Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
| Comment: | Revise the sqlite_set_authorizer API to provide more detailed information about the SQL statement being authorized. Only partially tested so far. (CVS 830) |
|---|---|
| Downloads: | Tarball | ZIP archive | SQL archive |
| Timelines: | family | ancestors | descendants | both | trunk |
| Files: | files | file ages | folders |
| SHA1: | 45de93f913a18026a45de6254963dbcd |
| User & Date: | drh 2003-01-13 23:27:32 |
References
|
2013-05-06
| ||
| 13:03 | • New ticket [0eb70d77] Invalid pointer passed to the authorizer callback. artifact: 6ec5e901 user: drh | |
Context
|
2003-01-14
| ||
| 00:44 | Make the GLOB work write with upper-case characters. Ticket #226. (CVS 831) check-in: 7ea46e70 user: drh tags: trunk | |
|
2003-01-13
| ||
| 23:27 | Revise the sqlite_set_authorizer API to provide more detailed information about the SQL statement being authorized. Only partially tested so far. (CVS 830) check-in: 45de93f9 user: drh tags: trunk | |
|
2003-01-12
| ||
| 19:33 | The initial round of tests for the sqlite_set_authorizer() API. More are needed before release. Ticket #215. (CVS 829) check-in: 5707b3d5 user: drh tags: trunk | |
Changes
Changes to src/auth.c.
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
...
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
|
** ************************************************************************* ** This file contains code used to implement the sqlite_set_authorizer() ** API. This facility is an optional feature of the library. Embedded ** systems that do not need this facility may omit it by recompiling ** the library with -DSQLITE_OMIT_AUTHORIZATION=1 ** ** $Id: auth.c,v 1.2 2003/01/12 19:33:53 drh Exp $ */ #include "sqliteInt.h" /* ** All of the code in this file may be omitted by defining a single ** macro. */ ................................................................................ zCol = pTab->aCol[pExpr->iColumn].zName; }else if( pTab->iPKey>=0 ){ assert( pTab->iPKey<pTab->nCol ); zCol = pTab->aCol[pTab->iPKey].zName; }else{ zCol = "ROWID"; } rc = db->xAuth(db->pAuthArg, SQLITE_READ_COLUMN, pTab->zName, zCol); if( rc==SQLITE_IGNORE ){ pExpr->op = TK_NULL; }else if( rc==SQLITE_DENY ){ sqliteSetString(&pParse->zErrMsg,"access to ", pTab->zName, ".", zCol, " is prohibited", 0); pParse->nErr++; }else if( rc!=SQLITE_OK ){ sqliteAuthBadReturnCode(pParse, rc); } } /* ** Check the user-supplied authorization function to see if it is ok to ** delete rows from the table pTab. Return SQLITE_OK if it is. Return ** SQLITE_IGNORE if deletions should be silently omitted. Return SQLITE_DENY ** if an error is to be reported. In the last case, write the text of ** the error into pParse->zErrMsg. */ int sqliteAuthDelete(Parse *pParse, const char *zName, int forceError){ sqlite *db = pParse->db; int rc; if( db->xAuth==0 ){ return SQLITE_OK; } rc = db->xAuth(db->pAuthArg, SQLITE_DELETE_ROW, zName, ""); if( rc==SQLITE_DENY || (rc==SQLITE_IGNORE && forceError) ){ sqliteSetString(&pParse->zErrMsg,"deletion from table ", zName, " is prohibited", 0); pParse->nErr++; }else if( rc!=SQLITE_OK && rc!=SQLITE_IGNORE ){ rc = SQLITE_DENY; sqliteAuthBadReturnCode(pParse, rc); } return rc; } /* ** Check the user-supplied authorization function to see if it is ok to ** insert rows from the table pTab. Return SQLITE_OK if it is. Return ** SQLITE_IGNORE if deletions should be silently omitted. Return SQLITE_DENY ** if an error is to be reported. In the last case, write the text of ** the error into pParse->zErrMsg. */ int sqliteAuthInsert(Parse *pParse, const char *zName, int forceError){ sqlite *db = pParse->db; int rc; if( db->xAuth==0 ){ return SQLITE_OK; } rc = db->xAuth(db->pAuthArg, SQLITE_INSERT_ROW, zName, ""); if( rc==SQLITE_DENY || (rc==SQLITE_IGNORE && forceError) ){ sqliteSetString(&pParse->zErrMsg,"insertion into table ", zName, " is prohibited", 0); pParse->nErr++; }else if( rc!=SQLITE_OK && rc!=SQLITE_IGNORE ){ rc = SQLITE_DENY; sqliteAuthBadReturnCode(pParse, rc); } return rc; } /* ** Check to see if it is ok to modify column "j" of table pTab. ** Return SQLITE_OK, SQLITE_IGNORE, or SQLITE_DENY. */ int sqliteAuthWrite(Parse *pParse, Table *pTab, int j){ sqlite *db = pParse->db; int rc; if( db->xAuth==0 ) return SQLITE_OK; rc = db->xAuth(db->pAuthArg, SQLITE_WRITE_COLUMN, pTab->zName, pTab->aCol[j].zName); if( rc==SQLITE_DENY ){ sqliteSetString(&pParse->zErrMsg, "changes to ", pTab->zName, ".", pTab->aCol[j].zName, " are prohibited", 0); pParse->nErr++; }else if( rc!=SQLITE_OK && rc!=SQLITE_IGNORE ){ sqliteAuthBadReturnCode(pParse, rc); } return rc; } /* ** Check to see if it is ok to execute a special command such as ** COPY or VACUUM or ROLLBACK. */ int sqliteAuthCommand(Parse *pParse, const char *zCmd, const char *zArg1){ sqlite *db = pParse->db; int rc; if( db->xAuth==0 ) return SQLITE_OK; rc = db->xAuth(db->pAuthArg, SQLITE_COMMAND, zCmd, zArg1); if( rc==SQLITE_DENY ){ if( zArg1 && zArg1[0] ){ sqliteSetString(&pParse->zErrMsg, "execution of the ", zCmd, " ", zArg1, " command is prohibited", 0); }else{ sqliteSetString(&pParse->zErrMsg, "execution of the ", zCmd, " command is prohibited", 0); } pParse->nErr++; }else if( rc!=SQLITE_OK && rc!=SQLITE_IGNORE ){ sqliteAuthBadReturnCode(pParse, rc); } return rc; } #endif /* SQLITE_OMIT_AUTHORIZATION */ |
|
|
|
|
|
|
<
>
|
<
|
>
|
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
>
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
<
|
<
|
<
|
<
<
<
<
<
<
<
<
<
<
<
<
<
<
|
<
<
<
<
<
<
<
<
<
|
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
...
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
|
** ************************************************************************* ** This file contains code used to implement the sqlite_set_authorizer() ** API. This facility is an optional feature of the library. Embedded ** systems that do not need this facility may omit it by recompiling ** the library with -DSQLITE_OMIT_AUTHORIZATION=1 ** ** $Id: auth.c,v 1.3 2003/01/13 23:27:32 drh Exp $ */ #include "sqliteInt.h" /* ** All of the code in this file may be omitted by defining a single ** macro. */ ................................................................................ zCol = pTab->aCol[pExpr->iColumn].zName; }else if( pTab->iPKey>=0 ){ assert( pTab->iPKey<pTab->nCol ); zCol = pTab->aCol[pTab->iPKey].zName; }else{ zCol = "ROWID"; } rc = db->xAuth(db->pAuthArg, SQLITE_READ, pTab->zName, zCol); if( rc==SQLITE_IGNORE ){ pExpr->op = TK_NULL; }else if( rc==SQLITE_DENY ){ sqliteSetString(&pParse->zErrMsg,"access to ", pTab->zName, ".", zCol, " is prohibited", 0); pParse->nErr++; }else if( rc!=SQLITE_OK ){ sqliteAuthBadReturnCode(pParse, rc); } } /* ** Do an authorization check using the code and arguments given. Return ** either SQLITE_OK (zero) or SQLITE_IGNORE or SQLITE_DENY. If SQLITE_DENY ** is returned, then the error count and error message in pParse are ** modified appropriately. */ int sqliteAuthCheck( Parse *pParse, int code, const char *zArg1, const char *zArg2 ){ sqlite *db = pParse->db; int rc; if( db->xAuth==0 ){ return SQLITE_OK; } rc = db->xAuth(db->pAuthArg, code, zArg1, zArg2); if( rc==SQLITE_DENY ){ sqliteSetString(&pParse->zErrMsg, "not authorized", 0); pParse->nErr++; }else if( rc!=SQLITE_OK && rc!=SQLITE_IGNORE ){ rc = SQLITE_DENY; sqliteAuthBadReturnCode(pParse, rc); } return rc; } #endif /* SQLITE_OMIT_AUTHORIZATION */ |
Changes to src/build.c.
