fixed DB schema and install.sh

docs/databases/postgres/en/create_db.sql

@@ -1,7 +1,6 @@
 -- Enable required extensions
 CREATE EXTENSION IF NOT EXISTS pg_trgm;
 CREATE EXTENSION IF NOT EXISTS btree_gin;
-CREATE EXTENSION IF NOT EXISTS ip4r;
 
 -- Access Control List
 CREATE TABLE acl (
@@ -593,7 +592,7 @@ COMMENT ON TABLE vendors IS 'Network equipment vendors';
 -- System version
 CREATE TABLE version (
 id INTEGER PRIMARY KEY DEFAULT 1,
-version VARCHAR(10) NOT NULL DEFAULT '2.4.14'
+version VARCHAR(10) NOT NULL DEFAULT '3.0.0'
 );
 COMMENT ON TABLE version IS 'System version information';
 
@@ -667,7 +666,7 @@ CREATE INDEX idx_user_sessions_is_active ON user_sessions(is_active) WHERE is_ac
 CREATE INDEX idx_user_stats_ts ON user_stats(ts, auth_id, router_id);
 CREATE INDEX idx_user_stats_full_ts ON user_stats_full(ts, auth_id, router_id);
 
-CREATE INDEX idx_wan_stats_time ON wan_stats(time, router_id, interface_id);
+CREATE INDEX idx_wan_stats_time ON wan_stats(ts, router_id, interface_id);
 
 CREATE INDEX idx_worklog_customer ON worklog(customer, level, ts);
 CREATE INDEX idx_worklog_ts ON worklog(level, ts);

docs/databases/postgres/en/data.sql

@@ -87,7 +87,7 @@ ON CONFLICT (id) DO UPDATE SET
     description_english = EXCLUDED.description_english,
     draft = EXCLUDED.draft,
     uniq = EXCLUDED.uniq,
-    type = EXCLUDED.type,
+    option_type = EXCLUDED.option_type,
     default_value = EXCLUDED.default_value,
     min_value = EXCLUDED.min_value,
     max_value = EXCLUDED.max_value;
@@ -463,7 +463,7 @@ ON CONFLICT (id) DO UPDATE SET
     dst = EXCLUDED.dst,
     dstport = EXCLUDED.dstport,
     srcport = EXCLUDED.srcport,
-    type = EXCLUDED.type;
+    filter_type = EXCLUDED.filter_type;
 
 -- Filter group assignments
 INSERT INTO group_filters (id, group_id, filter_id, rule_order, action)

docs/databases/postgres/ru/create_db.sql

@@ -1,7 +1,6 @@
 -- Включаем необходимые расширения
 CREATE EXTENSION IF NOT EXISTS pg_trgm;
 CREATE EXTENSION IF NOT EXISTS btree_gin;
-CREATE EXTENSION IF NOT EXISTS ip4r;
 
 -- Access Control List
 CREATE TABLE acl (
@@ -264,7 +263,7 @@ value VARCHAR(100)
 );
 COMMENT ON TABLE dns_queue IS 'Очередь отложенных операций DNS';
 COMMENT ON COLUMN dns_queue.name_type IS 'Тип DNS записи: A, AAAA, PTR, CNAME';
-COMMENT ON COLUMN dns_queue.type IS 'Тип операции: add, delete, update';
+COMMENT ON COLUMN dns_queue.operation_type IS 'Тип операции: add, delete, update';
 
 -- Экземпляры фильтров
 CREATE TABLE filter_instances (
@@ -667,7 +666,7 @@ CREATE INDEX idx_user_sessions_is_active ON user_sessions(is_active) WHERE is_ac
 CREATE INDEX idx_user_stats_ts ON user_stats(ts, auth_id, router_id);
 CREATE INDEX idx_user_stats_full_ts ON user_stats_full(ts, auth_id, router_id);
 
-CREATE INDEX idx_wan_stats_time ON wan_stats(time, router_id, interface_id);
+CREATE INDEX idx_wan_stats_time ON wan_stats(ts, router_id, interface_id);
 
 CREATE INDEX idx_worklog_customer ON worklog(customer, level, ts);
 CREATE INDEX idx_worklog_ts ON worklog(level, ts);

docs/databases/postgres/ru/data.sql

@@ -79,7 +79,7 @@ ON CONFLICT (id) DO UPDATE SET
     description_english = EXCLUDED.description_english,
     draft = EXCLUDED.draft,
     uniq = EXCLUDED.uniq,
-    type = EXCLUDED.type,
+    option_type = EXCLUDED.option_type,
     default_value = EXCLUDED.default_value,
     min_value = EXCLUDED.min_value,
     max_value = EXCLUDED.max_value;
@@ -456,7 +456,7 @@ ON CONFLICT (id) DO UPDATE SET
     dst = EXCLUDED.dst,
     dstport = EXCLUDED.dstport,
     srcport = EXCLUDED.srcport,
-    type = EXCLUDED.type;
+    filter_type = EXCLUDED.filter_type;
 
 -- Filter group assignments
 INSERT INTO group_filters (id, group_id, filter_id, rule_order, action)

install-eye.sh

@@ -845,11 +845,16 @@ local   all             postgres                                peer\
 
     print_info "Creating database '$DB_NAME' with locale '$LC_TYPE'..."
 
