NetDB Records (with a capital R) are complete things NetDB users manipulate with the NetDB application. NetDB notes when Records are created and modified along with the name of the user doing the creating or modifying. Access to Records is always controlled through security groups. Each NetDB Record will have a screen (or set of screens) in the NetDB application.
NetDB records (with a small r) are complete things that need a screen (or set of screens) of their own, but don't require the tracking associated with a NetDB Record. Some NetDB records will have screens in the NetDB application; others may be modified so seldom that only SQL will be used to make changes. With rare exceptions, only NetDB administrators update NetDB records.
Both NetDB Records and records are things that people (NetDB users and administrators) think of as a whole - something that can exist on it's own, not just an element of something bigger. A node is an Record, an interface is not - it's just part of a node.
The following is a list of NetDB Records and records as taken from the logical data model.
Notes:
Cardinality reflects the logical data model. Application enforced
business rules may affect the cardinality seen by the user. For
example, networks might be limited to a single name.
$ == owner security check, i.e. when a user is playing with a thing,
see if she is an owner of the thing.
@ == access security check, i.e. when a user is playing with a thing,
see if she has the right to play.
Owner Security Group @
bookkeeping(1,1) (date, user)
label(1,1)
description(0,1)
Domain @
bookkeeping(1,1) (date, user)
comment(0,1)
limited flag(1,1)
delegated flag(1,1)
nameserver(0,n)
name(1,1)
domain(1,1) $
owner security group(1,n) $
use domain owner(0,n) $
allow name owner(0,n) $
administrator(0,n)
type(1,1) [Person, Admin Team]
wildcard(0,n)
type(1,1) [A, CNAME, MX, TXT, etc.]
value(1,1)
comment(0,1) [ Necessary? Good idea? ]
DS record(0,n)
key tag(1,1)
algorithm(1,1)
digest type(1,1)
digest(1,1)
publish flag(1,1)
NetDB User @
bookkeeping(1,1) (date, user)
{sunetid, regid}(1,1)
active flag(1,1)
last login(0,1)
oauth id(0,1)
comment(0,1)
default domain(1,1) $
default address space(0,1) $
default owner security group(0,1) $ [(1,1) if active flag true]
all owner flag(1,1) $
all access flag(1,1) $
owner security group(0,n) $ [(1,n) if active flag true]
access security group(0,n) $
organization(0,n)
template(0,n)
Admin Team @
bookkeeping(1,1) (date, user)
comment(0,1)
name(1,1)
email(1,1)
phone(1,1)
owner security group(1,n) $
member(0,n)
organization(0,n)
DNS Record @ [ New, separate, DNS record priv, or piggyback on node priv? ]
bookkeeping(1,1) (date, user)
name(1,1) $ [check netdb record ownership if matching name exists]
domain(1,1) $
alias(0,n)
domain(1,1) $
ttl(0,1) [not implemented - should probably be part of name]
comment(0,1)
administrator(1,n)
type(1,1) [Person, Admin Team]
type(1,1) [TXT, SRV, ...]
case (type)
TXT: @?
value(0,n)
comment(0,1) [each TXT record *value* has a comment, administrators/owners, and expiration date]
administrator(0,n)
type(1,1) [Person, Admin Team]
expiration date(0,1)
SRV: @?
service(1,1) [ Service and protocol here or part of name? Probably best here, to avoid ]
protocol(1,1) [ creating a _protocol.name.domain domain for every SRV name and confusion ]
[ over the base name ownership check - SRV vs (A|MX|SRV|TXT|...). Though ]
[ that will make for interesting issues when SRV names have aliases. Will ]
[ likely need an "alias of prefixed name" alias type to make that work. ]
administrator(1,n) [each SRV record *set* has a comment and administrators]
type(1,1) [Person, Admin Team]
rhs(1,n) or content(1,n) or value(1,n) or ?