21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 ... 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 ... 891 892 893 894 895 896 897 898 899 900 901 902 903 904 905 .... 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084 .... 1089 1090 1091 1092 1093 1094 1095 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 .... 1370 1371 1372 1373 1374 1375 1376 1377 1378 1379 1380 1381 1382 1383 1384 1385 1386 .... 1436 1437 1438 1439 1440 1441 1442 1443 1444 1445 1446 1447 1448 1449 .... 1634 1635 1636 1637 1638 1639 1640 1641 1642 1643 1644 1645 1646 1647 1648 1649 1650 .... 1833 1834 1835 1836 1837 1838 1839 1840 1841 1842 1843 1844 1845 1846 1847 1848 1849 1850 .... 1921 1922 1923 1924 1925 1926 1927 1928 1929 1930 1931 1932 1933 1934 1935 .... 1941 1942 1943 1944 1945 1946 1947 1948 1949 1950 1951 1952 1953 1954 1955 .... 1962 1963 1964 1965 1966 1967 1968 1969 1970 1971 1972 1973 1974 1975 1976 .... 2071 2072 2073 2074 2075 2076 2077 2078 2079 2080 2081 2082 2083 2084 2085 |
** COPY ** VACUUM ** BEGIN TRANSACTION ** COMMIT ** ROLLBACK ** PRAGMA ** ** $Id: build.c,v 1.120 2003/01/12 18:02:17 drh Exp $ */ #include "sqliteInt.h" #include <ctype.h> /* ** This routine is called when a new SQL statement is beginning to ** be parsed. Check to see if the schema for the database needs ................................................................................ ** ** The new table record is initialized and put in pParse->pNewTable. ** As more of the CREATE TABLE statement is parsed, additional action ** routines will be called to add more information to this record. ** At the end of the CREATE TABLE statement, the sqliteEndTable() routine ** is called to complete the construction of the new table record. */ void sqliteStartTable(Parse *pParse, Token *pStart, Token *pName, int isTemp){ Table *pTable; Index *pIdx; char *zName; sqlite *db = pParse->db; Vdbe *v; pParse->sFirstToken = *pStart; zName = sqliteTableNameFromToken(pName); if( zName==0 ) return; if( sqliteAuthInsert(pParse, SCHEMA_TABLE(isTemp), 1) ){ return; } /* Before trying to create a temporary table, make sure the Btree for ** holding temporary tables is open. */ if( isTemp && db->pBeTemp==0 ){ int rc = sqliteBtreeOpen(0, 0, MAX_PAGES, &db->pBeTemp); if( rc!=SQLITE_OK ){ ................................................................................ int isTemp /* TRUE for a TEMPORARY view */ ){ Table *p; int n; const char *z; Token sEnd; sqliteStartTable(pParse, pBegin, pName, isTemp); p = pParse->pNewTable; if( p==0 || pParse->nErr ){ sqliteSelectDelete(pSelect); return; } /* Make a copy of the entire SELECT statement that defines the view. ................................................................................ Vdbe *v; int base; sqlite *db = pParse->db; if( pParse->nErr || sqlite_malloc_failed ) return; pTable = sqliteTableFromToken(pParse, pName); if( pTable==0 ) return; if( sqliteAuthDelete(pParse, SCHEMA_TABLE(pTable->isTemp), 1) ){ return; } if( pTable->readOnly ){ sqliteSetString(&pParse->zErrMsg, "table ", pTable->zName, " may not be dropped", 0); pParse->nErr++; return; } if( isView && pTable->pSelect==0 ){ ................................................................................ } if( !isView && pTable->pSelect ){ sqliteSetString(&pParse->zErrMsg, "use DROP VIEW to delete view ", pTable->zName, 0); pParse->nErr++; return; } if( sqliteAuthDelete(pParse, pTable->zName, 1) ){ return; } /* Generate code to remove the table from the master table ** on disk. */ v = sqliteGetVdbe(pParse); if( v ){ static VdbeOp dropTable[] = { ................................................................................ goto exit_create_index; } if( pTab->pSelect ){ sqliteSetString(&pParse->zErrMsg, "views may not be indexed", 0); pParse->nErr++; goto exit_create_index; } if( sqliteAuthInsert(pParse, SCHEMA_TABLE(pTab->isTemp), 1) ){ goto exit_create_index; } /* If this index is created while re-reading the schema from sqlite_master ** but the table associated with this index is a temporary table, it can ** only mean that the table that this index is really associated with is ** one whose name is hidden behind a temporary table with the same name. ** Since its table has been suppressed, we need to also suppress the ** index. ................................................................................ for(pLoop=pTab->pIndex, n=1; pLoop; pLoop=pLoop->pNext, n++){} sprintf(zBuf,"%d)",n); zName = 0; sqliteSetString(&zName, "(", pTab->zName, " autoindex ", zBuf, 0); if( zName==0 ) goto exit_create_index; hideName = sqliteFindIndex(db, zName)!=0; } /* If pList==0, it means this routine was called to make a primary ** key out of the last column added to the table under construction. ** So create a fake list to simulate this. */ if( pList==0 ){ nullId.z = pTab->aCol[pTab->nCol-1].zName; ................................................................................ } if( pIndex->autoIndex ){ sqliteSetString(&pParse->zErrMsg, "index associated with UNIQUE " "or PRIMARY KEY constraint cannot be dropped", 0); pParse->nErr++; return; } if( sqliteAuthDelete(pParse, SCHEMA_TABLE(pIndex->pTable->isTemp), 1) ){ return; } /* Generate code to remove the index and from the master table */ v = sqliteGetVdbe(pParse); if( v ){ static VdbeOp dropIndex[] = { { OP_Rewind, 0, ADDR(9), 0}, { OP_String, 0, 0, 0}, /* 1 */ ................................................................................ sqlite *db = pParse->db; zTab = sqliteTableNameFromToken(pTableName); if( sqlite_malloc_failed || zTab==0 ) goto copy_cleanup; pTab = sqliteTableNameToTable(pParse, zTab); sqliteFree(zTab); if( pTab==0 ) goto copy_cleanup; if( sqliteAuthInsert(pParse, zTab, 0) ){ goto copy_cleanup; } if( sqliteAuthCommand(pParse, "COPY", zTab) ){ goto copy_cleanup; } v = sqliteGetVdbe(pParse); if( v ){ int openOp; sqliteBeginWriteOperation(pParse, 1, pTab->isTemp); addr = sqliteVdbeAddOp(v, OP_FileOpen, 0, 0); ................................................................................ ** Begin a transaction */ void sqliteBeginTransaction(Parse *pParse, int onError){ sqlite *db; if( pParse==0 || (db=pParse->db)==0 || db->pBe==0 ) return; if( pParse->nErr || sqlite_malloc_failed ) return; if( sqliteAuthCommand(pParse, "BEGIN", "") ) return; if( db->flags & SQLITE_InTrans ){ pParse->nErr++; sqliteSetString(&pParse->zErrMsg, "cannot start a transaction " "within a transaction", 0); return; } sqliteBeginWriteOperation(pParse, 0, 0); ................................................................................ ** Commit a transaction */ void sqliteCommitTransaction(Parse *pParse){ sqlite *db; if( pParse==0 || (db=pParse->db)==0 || db->pBe==0 ) return; if( pParse->nErr || sqlite_malloc_failed ) return; if( sqliteAuthCommand(pParse, "COMMIT", "") ) return; if( (db->flags & SQLITE_InTrans)==0 ){ pParse->nErr++; sqliteSetString(&pParse->zErrMsg, "cannot commit - no transaction is active", 0); return; } db->flags &= ~SQLITE_InTrans; ................................................................................ */ void sqliteRollbackTransaction(Parse *pParse){ sqlite *db; Vdbe *v; if( pParse==0 || (db=pParse->db)==0 || db->pBe==0 ) return; if( pParse->nErr || sqlite_malloc_failed ) return; if( sqliteAuthCommand(pParse, "ROLLBACK", "") ) return; if( (db->flags & SQLITE_InTrans)==0 ){ pParse->nErr++; sqliteSetString(&pParse->zErrMsg, "cannot rollback - no transaction is active", 0); return; } v = sqliteGetVdbe(pParse); ................................................................................ if( minusFlag ){ zRight = 0; sqliteSetNString(&zRight, "-", 1, pRight->z, pRight->n, 0); }else{ zRight = sqliteStrNDup(pRight->z, pRight->n); sqliteDequote(zRight); } if( sqliteAuthCommand(pParse, "PRAGMA", zLeft) ) return; /* ** PRAGMA default_cache_size ** PRAGMA default_cache_size=N ** ** The first form reports the current persistent setting for the ** page cache size. The value returned is the maximum number of |
| | > > > > > > | > > > > > > > > > > > > > > > > > > > > > > | > | > > > > > > > > > > > > > > > > > > > > < < < < < < > > > > > > > > > > > > > | > > > > | | > > > > > > | | < < | | | | |
21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 ... 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 ... 919 920 921 922 923 924 925 926 927 928 929 930 931 932 933 .... 1096 1097 1098 1099 1100 1101 1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 .... 1138 1139 1140 1141 1142 1143 1144 1145 1146 1147 1148 1149 1150 1151 .... 1416 1417 1418 1419 1420 1421 1422 1423 1424 1425 1426 1427 1428 1429 .... 1479 1480 1481 1482 1483 1484 1485 1486 1487 1488 1489 1490 1491 1492 1493 1494 1495 1496 1497 1498 1499 1500 1501 1502 1503 1504 1505 .... 1690 1691 1692 1693 1694 1695 1696 1697 1698 1699 1700 1701 1702 1703 1704 1705 1706 1707 1708 1709 1710 1711 1712 1713 1714 1715 1716 .... 1899 1900 1901 1902 1903 1904 1905 1906 1907 1908 1909 1910 1911 1912 1913 1914 .... 1985 1986 1987 1988 1989 1990 1991 1992 1993 1994 1995 1996 1997 1998 1999 .... 2005 2006 2007 2008 2009 2010 2011 2012 2013 2014 2015 2016 2017 2018 2019 .... 2026 2027 2028 2029 2030 2031 2032 2033 2034 2035 2036 2037 2038 2039 2040 .... 2135 2136 2137 2138 2139 2140 2141 2142 2143 2144 2145 2146 2147 2148 2149 |