+    # Set password for stat user
+    print_info "Setting password for user $DB_USER ..."
+    sudo -u postgres psql -c "CREATE USER $DB_USER WITH PASSWORD '$DB_PASS';"
+
     sudo -u postgres createdb \
       --encoding=UTF8 \
       --lc-collate="$LC_TYPE" \
       --lc-ctype="$LC_TYPE" \
       --template=template0 \
+      --owner="$DB_USER" \
       "$DB_NAME"
 
     if [[ $? -ne 0 ]]; then
@@ -857,52 +862,57 @@ local   all             postgres                                peer\
         return 1
     fi
 
-    print_info "Database created successfully"
+    print_info "Database created successfully with owner '$DB_USER'"
 
-    # Import main SQL file as postgres user
-    print_info "Importing database structure..."
-    sudo -u postgres psql -d "$DB_NAME" -f "$SQL_CREATE_FILE"
+    sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE $DB_NAME TO $DB_USER;"
+
+    # Теперь подключаемся как новый владелец для импорта
+    print_info "Importing database structure as '$DB_USER'..."
+
+    # Вариант 1: Используя sudo и переключение пользователя в psql
+    sudo -u postgres psql -d "$DB_NAME" <<EOF
+SET ROLE "$DB_USER";
+\i $SQL_CREATE_FILE
+EOF
 
     if [[ $? -ne 0 ]]; then
         print_error "Error importing create_db.sql"
         return 1
     fi
 
-    # Импортируем структуру и данные
-    print_info "Importing database structure and initial data..."
-    sudo -u postgres psql -d "$DB_NAME" -f "$SQL_DATA_FILE"
-    if [[ $? -ne 0 ]]; then
-        print_warn "Warning: failed to import data (may already exist or non-critical)"
-    else
-        print_info "Database structure and data imported successfully"
-    fi
+    print_info "Database structure imported successfully"
 
-    # Set password for stat user
-    print_info "Setting password for user 'stat'..."
-    sudo -u postgres psql -c "CREATE USER $DB_USER WITH PASSWORD '$DB_PASS';"
-    sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE $DB_NAME TO $DB_USER;"
-
-    # Import data
-    print_info "Importing initial data..."
-    sudo -u postgres psql -d ${DB_NAME} -f ${SQL_DATA_FILE}
+    # Импортируем данные тоже как владелец
+    if [[ -f "$SQL_DATA_FILE" ]]; then
+        print_info "Importing database data as '$DB_USER'..."
+        sudo -u postgres psql -d "$DB_NAME" <<EOF
+SET ROLE "$DB_USER";
+\i $SQL_DATA_FILE
+EOF
 
-    if [[ $? -ne 0 ]]; then
-        print_warn "Error importing data.sql (data may already exist)"
-    else
-        print_info "Initial data imported"
+        if [[ $? -ne 0 ]]; then
+            print_warn "Warning: failed to import data (may already exist or non-critical)"
+        else
+            print_info "Database data imported successfully"
+        fi
     fi
 
-    # Grant privileges on all tables to stat user
-    print_info "Granting privileges on all tables to user 'stat'..."
-    sudo -u postgres psql -d ${DB_NAME} <<EOF
-GRANT ALL ON ALL TABLES IN SCHEMA public TO ${DB_USER};
-GRANT ALL ON ALL SEQUENCES IN SCHEMA public TO ${DB_USER};
-GRANT ALL ON ALL FUNCTIONS IN SCHEMA public TO ${DB_USER};
-ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON TABLES TO ${DB_USER};
-ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON SEQUENCES TO ${DB_USER};
-ALTER DEFAULT PRIVILEGES IN SCHEMA public GRANT ALL ON FUNCTIONS TO ${DB_USER};
+    # Дополнительные привилегии 
+    print_info "Setting up additional privileges..."
+
+    # Дать доступ пользователю postgres к БД
+    sudo -u postgres psql -c "GRANT CONNECT ON DATABASE $DB_NAME TO postgres;"
+
+    # Дать полные права пользователю postgres на все объекты
+    sudo -u postgres psql -d "$DB_NAME" <<EOF
+GRANT ALL ON SCHEMA public TO postgres;
+ALTER DEFAULT PRIVILEGES FOR USER "$DB_USER" IN SCHEMA public GRANT ALL ON TABLES TO postgres;
+ALTER DEFAULT PRIVILEGES FOR USER "$DB_USER" IN SCHEMA public GRANT ALL ON SEQUENCES TO postgres;
+ALTER DEFAULT PRIVILEGES FOR USER "$DB_USER" IN SCHEMA public GRANT ALL ON FUNCTIONS TO postgres;
 EOF
 