priority(1,1)
weight(1,1)
port(1,1)
target(1,1)
HTTPS: @?
port(1,1) [ Same concerns as SRV, since it's the same idea, with a different ]
[ set of prefixes, _port._service instead of _service._protocol. ]
administrator(1,n) [each HTTPS record *set* has a comment and administrators]
type(1,1) [Person, Admin Team]
rhs(1,n) or content(1,n) or value(1,n) or ?
priority(1,1)
content(1,1) or value(1,1)
owner security group(1,n) $
TXT Record @ [TXT record privilege; may become DNS record privilege]
[when more DNS record types are implemented. ]
bookkeeping(1,1) (date, user)
name(1,1) $ [check netdb record ownership if matching name exists]
domain(1,1) $
alias(0,n)
domain(1,1) $
mx(0,0) $ [(0,0) enforced by application]
domain(1,1) $
preference(1,1)
comment(0,1)
administrator(1,n)
type(1,1) [Person, Admin Team]
owner security group(1,n) $
value(0,n)
comment(0,1)
administrator(0,n) [This will be called owner in the application.]
type(1,1) [Person, Admin Team]
expiration date(0,1)
Network @
bookkeeping(1,1) (date, user)
location(0,n)
comment(0,1)
vlan area(0,1)
vlan(0,1)
dhcp service(0,1)
dhcp option(0,n)
value(0,1)
name(1,n) [(1,1) application limit]
domain(1,1) $
alias(0,n) [(0,0) application limit]
domain(1,1) $
mx(0,n) $ [(0,0) application limit, check if mx exists as normal name]
domain(1,1) $
preference(1,1)
owner security group(1,n) $
IP address space(0,n)
comment(0,1)
net number(1,1)
prefix length(1,1)
low res(1,1)
high res(1,1)
owner security group(0,n) $
dhcp option(0,n)
value(0,1)
ip address pool(0,n) [(0,1) since it's not implemented yet]
dhcp option(0,n)
value(0,1)
dynamic dhcp address(0,n)
active flag(1,1)
name(1,n) [(1,1) application limit]
domain(1,1) $
alias(0,n) [(0,0) application limit]
domain(1,1) $
mx(0,n) $ [(0,0) application limit, check if mx exists as normal name]
domain(1,1) $
preference(1,1)
Node @
bookkeeping(1,1) (date, user)
owner organization(1,1)
location(1,1)
room(1,1)
owner netdb user(0,1) $
expiration date(0,1)
comment(0,1)
state(1,1)
model(1,1)
os name(1,n)
os version(0,1) [(0,0) application limit --sunia]
name(1,n) [(1,1) unless "Advanced" application limit]
domain(1,1) $
alias(0,n)
domain(1,1) $
mx(0,n) $ [check if mx exists as normal name]
domain(1,1) $
preference(1,1)
owner security group(1,n) $
administrator(1,n)
rank(1,1) [not implemented]
type(1,1) [Person, Admin Team]
case (type)
Person:
srvtab access(1,1)
Admin Team:
user(0,n) [person id]
node tags(0,n) [n=3 application limit]
label(1,1)
data(0,1)
service(0,n)
type(1,1)
node group(0,n) $
type(0,n) [Router, Advanced, Template, Static IP Client, ...]