** COPY ** VACUUM ** BEGIN TRANSACTION ** COMMIT ** ROLLBACK ** PRAGMA ** ** $Id: build.c,v 1.121 2003/01/13 23:27:32 drh Exp $ */ #include "sqliteInt.h" #include <ctype.h> /* ** This routine is called when a new SQL statement is beginning to ** be parsed. Check to see if the schema for the database needs ................................................................................ ** ** The new table record is initialized and put in pParse->pNewTable. ** As more of the CREATE TABLE statement is parsed, additional action ** routines will be called to add more information to this record. ** At the end of the CREATE TABLE statement, the sqliteEndTable() routine ** is called to complete the construction of the new table record. */ void sqliteStartTable( Parse *pParse, /* Parser context */ Token *pStart, /* The "CREATE" token */ Token *pName, /* Name of table or view to create */ int isTemp, /* True if this is a TEMP table */ int isView /* True if this is a VIEW */ ){ Table *pTable; Index *pIdx; char *zName; sqlite *db = pParse->db; Vdbe *v; pParse->sFirstToken = *pStart; zName = sqliteTableNameFromToken(pName); if( zName==0 ) return; #ifndef SQLITE_OMIT_AUTHORIZATION if( sqliteAuthCheck(pParse, SQLITE_INSERT, SCHEMA_TABLE(isTemp), 0) ){ return; } { int code; if( isView ){ if( isTemp ){ code = SQLITE_CREATE_TEMP_VIEW; }else{ code = SQLITE_CREATE_VIEW; } }else{ if( isTemp ){ code = SQLITE_CREATE_TEMP_TABLE; }else{ code = SQLITE_CREATE_TABLE; } } if( sqliteAuthCheck(pParse, code, zName, 0) ){ return; } } #endif /* Before trying to create a temporary table, make sure the Btree for ** holding temporary tables is open. */ if( isTemp && db->pBeTemp==0 ){ int rc = sqliteBtreeOpen(0, 0, MAX_PAGES, &db->pBeTemp); if( rc!=SQLITE_OK ){ ................................................................................ int isTemp /* TRUE for a TEMPORARY view */ ){ Table *p; int n; const char *z; Token sEnd; sqliteStartTable(pParse, pBegin, pName, isTemp, 1); p = pParse->pNewTable; if( p==0 || pParse->nErr ){ sqliteSelectDelete(pSelect); return; } /* Make a copy of the entire SELECT statement that defines the view. ................................................................................ Vdbe *v; int base; sqlite *db = pParse->db; if( pParse->nErr || sqlite_malloc_failed ) return; pTable = sqliteTableFromToken(pParse, pName); if( pTable==0 ) return; #ifndef SQLITE_OMIT_AUTHORIZATION if( sqliteAuthCheck(pParse, SQLITE_DELETE, SCHEMA_TABLE(pTable->isTemp),0)){ return; } { int code; if( isView ){ if( pTable->isTemp ){ code = SQLITE_DROP_TEMP_VIEW; }else{ code = SQLITE_DROP_VIEW; } }else{ if( pTable->isTemp ){ code = SQLITE_DROP_TEMP_TABLE; }else{ code = SQLITE_DROP_TABLE; } } if( sqliteAuthCheck(pParse, code, pTable->zName, 0) ){ return; } } #endif if( pTable->readOnly ){ sqliteSetString(&pParse->zErrMsg, "table ", pTable->zName, " may not be dropped", 0); pParse->nErr++; return; } if( isView && pTable->pSelect==0 ){ ................................................................................ } if( !isView && pTable->pSelect ){ sqliteSetString(&pParse->zErrMsg, "use DROP VIEW to delete view ", pTable->zName, 0); pParse->nErr++; return; } /* Generate code to remove the table from the master table ** on disk. */ v = sqliteGetVdbe(pParse); if( v ){ static VdbeOp dropTable[] = { ................................................................................ goto exit_create_index; } if( pTab->pSelect ){ sqliteSetString(&pParse->zErrMsg, "views may not be indexed", 0); pParse->nErr++; goto exit_create_index; } /* If this index is created while re-reading the schema from sqlite_master ** but the table associated with this index is a temporary table, it can ** only mean that the table that this index is really associated with is ** one whose name is hidden behind a temporary table with the same name. ** Since its table has been suppressed, we need to also suppress the ** index. ................................................................................ for(pLoop=pTab->pIndex, n=1; pLoop; pLoop=pLoop->pNext, n++){} sprintf(zBuf,"%d)",n); zName = 0; sqliteSetString(&zName, "(", pTab->zName, " autoindex ", zBuf, 0); if( zName==0 ) goto exit_create_index; hideName = sqliteFindIndex(db, zName)!=0; } /* Check for authorization to create an index. */ #ifndef SQLITE_OMIT_AUTHORIZATION if( sqliteAuthCheck(pParse, SQLITE_INSERT, SCHEMA_TABLE(pTab->isTemp), 0) ){ goto exit_create_index; } i = SQLITE_CREATE_INDEX; if( pTab->isTemp ) i = SQLITE_CREATE_TEMP_INDEX; if( sqliteAuthCheck(pParse, i, zName, pTab->zName) ){ goto exit_create_index; } #endif /* If pList==0, it means this routine was called to make a primary ** key out of the last column added to the table under construction. ** So create a fake list to simulate this. */ if( pList==0 ){ nullId.z = pTab->aCol[pTab->nCol-1].zName; ................................................................................ } if( pIndex->autoIndex ){ sqliteSetString(&pParse->zErrMsg, "index associated with UNIQUE " "or PRIMARY KEY constraint cannot be dropped", 0); pParse->nErr++; return; } #ifndef SQLITE_OMIT_AUTHORIZATION { int code = SQLITE_DROP_INDEX; Table *pTab = pIndex->pTable; if( sqliteAuthCheck(pParse, SQLITE_DELETE, SCHEMA_TABLE(pTab->isTemp), 0) ){ return; } if( pTab->isTemp ) code = SQLITE_DROP_TEMP_INDEX; if( sqliteAuthCheck(pParse, code, pIndex->zName, 0) ){ return; } } #endif /* Generate code to remove the index and from the master table */ v = sqliteGetVdbe(pParse); if( v ){ static VdbeOp dropIndex[] = { { OP_Rewind, 0, ADDR(9), 0}, { OP_String, 0, 0, 0}, /* 1 */ ................................................................................ sqlite *db = pParse->db; zTab = sqliteTableNameFromToken(pTableName); if( sqlite_malloc_failed || zTab==0 ) goto copy_cleanup; pTab = sqliteTableNameToTable(pParse, zTab); sqliteFree(zTab); if( pTab==0 ) goto copy_cleanup; if( sqliteAuthCheck(pParse, SQLITE_INSERT, pTab->zName, 0) || sqliteAuthCheck(pParse, SQLITE_COPY, pTab->zName, 0) ){ goto copy_cleanup; } v = sqliteGetVdbe(pParse); if( v ){ int openOp; sqliteBeginWriteOperation(pParse, 1, pTab->isTemp); addr = sqliteVdbeAddOp(v, OP_FileOpen, 0, 0); ................................................................................ ** Begin a transaction */ void sqliteBeginTransaction(Parse *pParse, int onError){ sqlite *db; if( pParse==0 || (db=pParse->db)==0 || db->pBe==0 ) return; if( pParse->nErr || sqlite_malloc_failed ) return; if( sqliteAuthCheck(pParse, SQLITE_TRANSACTION, "BEGIN", 0) ) return; if( db->flags & SQLITE_InTrans ){ pParse->nErr++; sqliteSetString(&pParse->zErrMsg, "cannot start a transaction " "within a transaction", 0); return; } sqliteBeginWriteOperation(pParse, 0, 0); ................................................................................ ** Commit a transaction */ void sqliteCommitTransaction(Parse *pParse){ sqlite *db; if( pParse==0 || (db=pParse->db)==0 || db->pBe==0 ) return; if( pParse->nErr || sqlite_malloc_failed ) return; if( sqliteAuthCheck(pParse, SQLITE_TRANSACTION, "COMMIT", 0) ) return; if( (db->flags & SQLITE_InTrans)==0 ){ pParse->nErr++; sqliteSetString(&pParse->zErrMsg, "cannot commit - no transaction is active", 0); return; } db->flags &= ~SQLITE_InTrans; ................................................................................ */ void sqliteRollbackTransaction(Parse *pParse){ sqlite *db; Vdbe *v; if( pParse==0 || (db=pParse->db)==0 || db->pBe==0 ) return; if( pParse->nErr || sqlite_malloc_failed ) return; if( sqliteAuthCheck(pParse, SQLITE_TRANSACTION, "ROLLBACK", 0) ) return; if( (db->flags & SQLITE_InTrans)==0 ){ pParse->nErr++; sqliteSetString(&pParse->zErrMsg, "cannot rollback - no transaction is active", 0); return; } v = sqliteGetVdbe(pParse); ................................................................................ if( minusFlag ){ zRight = 0; sqliteSetNString(&zRight, "-", 1, pRight->z, pRight->n, 0); }else{ zRight = sqliteStrNDup(pRight->z, pRight->n); sqliteDequote(zRight); } if( sqliteAuthCheck(pParse, SQLITE_PRAGMA, zLeft, zRight) ) return; /* ** PRAGMA default_cache_size ** PRAGMA default_cache_size=N ** ** The first form reports the current persistent setting for the ** page cache size. The value returned is the maximum number of |
Changes to src/delete.c.