+    print_info "Database setup completed successfully"
+
     # Configure PostgreSQL for MD5 authentication
     if [[ "$OS_FAMILY" == "alt" ]]; then
         local pg_hba_file="/var/lib/pgsql/data/pg_hba.conf"

scripts/updates/3-0-1/migration.msql

@@ -1,51 +1,42 @@
 -- Переименование таблиц в нижний регистр
 
-RENAME TABLE
-  Customers TO customers,
-  User_auth TO user_auth,
-  User_list TO user_list,
-  User_stats TO user_stats,
-  User_stats_full TO user_stats_full,
-  User_auth_alias TO user_auth_alias,
-  Wan_stats TO wan_stats,
-  Traffic_detail TO traffic_detail,
-  Unknown_mac TO unknown_mac,
-  Group_filters TO group_filters,
-  Group_list TO group_list,
-  Filter_list TO filter_list,
-  Queue_list TO queue_list;
-
-ALTER TABLE wan_stats
-  CHANGE COLUMN `in` bytes_in BIGINT NOT NULL DEFAULT 0,
-  CHANGE COLUMN `out` bytes_out BIGINT NOT NULL DEFAULT 0;
-
-ALTER TABLE group_filters
-  CHANGE COLUMN `order` rule_order INTEGER NOT NULL DEFAULT 0;
-
-ALTER TABLE user_auth
-  CHANGE COLUMN `client-id` client_id VARCHAR(250);
+RENAME TABLE Customers TO customers;
+RENAME TABLE User_auth TO user_auth;
+RENAME TABLE User_list TO user_list;
+RENAME TABLE User_stats TO user_stats;
+RENAME TABLE User_stats_full TO user_stats_full;
+RENAME TABLE User_auth_alias TO user_auth_alias;
+RENAME TABLE Wan_stats TO wan_stats;
+RENAME TABLE Traffic_detail TO traffic_detail;
+RENAME TABLE Unknown_mac TO unknown_mac;
+RENAME TABLE Group_filters TO group_filters;
+RENAME TABLE Group_list TO group_list;
+RENAME TABLE Filter_list TO filter_list;
+RENAME TABLE Queue_list TO queue_list;
+
+ALTER TABLE wan_stats CHANGE COLUMN `in` bytes_in BIGINT NOT NULL DEFAULT 0;
+ALTER TABLE wan_stats CHANGE COLUMN `out` bytes_out BIGINT NOT NULL DEFAULT 0;
+
+ALTER TABLE group_filters CHANGE COLUMN `order` rule_order INTEGER NOT NULL DEFAULT 0;
+
+ALTER TABLE user_auth CHANGE COLUMN `client-id` client_id VARCHAR(250);
 
 -- Переименовываем eof → end_life в user_auth
-ALTER TABLE user_auth
-  CHANGE COLUMN `eof` end_life TIMESTAMP NULL DEFAULT NULL;
+ALTER TABLE user_auth CHANGE COLUMN `eof` end_life TIMESTAMP NULL DEFAULT NULL;
 
-ALTER TABLE dhcp_log
-  CHANGE COLUMN `client-id` client_id VARCHAR(250),
-  CHANGE COLUMN `circuit-id` circuit_id VARCHAR(255),
-  CHANGE COLUMN `remote-id` remote_id VARCHAR(255);
+ALTER TABLE dhcp_log CHANGE COLUMN `client-id` client_id VARCHAR(250);
+ALTER TABLE dhcp_log CHANGE COLUMN `circuit-id` circuit_id VARCHAR(255);
+ALTER TABLE dhcp_log CHANGE COLUMN `remote-id` remote_id VARCHAR(255);
 
 -- Точки в именах
-ALTER TABLE acl
-  CHANGE COLUMN `description.english` description_english VARCHAR(250) NOT NULL,
-  CHANGE COLUMN `description.russian` description_russian VARCHAR(250) NOT NULL;
+ALTER TABLE acl CHANGE COLUMN `description.english` description_english VARCHAR(250) NOT NULL;
+ALTER TABLE acl CHANGE COLUMN `description.russian` description_russian VARCHAR(250) NOT NULL;
 
-ALTER TABLE config_options
-  CHANGE COLUMN `description.english` description_english TEXT,
-  CHANGE COLUMN `description.russian` description_russian TEXT;
+ALTER TABLE config_options CHANGE COLUMN `description.english` description_english TEXT;
+ALTER TABLE config_options CHANGE COLUMN `description.russian` description_russian TEXT;
 
