- "DELETE FROM all_smack_binary_rules; \
- \
- INSERT INTO all_smack_binary_rules \
- SELECT subject, object, access, is_volatile \
- FROM all_smack_binary_rules_view; \
- \
- DELETE FROM all_smack_binary_rule_modified; \
- \
- INSERT INTO all_smack_binary_rule_modified \
- SELECT subject, object, access \
- FROM all_smack_binary_rules, \
- modified_label \
- WHERE subject IN modified_label OR \
- object IN modified_label; \
- \
- DELETE FROM history_smack_rule_modified; \
- \
- INSERT INTO history_smack_rule_modified \
- SELECT subject, object, access \
- FROM history_smack_rule, \
- modified_label \
- WHERE subject IN modified_label OR \
- object IN modified_label; \
+ "\
+ -- clean temporary tables\n \
+ DELETE FROM all_smack_binary_rules_modified; \
+ DELETE FROM current_smack_rule_modified; \
+ DELETE FROM history_smack_rule_modified; \
+ \
+ -- gather possibly modified rules\n \
+ INSERT INTO all_smack_binary_rules_modified \
+ SELECT subject, object, access, is_volatile \
+ FROM all_smack_binary_rules_view \
+ WHERE subject IN modified_label; \
+ \
+ INSERT INTO all_smack_binary_rules_modified \
+ SELECT subject, object, access, is_volatile \
+ FROM all_smack_binary_rules_view \
+ WHERE object IN modified_label AND subject NOT IN modified_label; \
+ \
+ -- prepare aggregated rules for diff algorithm\n \
+ INSERT INTO current_smack_rule_modified \
+ SELECT subject, object, bitwise_or(access) \
+ FROM all_smack_binary_rules_modified \
+ GROUP BY subject, object \
+ ORDER BY subject, object ASC; \
+ \
+ INSERT INTO history_smack_rule_modified \
+ SELECT subject, object, bitwise_or(access) \
+ FROM all_smack_binary_rules \
+ WHERE subject IN modified_label OR object IN modified_label \
+ GROUP BY subject, object \
+ ORDER BY subject, object ASC; \
+ \
+ -- apply changes to all_smack_binary_rules\n \
+ DELETE FROM all_smack_binary_rules \
+ WHERE subject IN modified_label OR \
+ object IN modified_label; \
+ \
+ INSERT INTO all_smack_binary_rules \
+ SELECT subject, object, access, is_volatile \
+ FROM all_smack_binary_rules_modified; \
+ \
+ -- cleanup\n \
+ DELETE FROM modified_label; \