8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 .. 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 ... 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 |
** May you find forgiveness for yourself and forgive others. ** May you share freely, never taking more than you give. ** ************************************************************************* ** This file contains C code routines that are called by the parser ** to handle DELETE FROM statements. ** ** $Id: delete.c,v 1.44 2003/01/12 18:02:18 drh Exp $ */ #include "sqliteInt.h" /* ** Given a table name, find the corresponding table and make sure the ** table is writeable. Generate an error and return NULL if not. If ................................................................................ int base; /* Index of the first available table cursor */ sqlite *db; /* Main database structure */ int openOp; /* Opcode used to open a cursor to the table */ int row_triggers_exist = 0; int oldIdx = -1; if( pParse->nErr || sqlite_malloc_failed || sqliteAuthCommand(pParse,"DELETE",0) ){ pTabList = 0; goto delete_from_cleanup; } db = pParse->db; /* Check for the special case of a VIEW with one or more ON DELETE triggers ** defined ................................................................................ ** an SrcList* parameter instead of just a Table* parameter. */ pTabList = sqliteTableTokenToSrcList(pParse, pTableName); if( pTabList==0 ) goto delete_from_cleanup; assert( pTabList->nSrc==1 ); pTab = pTabList->a[0].pTab; assert( pTab->pSelect==0 ); /* This table is not a view */ if( sqliteAuthDelete(pParse, pTab->zName, 0) ) goto delete_from_cleanup; /* Allocate a cursor used to store the old.* data for a trigger. */ if( row_triggers_exist ){ oldIdx = pParse->nTab++; } |
| | < > | > |
8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 .. 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 ... 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 |
** May you find forgiveness for yourself and forgive others. ** May you share freely, never taking more than you give. ** ************************************************************************* ** This file contains C code routines that are called by the parser ** to handle DELETE FROM statements. ** ** $Id: delete.c,v 1.45 2003/01/13 23:27:33 drh Exp $ */ #include "sqliteInt.h" /* ** Given a table name, find the corresponding table and make sure the ** table is writeable. Generate an error and return NULL if not. If ................................................................................ int base; /* Index of the first available table cursor */ sqlite *db; /* Main database structure */ int openOp; /* Opcode used to open a cursor to the table */ int row_triggers_exist = 0; int oldIdx = -1; if( pParse->nErr || sqlite_malloc_failed ){ pTabList = 0; goto delete_from_cleanup; } db = pParse->db; /* Check for the special case of a VIEW with one or more ON DELETE triggers ** defined ................................................................................ ** an SrcList* parameter instead of just a Table* parameter. */ pTabList = sqliteTableTokenToSrcList(pParse, pTableName); if( pTabList==0 ) goto delete_from_cleanup; assert( pTabList->nSrc==1 ); pTab = pTabList->a[0].pTab; assert( pTab->pSelect==0 ); /* This table is not a view */ if( sqliteAuthCheck(pParse, SQLITE_DELETE, pTab->zName, 0) ){ goto delete_from_cleanup; } /* Allocate a cursor used to store the old.* data for a trigger. */ if( row_triggers_exist ){ oldIdx = pParse->nTab++; } |
Changes to src/insert.c.
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
...
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
|
** May you find forgiveness for yourself and forgive others. ** May you share freely, never taking more than you give. ** ************************************************************************* ** This file contains C code routines that are called by the parser ** to handle INSERT statements in SQLite. ** ** $Id: insert.c,v 1.70 2003/01/12 19:33:53 drh Exp $ */ #include "sqliteInt.h" /* ** This routine is call to handle SQL of the following forms: ** ** insert into TABLE (IDLIST) values(EXPRLIST) ................................................................................ int iInsertBlock; /* Address of the subroutine used to insert data */ int iCntMem; /* Memory cell used for the row counter */ int row_triggers_exist = 0; /* True if there are FOR EACH ROW triggers */ int newIdx = -1; if( pParse->nErr || sqlite_malloc_failed ) goto insert_cleanup; if( sqliteAuthCommand(pParse, "INSERT", 0) ) goto insert_cleanup; db = pParse->db; /* Locate the table into which we will be inserting new information. */ zTab = sqliteTableNameFromToken(pTableName); if( zTab==0 ) goto insert_cleanup; pTab = sqliteFindTable(pParse->db, zTab); if( pTab==0 ){ sqliteSetString(&pParse->zErrMsg, "no such table: ", zTab, 0); pParse->nErr++; goto insert_cleanup; } if( sqliteAuthInsert(pParse, zTab, 0) ){ goto insert_cleanup; } /* Ensure that: * (a) the table is not read-only, * (b) that if it is a view then ON INSERT triggers exist */ |
|
<
|
|
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
...
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
|
** May you find forgiveness for yourself and forgive others. ** May you share freely, never taking more than you give. ** ************************************************************************* ** This file contains C code routines that are called by the parser ** to handle INSERT statements in SQLite. ** ** $Id: insert.c,v 1.71 2003/01/13 23:27:33 drh Exp $ */ #include "sqliteInt.h" /* ** This routine is call to handle SQL of the following forms: ** ** insert into TABLE (IDLIST) values(EXPRLIST) ................................................................................ int iInsertBlock; /* Address of the subroutine used to insert data */ int iCntMem; /* Memory cell used for the row counter */ int row_triggers_exist = 0; /* True if there are FOR EACH ROW triggers */ int newIdx = -1; if( pParse->nErr || sqlite_malloc_failed ) goto insert_cleanup; db = pParse->db; /* Locate the table into which we will be inserting new information. */ zTab = sqliteTableNameFromToken(pTableName); if( zTab==0 ) goto insert_cleanup; pTab = sqliteFindTable(pParse->db, zTab); if( pTab==0 ){ sqliteSetString(&pParse->zErrMsg, "no such table: ", zTab, 0); pParse->nErr++; goto insert_cleanup; } if( sqliteAuthCheck(pParse, SQLITE_INSERT, pTab->zName, 0) ){ goto insert_cleanup; } /* Ensure that: * (a) the table is not read-only, * (b) that if it is a view then ON INSERT triggers exist */ |
Changes to src/parse.y.
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
..
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
|
** ************************************************************************* ** This file contains SQLite's grammar for SQL. Process this file ** using the lemon parser generator to generate C code that runs ** the parser. Lemon will also generate a header file containing ** numeric codes for all of the tokens. ** ** @(#) $Id: parse.y,v 1.86 2003/01/07 02:47:48 drh Exp $ */ %token_prefix TK_ %token_type {Token} %default_type {Token} %extra_argument {Parse *pParse} %syntax_error { sqliteSetString(&pParse->zErrMsg,"syntax error",0); ................................................................................ cmd ::= END trans_opt. {sqliteCommitTransaction(pParse);} cmd ::= ROLLBACK trans_opt. {sqliteRollbackTransaction(pParse);} ///////////////////// The CREATE TABLE statement //////////////////////////// // cmd ::= create_table create_table_args. create_table ::= CREATE(X) temp(T) TABLE nm(Y). { sqliteStartTable(pParse,&X,&Y,T); } %type temp {int} temp(A) ::= TEMP. {A = pParse->isTemp || !pParse->initFlag;} temp(A) ::= . {A = pParse->isTemp;} create_table_args ::= LP columnlist conslist_opt RP(X). { sqliteEndTable(pParse,&X,0); } |
|
|
|
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
..
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
|
** ************************************************************************* ** This file contains SQLite's grammar for SQL. Process this file ** using the lemon parser generator to generate C code that runs ** the parser. Lemon will also generate a header file containing ** numeric codes for all of the tokens. ** ** @(#) $Id: parse.y,v 1.87 2003/01/13 23:27:33 drh Exp $ */ %token_prefix TK_ %token_type {Token} %default_type {Token} %extra_argument {Parse *pParse} %syntax_error { sqliteSetString(&pParse->zErrMsg,"syntax error",0); ................................................................................ cmd ::= END trans_opt. {sqliteCommitTransaction(pParse);} cmd ::= ROLLBACK trans_opt. {sqliteRollbackTransaction(pParse);} ///////////////////// The CREATE TABLE statement //////////////////////////// // cmd ::= create_table create_table_args. create_table ::= CREATE(X) temp(T) TABLE nm(Y). { sqliteStartTable(pParse,&X,&Y,T,0); } %type temp {int} temp(A) ::= TEMP. {A = pParse->isTemp || !pParse->initFlag;} temp(A) ::= . {A = pParse->isTemp;} create_table_args ::= LP columnlist conslist_opt RP(X). { sqliteEndTable(pParse,&X,0); } |
Changes to src/select.c.