-ALTER TABLE device_types
-  CHANGE COLUMN `name.russian` name_russian VARCHAR(50),
-  CHANGE COLUMN `name.english` name_english VARCHAR(50);
+ALTER TABLE device_types CHANGE COLUMN `name.russian` name_russian VARCHAR(50);
+ALTER TABLE device_types CHANGE COLUMN `name.english` name_english VARCHAR(50);
 
 -- timestamp → ts
 ALTER TABLE dhcp_log        CHANGE COLUMN `timestamp` ts TIMESTAMP NOT NULL DEFAULT CURRENT_TIMESTAMP;
@@ -77,14 +68,11 @@ ALTER TABLE vendors         CHANGE COLUMN `comment` description VARCHAR(255);
 ALTER TABLE user_auth       CHANGE COLUMN `comments` description VARCHAR(250);
 
 -- Добавляем поле mac_found в user_auth (аналог arp_found)
-ALTER TABLE user_auth
-  ADD COLUMN mac_found TIMESTAMP NULL DEFAULT NULL;
+ALTER TABLE user_auth ADD COLUMN mac_found TIMESTAMP NULL DEFAULT NULL;
 
 -- type → уточнённые имена
 ALTER TABLE config_options  CHANGE COLUMN `type` option_type VARCHAR(100) NOT NULL;
 ALTER TABLE dns_queue       CHANGE COLUMN `type` operation_type VARCHAR(10) NOT NULL DEFAULT 'add';
 ALTER TABLE filter_list     CHANGE COLUMN `type` filter_type SMALLINT NOT NULL DEFAULT 0;
 
-UPDATE user_auth
-SET mac_found = last_found
-WHERE last_found IS NOT NULL;
+UPDATE user_auth SET mac_found = last_found WHERE last_found IS NOT NULL;

scripts/updates/3-0-1/migration.psql

@@ -25,8 +25,7 @@ ALTER TABLE group_filters RENAME COLUMN "order" TO rule_order;
 ALTER TABLE user_auth RENAME COLUMN "client-id" TO client_id;
 
 -- Переименовываем eof → end_life в user_auth
-ALTER TABLE user_auth
-  RENAME COLUMN eof TO end_life;
+ALTER TABLE user_auth RENAME COLUMN eof TO end_life;
 
 -- dhcp_log: дефисы → подчёркивания
 ALTER TABLE dhcp_log RENAME COLUMN "client-id" TO client_id;
@@ -69,14 +68,11 @@ ALTER TABLE user_list RENAME COLUMN comment TO description;
 ALTER TABLE vendors RENAME COLUMN comment TO description;
 
 -- Добавляем поле mac_found в user_auth (аналог arp_found)
-ALTER TABLE user_auth
-  ADD COLUMN mac_found TIMESTAMP;
+ALTER TABLE user_auth ADD COLUMN mac_found TIMESTAMP;
 
 -- type → уточнённые имена
 ALTER TABLE config_options RENAME COLUMN type TO option_type;
 ALTER TABLE dns_queue RENAME COLUMN type TO operation_type;
 ALTER TABLE filter_list RENAME COLUMN type TO filter_type;
 
-UPDATE user_auth
-SET mac_found = last_found
-WHERE last_found IS NOT NULL;
+UPDATE user_auth SET mac_found = last_found WHERE last_found IS NOT NULL;

scripts/updates/upgrade.pl

@@ -15,6 +15,7 @@ use eyelib::config;
 use eyelib::main;
 use eyelib::database;
 use eyelib::common;
+use Data::Dumper;
 use strict;
 use warnings;
 
@@ -80,7 +81,7 @@ for (my $i=$old_version_index; $i < scalar @old_releases; $i++) {
     my @sql_patches;
     if ($db_type) {
         my @sql_patches1 = glob($dir_name.'/*.sql');
-        my @sql_patches1 = glob($dir_name.'/*.msql');
+        my @sql_patches2 = glob($dir_name.'/*.msql');
         push(@sql_patches,@sql_patches1);
         push(@sql_patches,@sql_patches2);
         } else {
@@ -92,6 +93,8 @@ for (my $i=$old_version_index; $i < scalar @old_releases; $i++) {
             next if ($patch=~/version.sql/);
             my @sql_cmd=read_file($patch);
             foreach my $sql (@sql_cmd) {
+                next if ($sql=~/^(--|#)/);
+                next if (!$sql);
                 my $sql_prep = $dbh->prepare($sql) or die "Unable to prepare $sql: " . $dbh->errstr."\n";
                 my $sql_ref;
                 my $rv = $sql_prep->execute();