case (type)
Advanced: @
DHCP Server: @
IP Connectivity Provider: @
address(0,n) $ [always active]
name(1,n) [(1,1) application limit]
domain(1,1) $
alias(0,n) [(0,0) application limit]
domain(1,1) $
mx(0,n) $ [(0,0) application limit, check if mx exists as normal name]
domain(1,1) $
preference(1,1)
Static IP Client:
address(1,n) $ [served by an existing IPC]
Template:
address space(0,1) $
interface(0,n) [(0,0) for "Template" and "Static IP Client"]
roaming flag(1,1)
dhcp flag(1,1)
comment(0,1)
dhcp option(0,n)
value(0,1)
name(0,n) [(0,0) unless "Advanced", then (0,1) application limit]
domain(1,1) $
alias(0,n) [(0,0) application limit]
domain(1,1) $
mx(0,n) $ [(0,0) application limit, check if mx exists as normal name]
domain(1,1) $
preference(1,1)
address(0,n) $
active flag(1,1)
PTR preference(1,1) [use default unless "Advanced"]
name(0,n) [(0,0) unless "Advanced", then (0,1) application limit]
domain(1,1) $
alias(0,n) [(0,0) application limit]
domain(1,1) $
mx(0,n) $ [(0,0) application limit, check if mx exists as normal name]
domain(1,1) $
preference(1,1)
type(1,1) [Ethernet, Virtual, ATM, DSL, FDDI, PhoneNet]
case (type)
Ethernet:
hardware address(0,1)
Node Group @ This record is not fully defined.
bookkeeping(1,1) (date, user) More work is necessary and it will
type(1,1) be revisited when time permits.
comment(0,1)
owner security group(1,n)
name(1,n) [(1,1) application limit]
domain(1,1) $
alias(0,n) [(0,0) application limit]
domain(1,1) $
mx(0,0) $ [(0,0) enforced by application]
domain(1,1) $
preference(1,1)
node(0,n) $
node group(0,n) $
type(1,1)
case (type)
Computer Cluster:
Load-Balanced Name:
CNAME flag(1,1)
TTL(0,1)
records:
access methods: <++> == NetDB Record subscreen & NetDB record screen
<+> == NetDB record screen
<> == SQL
netdb user access: A user must have ``System Management'' access
privileges to work with these records (except
as noted on <++> type records)
reserved name <++> @(node group)
bookkeeping(1,1) (date, user)
name(1,1)
domain(0,1) $
owner security group(0,n) $
os <++> [Solaris, Linux, Windows, ...] @(node)
bookkeeping(1,1) (date, user)
name(1,1)
desc(0,1)
model <++> [Ultra 10, Centris 650, Latitude, ...] @(node)
bookkeeping(1,1) (date, user)
name(1,1)
make(1,1)
model class(0,1)
model class <+> [PC, Mac, ...]
name(1,1)
desc(0,1)
make <+> [Apple, Dell, Sun, ...]
name(1,1)
location <+>
name(1,1)
site(1,1)
code(1,1)
organization <+>
regid(1,1) [(1,1) is the dream, (0,1) for now]
name(1,1)
consultant(0,n) [organizations with consultants must have one and]
primary(1,1) [only one primary consultant (application limit)]
system parameters <+>
name(1,1)
desc(0,1)
value(1,1)
dhcp service <+>
bookkeeping(1,1)
name(1,1)
desc(0,1)
dhcp server(0,n)
dhcp option(0,n)
value(0,1)
dhcp option <+>
name(1,1)
data type(1,1)
type(0,1)
applicability(0,n)
dhcp option application <> [Server, Net, Address Space, Node, Node Group(?)]
label(1,1)
desc(0,1)
access security group <>
label(1,1)
description(0,1)
default flag(1,1)
interface type <>
name(1,1)
desc(0,1)
name type <>
label(1,1)
desc(0,1)
node type <>
name(1,1)
rank(1,1)
desc(0,1)
access security group(0,1)
person <>
regid(1,1)
name(1,1)
phone(0,1)
email(0,1)
sunetid(0,1)
active flag(1,1)
service <>
name(1,1)
desc(0,1)
state <>
label(1,1)
rank(1,1)
denyDHCP(1,1)
denyDNS(1,1)
desc(0,1)
access security group(0,1)
vlan area <>
label(1,1)
rank(0,1)
desc(0,1)
wildcard type <>
label(1,1)
log
user(1,1)
action(1,1)
date(1,1)
record_type(1,1)
record_id(1,1)
state(0,1)
record_name(1,n)
ip_address(0,n)