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
....
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
|
** May you find forgiveness for yourself and forgive others. ** May you share freely, never taking more than you give. ** ************************************************************************* ** This file contains C code routines that are called by the parser ** to handle SELECT statements in SQLite. ** ** $Id: select.c,v 1.120 2003/01/12 18:02:18 drh Exp $ */ #include "sqliteInt.h" /* ** Allocate a new Select structure and return a pointer to that ** structure. ................................................................................ Expr *pHaving; /* The HAVING clause. May be NULL */ int isDistinct; /* True if the DISTINCT keyword is present */ int distinct; /* Table to use for the distinct set */ int base; /* First cursor available for use */ int rc = 1; /* Value to return from this function */ if( sqlite_malloc_failed || pParse->nErr || p==0 ) return 1; if( sqliteAuthCommand(pParse, "SELECT", 0) ) return 1; /* If there is are a sequence of queries, do the earlier ones first. */ if( p->pPrior ){ return multiSelect(pParse, p, eDest, iParm); } |
|
|
|
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
....
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
|
** May you find forgiveness for yourself and forgive others. ** May you share freely, never taking more than you give. ** ************************************************************************* ** This file contains C code routines that are called by the parser ** to handle SELECT statements in SQLite. ** ** $Id: select.c,v 1.121 2003/01/13 23:27:33 drh Exp $ */ #include "sqliteInt.h" /* ** Allocate a new Select structure and return a pointer to that ** structure. ................................................................................ Expr *pHaving; /* The HAVING clause. May be NULL */ int isDistinct; /* True if the DISTINCT keyword is present */ int distinct; /* Table to use for the distinct set */ int base; /* First cursor available for use */ int rc = 1; /* Value to return from this function */ if( sqlite_malloc_failed || pParse->nErr || p==0 ) return 1; if( sqliteAuthCheck(pParse, SQLITE_SELECT, 0, 0) ) return 1; /* If there is are a sequence of queries, do the earlier ones first. */ if( p->pPrior ){ return multiSelect(pParse, p, eDest, iParm); } |
Changes to src/sqlite.h.in.
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
...
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
|
** May you find forgiveness for yourself and forgive others. ** May you share freely, never taking more than you give. ** ************************************************************************* ** This header file defines the interface that the SQLite library ** presents to client programs. ** ** @(#) $Id: sqlite.h.in,v 1.36 2003/01/12 18:02:18 drh Exp $ */ #ifndef _SQLITE_H_ #define _SQLITE_H_ #include <stdarg.h> /* Needed for the definition of va_list */ /* ** The version of the SQLite library. ................................................................................ ** in the database. The callback returns SQLITE_OK if access is allowed, ** SQLITE_DENY if the entire SQL statement should be aborted with an error ** and SQLITE_IGNORE if the column should be treated as a NULL value. */ int sqlite_set_authorizer( sqlite*, int (*xAuth)(void*,int,const char*,const char*), void* ); /* ** The second parameter to the access authorization function above will ** be one of these values: */ #define SQLITE_READ_COLUMN 1 /* Is it OK to read the specified column? */ #define SQLITE_WRITE_COLUMN 2 /* Is it OK to update the specified column? */ #define SQLITE_DELETE_ROW 3 /* Is it OK to delete a row from the table? */ #define SQLITE_INSERT_ROW 4 /* Is it OK to insert a new row in the table? */ #define SQLITE_COMMAND 5 /* Is it OK to execute a particular command? */ /* ** The return value of the authorization function should be one of the ** following constants: */ /* #define SQLITE_OK 0 // Allow access (This is actually defined above) */ #define SQLITE_DENY 1 /* Abort the SQL statement with an error */ |
|
|
|
>
>
>
>
>
<
<
<
<
<
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
|
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
...
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
|
** May you find forgiveness for yourself and forgive others. ** May you share freely, never taking more than you give. ** ************************************************************************* ** This header file defines the interface that the SQLite library ** presents to client programs. ** ** @(#) $Id: sqlite.h.in,v 1.37 2003/01/13 23:27:33 drh Exp $ */ #ifndef _SQLITE_H_ #define _SQLITE_H_ #include <stdarg.h> /* Needed for the definition of va_list */ /* ** The version of the SQLite library. ................................................................................ ** in the database. The callback returns SQLITE_OK if access is allowed, ** SQLITE_DENY if the entire SQL statement should be aborted with an error ** and SQLITE_IGNORE if the column should be treated as a NULL value. */ int sqlite_set_authorizer( sqlite*, int (*xAuth)(void*,int,const char*,const char*), void *pUserData ); /* ** The second parameter to the access authorization function above will ** be one of the values below. These values signify what kind of operation ** is to be authorized. The 3rd and 4th parameters to the authorization ** function will be parameters or NULL depending on which of the following ** codes is used as the second parameter. ** ** Arg-3 Arg-4 */ #define SQLITE_COPY 0 /* Table Name NULL */ #define SQLITE_CREATE_INDEX 1 /* Index Name Table Name */ #define SQLITE_CREATE_TABLE 2 /* Table Name NULL */ #define SQLITE_CREATE_TEMP_INDEX 3 /* Index Name Table Name */ #define SQLITE_CREATE_TEMP_TABLE 4 /* Table Name NULL */ #define SQLITE_CREATE_TEMP_TRIGGER 5 /* Trigger Name NULL */ #define SQLITE_CREATE_TEMP_VIEW 6 /* View Name NULL */ #define SQLITE_CREATE_TRIGGER 7 /* Trigger Name NULL */ #define SQLITE_CREATE_VIEW 8 /* View Name NULL */ #define SQLITE_DELETE 9 /* Table Name NULL */ #define SQLITE_DROP_INDEX 10 /* Index Name NULL */ #define SQLITE_DROP_TABLE 11 /* Table Name NULL */ #define SQLITE_DROP_TEMP_INDEX 12 /* Index Name NULL */ #define SQLITE_DROP_TEMP_TABLE 13 /* Table Name NULL */ #define SQLITE_DROP_TEMP_TRIGGER 14 /* Trigger Name NULL */ #define SQLITE_DROP_TEMP_VIEW 15 /* View Name NULL */ #define SQLITE_DROP_TRIGGER 16 /* Trigger Name NULL */ #define SQLITE_DROP_VIEW 17 /* View Name NULL */ #define SQLITE_INSERT 18 /* Table Name NULL */ #define SQLITE_PRAGMA 19 /* Pragma Name 1st arg or NULL */ #define SQLITE_READ 20 /* Table Name Column Name */ #define SQLITE_SELECT 21 /* NULL NULL */ #define SQLITE_TRANSACTION 22 /* NULL NULL */ #define SQLITE_UPDATE 23 /* Table Name Column Name */ /* ** The return value of the authorization function should be one of the ** following constants: */ /* #define SQLITE_OK 0 // Allow access (This is actually defined above) */ #define SQLITE_DENY 1 /* Abort the SQL statement with an error */ |
Changes to src/sqliteInt.h.
