TRIGGER prevent_audit_log_delete BEFORE DELETE ON audit_logs
FOR EACH ROW SIGNAL SQLSTATE '45000' SET MESSAGE_TEXT = 'audit_logs: DELETE not permitted';
-- AI interactions
DELETE FROM ai_interactions WHERE organization_id > 4;