7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 ... 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 .... 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 1043 1044 1045 1046 1047 |
** May you do good and not evil. ** May you find forgiveness for yourself and forgive others. ** May you share freely, never taking more than you give. ** ************************************************************************* ** Internal interface definitions for SQLite. ** ** @(#) $Id: sqliteInt.h,v 1.153 2003/01/12 18:02:18 drh Exp $ */ #include "config.h" #include "sqlite.h" #include "hash.h" #include "vdbe.h" #include "parse.h" #include "btree.h" ................................................................................ void sqliteResetInternalSchema(sqlite*); int sqliteInit(sqlite*, char**); void sqliteBeginParse(Parse*,int); void sqliteRollbackInternalChanges(sqlite*); void sqliteCommitInternalChanges(sqlite*); Table *sqliteResultSetOfSelect(Parse*,char*,Select*); void sqliteOpenMasterTable(Vdbe *v, int); void sqliteStartTable(Parse*,Token*,Token*,int); void sqliteAddColumn(Parse*,Token*); void sqliteAddNotNull(Parse*, int); void sqliteAddPrimaryKey(Parse*, IdList*, int); void sqliteAddColumnType(Parse*,Token*,Token*); void sqliteAddDefaultValue(Parse*,Token*,int); int sqliteCollateType(Parse*, Token*); void sqliteAddCollateType(Parse*, int); ................................................................................ TriggerStep *sqliteTriggerDeleteStep(Token*, Expr*); void sqliteDeleteTrigger(Trigger*); int sqliteJoinType(Parse*, Token*, Token*, Token*); void sqliteCreateForeignKey(Parse*, IdList*, Token*, IdList*, int); void sqliteDeferForeignKey(Parse*, int); #ifndef SQLITE_OMIT_AUTHORIZATION void sqliteAuthRead(Parse*,Expr*,SrcList*,int); int sqliteAuthDelete(Parse*,const char*, int); int sqliteAuthInsert(Parse*,const char*, int); int sqliteAuthCommand(Parse*,const char*,const char*); #else # define sqliteAuthRead(a,b,c,d) # define sqliteAuthDelete(a,b,c) SQLITE_OK # define sqliteAuthInsert(a,b,c) SQLITE_OK # define sqliteAuthWrite(a,b,c) SQLITE_OK # define sqliteAuthCommand(a,b,c) SQLITE_OK #endif |
| | | < < < < < | |
7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 ... 934 935 936 937 938 939 940 941 942 943 944 945 946 947 948 .... 1031 1032 1033 1034 1035 1036 1037 1038 1039 1040 1041 1042 |
** May you do good and not evil. ** May you find forgiveness for yourself and forgive others. ** May you share freely, never taking more than you give. ** ************************************************************************* ** Internal interface definitions for SQLite. ** ** @(#) $Id: sqliteInt.h,v 1.154 2003/01/13 23:27:33 drh Exp $ */ #include "config.h" #include "sqlite.h" #include "hash.h" #include "vdbe.h" #include "parse.h" #include "btree.h" ................................................................................ void sqliteResetInternalSchema(sqlite*); int sqliteInit(sqlite*, char**); void sqliteBeginParse(Parse*,int); void sqliteRollbackInternalChanges(sqlite*); void sqliteCommitInternalChanges(sqlite*); Table *sqliteResultSetOfSelect(Parse*,char*,Select*); void sqliteOpenMasterTable(Vdbe *v, int); void sqliteStartTable(Parse*,Token*,Token*,int,int); void sqliteAddColumn(Parse*,Token*); void sqliteAddNotNull(Parse*, int); void sqliteAddPrimaryKey(Parse*, IdList*, int); void sqliteAddColumnType(Parse*,Token*,Token*); void sqliteAddDefaultValue(Parse*,Token*,int); int sqliteCollateType(Parse*, Token*); void sqliteAddCollateType(Parse*, int); ................................................................................ TriggerStep *sqliteTriggerDeleteStep(Token*, Expr*); void sqliteDeleteTrigger(Trigger*); int sqliteJoinType(Parse*, Token*, Token*, Token*); void sqliteCreateForeignKey(Parse*, IdList*, Token*, IdList*, int); void sqliteDeferForeignKey(Parse*, int); #ifndef SQLITE_OMIT_AUTHORIZATION void sqliteAuthRead(Parse*,Expr*,SrcList*,int); int sqliteAuthCheck(Parse*,int, const char*, const char*); #else # define sqliteAuthRead(a,b,c,d) # define sqliteAuthCheck(a,b,c,d) SQLITE_OK #endif |
Changes to src/test1.c.
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
...
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
|
** May you share freely, never taking more than you give. ** ************************************************************************* ** Code for testing the printf() interface to SQLite. This code ** is not included in the SQLite library. It is used for automated ** testing of the SQLite library. ** ** $Id: test1.c,v 1.15 2003/01/12 18:02:19 drh Exp $ */ #include "sqliteInt.h" #include "tcl.h" #include <stdlib.h> #include <string.h> /* ................................................................................ const char *zArg2 ){ char *zCode; Tcl_DString str; int rc; const char *zReply; switch( code ){ case SQLITE_READ_COLUMN: zCode="SQLITE_READ_COLUMN"; break; case SQLITE_WRITE_COLUMN: zCode="SQLITE_WRITE_COLUMN"; break; case SQLITE_INSERT_ROW: zCode="SQLITE_INSERT_ROW"; break; case SQLITE_DELETE_ROW: zCode="SQLITE_DELETE_ROW"; break; case SQLITE_COMMAND: zCode="SQLITE_COMMAND"; break; default: zCode="unknown code"; break; } Tcl_DStringInit(&str); Tcl_DStringAppend(&str, authInfo.zCmd, -1); Tcl_DStringAppendElement(&str, zCode); Tcl_DStringAppendElement(&str, zArg1); Tcl_DStringAppendElement(&str, zArg2 ? zArg2 : ""); rc = Tcl_GlobalEval(authInfo.interp, Tcl_DStringValue(&str)); Tcl_DStringFree(&str); zReply = Tcl_GetStringResult(authInfo.interp); if( strcmp(zReply,"SQLITE_OK")==0 ){ rc = SQLITE_OK; }else if( strcmp(zReply,"SQLITE_DENY")==0 ){ |
|
|
|
|
|
|
|
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
|
|
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
...
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
|
** May you share freely, never taking more than you give. ** ************************************************************************* ** Code for testing the printf() interface to SQLite. This code ** is not included in the SQLite library. It is used for automated ** testing of the SQLite library. ** ** $Id: test1.c,v 1.16 2003/01/13 23:27:33 drh Exp $ */ #include "sqliteInt.h" #include "tcl.h" #include <stdlib.h> #include <string.h> /* ................................................................................ const char *zArg2 ){ char *zCode; Tcl_DString str; int rc; const char *zReply; switch( code ){ case SQLITE_COPY : zCode="SQLITE_COPY"; break; case SQLITE_CREATE_INDEX : zCode="SQLITE_CREATE_INDEX"; break; case SQLITE_CREATE_TABLE : zCode="SQLITE_CREATE_TABLE"; break; case SQLITE_CREATE_TEMP_INDEX : zCode="SQLITE_CREATE_TEMP_INDEX"; break; case SQLITE_CREATE_TEMP_TABLE : zCode="SQLITE_CREATE_TEMP_TABLE"; break; case SQLITE_CREATE_TEMP_TRIGGER: zCode="SQLITE_CREATE_TEMP_TRIGGER"; break; case SQLITE_CREATE_TEMP_VIEW : zCode="SQLITE_CREATE_TEMP_VIEW"; break; case SQLITE_CREATE_TRIGGER : zCode="SQLITE_CREATE_TRIGGER"; break; case SQLITE_CREATE_VIEW : zCode="SQLITE_CREATE_VIEW"; break; case SQLITE_DELETE : zCode="SQLITE_DELETE"; break; case SQLITE_DROP_INDEX : zCode="SQLITE_DROP_INDEX"; break; case SQLITE_DROP_TABLE : zCode="SQLITE_DROP_TABLE"; break; case SQLITE_DROP_TEMP_INDEX : zCode="SQLITE_DROP_TEMP_INDEX"; break; case SQLITE_DROP_TEMP_TABLE : zCode="SQLITE_DROP_TEMP_TABLE"; break; case SQLITE_DROP_TEMP_TRIGGER : zCode="SQLITE_DROP_TEMP_TRIGGER"; break; case SQLITE_DROP_TEMP_VIEW : zCode="SQLITE_DROP_TEMP_VIEW"; break; case SQLITE_DROP_TRIGGER : zCode="SQLITE_DROP_TRIGGER"; break; case SQLITE_DROP_VIEW : zCode="SQLITE_DROP_VIEW"; break; case SQLITE_INSERT : zCode="SQLITE_INSERT"; break; case SQLITE_PRAGMA : zCode="SQLITE_PRAGMA"; break; case SQLITE_READ : zCode="SQLITE_READ"; break; case SQLITE_SELECT : zCode="SQLITE_SELECT"; break; case SQLITE_TRANSACTION : zCode="SQLITE_TRANSACTION"; break; case SQLITE_UPDATE : zCode="SQLITE_UPDATE"; break; default : zCode="????"; break; } Tcl_DStringInit(&str); Tcl_DStringAppend(&str, authInfo.zCmd, -1); Tcl_DStringAppendElement(&str, zCode); Tcl_DStringAppendElement(&str, zArg1 ? zArg1 : ""); Tcl_DStringAppendElement(&str, zArg2 ? zArg2 : ""); rc = Tcl_GlobalEval(authInfo.interp, Tcl_DStringValue(&str)); Tcl_DStringFree(&str); zReply = Tcl_GetStringResult(authInfo.interp); if( strcmp(zReply,"SQLITE_OK")==0 ){ rc = SQLITE_OK; }else if( strcmp(zReply,"SQLITE_DENY")==0 ){ |
Changes to src/trigger.c.
45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 ... 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 ... 175 176 177 178 179 180 181 182 183 184 185 186 187 188 ... 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 |
int foreach, /* One of TK_ROW or TK_STATEMENT */
Expr *pWhen, /* WHEN clause */
TriggerStep *pStepList, /* The triggered program */
Token *pAll /* Token that describes the complete CREATE TRIGGER */
){
Trigger *nt;
Table *tab;
if( sqliteAuthCommand(pParse, "CREATE", "TRIGGER") ) goto trigger_cleanup;
/* Check that:
** 1. the trigger name does not already exist.
** 2. the table (or view) does exist.
** 3. that we are not trying to create a trigger on the sqlite_master table
** 4. That we are not trying to create an INSTEAD OF trigger on a table.
** 5. That we are not trying to create a BEFORE or AFTER trigger on a view.
*/
{
char *tmp_str = sqliteStrNDup(pName->z, pName->n);
if( sqliteHashFind(&(pParse->db->trigHash), tmp_str, pName->n + 1) ){
sqliteSetNString(&pParse->zErrMsg, "trigger ", -1,
pName->z, pName->n, " already exists", -1, 0);
sqliteFree(tmp_str);
pParse->nErr++;
goto trigger_cleanup;
}
sqliteFree(tmp_str);
}
{
char *tmp_str = sqliteStrNDup(pTableName->z, pTableName->n);
if( tmp_str==0 ) goto trigger_cleanup;
tab = sqliteFindTable(pParse->db, tmp_str);
sqliteFree(tmp_str);
if( !tab ){
................................................................................
goto trigger_cleanup;
}
if( !tab->pSelect && tr_tm == TK_INSTEAD ){
sqliteSetNString(&pParse->zErrMsg, "cannot create INSTEAD OF", -1,
" trigger on table: ", -1, pTableName->z, pTableName->n, 0);
goto trigger_cleanup;
}
if( sqliteAuthInsert(pParse, SCHEMA_TABLE(tab->isTemp), 1) ){
goto trigger_cleanup;
}
}
if (tr_tm == TK_INSTEAD){
tr_tm = TK_BEFORE;
}
/* Build the Trigger object */
nt = (Trigger*)sqliteMalloc(sizeof(Trigger));
if( nt==0 ) goto trigger_cleanup;
nt->name = sqliteStrNDup(pName->z, pName->n);
nt->table = sqliteStrNDup(pTableName->z, pTableName->n);
if( sqlite_malloc_failed ) goto trigger_cleanup;
nt->op = op;
nt->tr_tm = tr_tm;
nt->pWhen = sqliteExprDup(pWhen);
sqliteExprDelete(pWhen);
nt->pColumns = sqliteIdListDup(pColumns);
................................................................................
sqliteFree(nt->name);
sqliteFree(nt->table);
sqliteFree(nt);
}
trigger_cleanup:
sqliteIdListDelete(pColumns);
sqliteExprDelete(pWhen);
sqliteDeleteTriggerStep(pStepList);
}
/*
** Make a copy of all components of the given trigger step. This has
................................................................................
*/
void sqliteDropTrigger(Parse *pParse, Token *pName, int nested){
char *zName;
Trigger *pTrigger;
Table *pTable;
Vdbe *v;
if( sqliteAuthCommand(pParse, "DROP", "TRIGGER") ) return;
zName = sqliteStrNDup(pName->z, pName->n);
/* ensure that the trigger being dropped exists */
pTrigger = sqliteHashFind(&(pParse->db->trigHash), zName, pName->n + 1);
if( !pTrigger ){
sqliteSetNString(&pParse->zErrMsg, "no such trigger: ", -1,
zName, -1, 0);
sqliteFree(zName);
return;
}
pTable = sqliteFindTable(pParse->db, pTrigger->table);
assert(pTable);
if( sqliteAuthDelete(pParse, SCHEMA_TABLE(pTable->isTemp), 1) ){
sqliteFree(zName);
return;
}
/*
* If this is not an "explain", then delete the trigger structure.
*/
if( !pParse->explain ){
if( pTable->pTrigger == pTrigger ){
pTable->pTrigger = pTrigger->pNext;
|
| < < | | | | < | | < < | > > > > | | > > | > > < > > > > > | | | | | > |
45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 .. 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 ... 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 ... 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 |
int foreach, /* One of TK_ROW or TK_STATEMENT */
Expr *pWhen, /* WHEN clause */
TriggerStep *pStepList, /* The triggered program */
Token *pAll /* Token that describes the complete CREATE TRIGGER */
){
Trigger *nt;
Table *tab;
char *zName = 0; /* Name of the trigger */
/* Check that:
** 1. the trigger name does not already exist.
** 2. the table (or view) does exist.
** 3. that we are not trying to create a trigger on the sqlite_master table
** 4. That we are not trying to create an INSTEAD OF trigger on a table.
** 5. That we are not trying to create a BEFORE or AFTER trigger on a view.
*/
zName = sqliteStrNDup(pName->z, pName->n);
if( sqliteHashFind(&(pParse->db->trigHash), zName, pName->n + 1) ){
sqliteSetNString(&pParse->zErrMsg, "trigger ", -1,
pName->z, pName->n, " already exists", -1, 0);
pParse->nErr++;
goto trigger_cleanup;
}
{
char *tmp_str = sqliteStrNDup(pTableName->z, pTableName->n);
if( tmp_str==0 ) goto trigger_cleanup;
tab = sqliteFindTable(pParse->db, tmp_str);
sqliteFree(tmp_str);
if( !tab ){
................................................................................
goto trigger_cleanup;
}
if( !tab->pSelect && tr_tm == TK_INSTEAD ){
sqliteSetNString(&pParse->zErrMsg, "cannot create INSTEAD OF", -1,
" trigger on table: ", -1, pTableName->z, pTableName->n, 0);
goto trigger_cleanup;
}
#ifndef SQLITE_OMIT_AUTHORIZATION
{
int code = SQLITE_CREATE_TRIGGER;
if( tab->isTemp ) code = SQLITE_CREATE_TEMP_TRIGGER;
if( sqliteAuthCheck(pParse, code, zName, tab->zName) ){
goto trigger_cleanup;
}
}
#endif
}
if (tr_tm == TK_INSTEAD){
tr_tm = TK_BEFORE;
}
/* Build the Trigger object */
nt = (Trigger*)sqliteMalloc(sizeof(Trigger));
if( nt==0 ) goto trigger_cleanup;
nt->name = zName;
zName = 0;
nt->table = sqliteStrNDup(pTableName->z, pTableName->n);
if( sqlite_malloc_failed ) goto trigger_cleanup;
nt->op = op;
nt->tr_tm = tr_tm;
nt->pWhen = sqliteExprDup(pWhen);
sqliteExprDelete(pWhen);
nt->pColumns = sqliteIdListDup(pColumns);
................................................................................
sqliteFree(nt->name);
sqliteFree(nt->table);
sqliteFree(nt);
}
trigger_cleanup:
sqliteFree(zName);
sqliteIdListDelete(pColumns);
sqliteExprDelete(pWhen);
sqliteDeleteTriggerStep(pStepList);
}
/*
** Make a copy of all components of the given trigger step. This has
................................................................................
*/
void sqliteDropTrigger(Parse *pParse, Token *pName, int nested){
char *zName;
Trigger *pTrigger;
Table *pTable;
Vdbe *v;
zName = sqliteStrNDup(pName->z, pName->n);
/* ensure that the trigger being dropped exists */
pTrigger = sqliteHashFind(&(pParse->db->trigHash), zName, pName->n + 1);
if( !pTrigger ){
sqliteSetNString(&pParse->zErrMsg, "no such trigger: ", -1,
zName, -1, 0);
sqliteFree(zName);
return;
}
pTable = sqliteFindTable(pParse->db, pTrigger->table);
assert(pTable);
#ifndef SQLITE_OMIT_AUTHORIZATION
{
int code = SQLITE_DROP_TRIGGER;
if( pTable->isTemp ) code = SQLITE_DROP_TEMP_TRIGGER;
if( sqliteAuthCheck(pParse, code, pTrigger->name, pTable->zName) ||
sqliteAuthCheck(pParse, SQLITE_DELETE, SCHEMA_TABLE(pTable->isTemp),0) ){
sqliteFree(zName);
return;
}
}
#endif
/*
* If this is not an "explain", then delete the trigger structure.
*/
if( !pParse->explain ){
if( pTable->pTrigger == pTrigger ){
pTable->pTrigger = pTrigger->pNext;
|
Changes to src/update.c.
8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 .. 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 ... 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 |
** May you find forgiveness for yourself and forgive others. ** May you share freely, never taking more than you give. ** ************************************************************************* ** This file contains C code routines that are called by the parser ** to handle UPDATE statements. ** ** $Id: update.c,v 1.52 2003/01/12 18:02:19 drh Exp $ */ #include "sqliteInt.h" /* ** Process an UPDATE statement. */ void sqliteUpdate( ................................................................................ int row_triggers_exist = 0; int newIdx = -1; /* index of trigger "new" temp table */ int oldIdx = -1; /* index of trigger "old" temp table */ if( pParse->nErr || sqlite_malloc_failed ) goto update_cleanup; if( sqliteAuthCommand(pParse, "UPDATE", 0) ) goto update_cleanup; db = pParse->db; /* Check for the special case of a VIEW with one or more ON UPDATE triggers * defined */ { char *zTab = sqliteTableNameFromToken(pTableName); ................................................................................ if( j>=pTab->nCol ){ sqliteSetString(&pParse->zErrMsg, "no such column: ", pChanges->a[i].zName, 0); pParse->nErr++; goto update_cleanup; } #ifndef SQLITE_OMIT_AUTHORIZATION if( sqliteAuthWrite(pParse, pTab, j)==SQLITE_IGNORE ){ aXRef[j] = -1; } #endif } /* Allocate memory for the array apIdx[] and fill it with pointers to every ** index that needs to be updated. Indices only need updating if their ** key includes one of the columns named in pChanges or if the record |
| < > > > > > > | | > |
8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 .. 49 50 51 52 53 54 55 56 57 58 59 60 61 62 ... 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 |
** May you find forgiveness for yourself and forgive others. ** May you share freely, never taking more than you give. ** ************************************************************************* ** This file contains C code routines that are called by the parser ** to handle UPDATE statements. ** ** $Id: update.c,v 1.53 2003/01/13 23:27:33 drh Exp $ */ #include "sqliteInt.h" /* ** Process an UPDATE statement. */ void sqliteUpdate( ................................................................................ int row_triggers_exist = 0; int newIdx = -1; /* index of trigger "new" temp table */ int oldIdx = -1; /* index of trigger "old" temp table */ if( pParse->nErr || sqlite_malloc_failed ) goto update_cleanup; db = pParse->db; /* Check for the special case of a VIEW with one or more ON UPDATE triggers * defined */ { char *zTab = sqliteTableNameFromToken(pTableName); ................................................................................ if( j>=pTab->nCol ){ sqliteSetString(&pParse->zErrMsg, "no such column: ", pChanges->a[i].zName, 0); pParse->nErr++; goto update_cleanup; } #ifndef SQLITE_OMIT_AUTHORIZATION { int rc; rc = sqliteAuthCheck(pParse, SQLITE_UPDATE, pTab->zName, pTab->aCol[j].zName); if( rc==SQLITE_DENY ){ goto update_cleanup; }else if( rc==SQLITE_IGNORE ){ aXRef[j] = -1; } } #endif } /* Allocate memory for the array apIdx[] and fill it with pointers to every ** index that needs to be updated. Indices only need updating if their ** key includes one of the columns named in pChanges or if the record |
Changes to test/auth.test.
7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 |
# May you find forgiveness for yourself and forgive others. # May you share freely, never taking more than you give. # #*********************************************************************** # This file implements regression tests for SQLite library. The # focus of this script testing the sqlite_set_authorizer() API. # # $Id: auth.test,v 1.1 2003/01/12 19:33:54 drh Exp $ # set testdir [file dirname $argv0] source $testdir/tester.tcl if {[info command sqlite_set_authorizer]!=""} { do_test auth-1.1 { db close set ::DB [sqlite db test.db] proc auth {code arg1 arg2} { if {$code=="SQLITE_INSERT_ROW" && [string compare -nocase $arg1 sqlite_master]==0} { return SQLITE_DENY } return SQLITE_OK } sqlite_set_authorizer $::DB ::auth catchsql {CREATE TABLE t1(a,b,c)} } {1 {insertion into table sqlite_master is prohibited}} do_test auth-1.2 { proc auth {code arg1 arg2} { if {$code=="SQLITE_INSERT_ROW" && [string compare -nocase $arg1 sqlite_master]==0} { return SQLITE_IGNORE } return SQLITE_OK } catchsql {CREATE TABLE t1(a,b,c)} } {1 {insertion into table sqlite_master is prohibited}} do_test auth-1.3 { proc auth {code arg1 arg2} { if {$code=="SQLITE_INSERT_ROW" && [string compare -nocase $arg1 sqlite_master]==0} { return SQLITE_OK } return SQLITE_OK } catchsql {CREATE TABLE t1(a,b,c)} } {0 {}} do_test auth-1.4 { execsql {SELECT name FROM sqlite_master} } {t1} do_test auth-1.5 { proc auth {code arg1 arg2} { if {$code=="SQLITE_INSERT_ROW" && [string compare -nocase $arg1 sqlite_master]==0} { return BOGUS } return SQLITE_OK } catchsql {CREATE TABLE t2(a,b,c)} } {1 {illegal return value (1) from the authorization function - should be SQLITE_OK, SQLITE_IGNORE, or SQLITE_DENY}} do_test auth-1.6 { proc auth {code arg1 arg2} { if {$code=="SQLITE_DELETE_ROW" && [string compare -nocase $arg1 sqlite_master]==0} { return SQLITE_DENY } return SQLITE_OK } catchsql {DROP TABLE t1} } {1 {deletion from table sqlite_master is prohibited}} do_test auth-1.7 { proc auth {code arg1 arg2} { if {$code=="SQLITE_DELETE_ROW" && [string compare -nocase $arg1 sqlite_master]==0} { return SQLITE_IGNORE } return SQLITE_OK } catchsql {DROP TABLE t1} } {1 {deletion from table sqlite_master is prohibited}} do_test auth-1.8 { proc auth {code arg1 arg2} { if {$code=="SQLITE_INSERT_ROW" && [string compare -nocase $arg1 t1]==0} { return SQLITE_DENY } return SQLITE_OK } catchsql {INSERT INTO t1 VALUES(1,2,3)} } {1 {insertion into table t1 is prohibited}} do_test auth-1.9 { proc auth {code arg1 arg2} { if {$code=="SQLITE_INSERT_ROW" && [string compare -nocase $arg1 t1]==0} { return SQLITE_IGNORE } return SQLITE_OK } catchsql {INSERT INTO t1 VALUES(1,2,3)} } {0 {}} do_test auth-1.10 { execsql {SELECT * FROM t1} } {} do_test auth-1.11 { proc auth {code arg1 arg2} { if {$code=="SQLITE_INSERT_ROW" && [string compare -nocase $arg1 t1]==0} { return SQLITE_OK } return SQLITE_OK } catchsql {INSERT INTO t1 VALUES(1,2,3)} } {0 {}} do_test auth-1.12 { execsql {SELECT * FROM t1} } {1 2 3} do_test auth-1.13 { proc auth {code arg1 arg2} { if {$code=="SQLITE_DELETE_ROW" && [string compare -nocase $arg1 t1]==0} { return SQLITE_DENY } return SQLITE_OK } catchsql {DELETE FROM t1 WHERE a=1} } {1 {deletion from table t1 is prohibited}} do_test auth-1.14 { execsql {SELECT * FROM t1} } {1 2 3} do_test auth-1.15 { proc auth {code arg1 arg2} { if {$code=="SQLITE_DELETE_ROW" && [string compare -nocase $arg1 t1]==0} { return SQLITE_IGNORE } return SQLITE_OK } catchsql {DELETE FROM t1 WHERE a=1} } {0 {}} do_test auth-1.16 { execsql {SELECT * FROM t1} } {1 2 3} do_test auth-1.17 { proc auth {code arg1 arg2} { if {$code=="SQLITE_READ_COLUMN" && [string compare -nocase $arg1 t1]==0 && [string compare -nocase $arg2 a]==0} { return SQLITE_DENY } return SQLITE_OK } catchsql {SELECT * FROM t1} } {1 {access to t1.a is prohibited}} do_test auth-1.18 { proc auth {code arg1 arg2} { if {$code=="SQLITE_READ_COLUMN" && [string compare -nocase $arg1 t1]==0 && [string compare -nocase $arg2 a]==0} { return SQLITE_IGNORE } return SQLITE_OK } catchsql {SELECT * FROM t1} } {0 {{} 2 3}} do_test auth-1.19 { proc auth {code arg1 arg2} { if {$code=="SQLITE_WRITE_COLUMN" && [string compare -nocase $arg1 t1]==0 && [string compare -nocase $arg2 a]==0} { return SQLITE_DENY } return SQLITE_OK } catchsql {UPDATE t1 SET a=11 WHERE a=1} } {1 {changes to t1.a are prohibited}} do_test auth-1.20 { execsql {SELECT * FROM t1} } {1 2 3} do_test auth-1.21 { proc auth {code arg1 arg2} { if {$code=="SQLITE_WRITE_COLUMN" && [string compare -nocase $arg1 t1]==0 && [string compare -nocase $arg2 a]==0} { return SQLITE_DENY } return SQLITE_OK } catchsql {UPDATE t1 SET b=12 WHERE a=1} } {0 {}} do_test auth-1.22 { execsql {SELECT * FROM t1} } {1 12 3} do_test auth-1.23 { proc auth {code arg1 arg2} { if {$code=="SQLITE_WRITE_COLUMN" && [string compare -nocase $arg1 t1]==0 && [string compare -nocase $arg2 a]==0} { return SQLITE_IGNORE } return SQLITE_OK } catchsql {UPDATE t1 SET a=11, b=22 WHERE a=1} } {0 {}} do_test auth-1.24 { execsql {SELECT * FROM t1} } {1 22 3} do_test auth-1.25 { proc auth {code arg1 arg2} { if {$code=="SQLITE_WRITE_COLUMN" && [string compare -nocase $arg1 t1]==0 && [string compare -nocase $arg2 a]==0} { return SQLITE_DENY } return SQLITE_OK } catchsql {UPDATE t1 SET a=11, b=33 WHERE a=1} } {1 {changes to t1.a are prohibited}} do_test auth-1.26 { execsql {SELECT * FROM t1} } {1 22 3} do_test auth-1.27 { proc auth {code arg1 arg2} { if {$code=="SQLITE_READ_COLUMN" && [string compare -nocase $arg1 t1]==0 && [string compare -nocase $arg2 a]==0} { return SQLITE_DENY } return SQLITE_OK } catchsql {UPDATE t1 SET b=33, c=44 WHERE a=1} } {1 {access to t1.a is prohibited}} do_test auth-1.28 { execsql {SELECT b, c FROM t1} } {22 3} do_test auth-1.29 { proc auth {code arg1 arg2} { if {$code=="SQLITE_READ_COLUMN" && [string compare -nocase $arg1 t1]==0 && [string compare -nocase $arg2 a]==0} { return SQLITE_IGNORE } return SQLITE_OK } catchsql {UPDATE t1 SET b=33, c=44 WHERE a=1} } {0 {}} do_test auth-1.30 { execsql {SELECT b, c FROM t1} } {22 3} do_test auth-1.31 { proc auth {code arg1 arg2} { if {$code=="SQLITE_READ_COLUMN" && [string compare -nocase $arg1 t1]==0 && [string compare -nocase $arg2 a]==0} { return SQLITE_IGNORE } return SQLITE_OK } catchsql {UPDATE t1 SET b=33, c=44 WHERE a IS NULL} } {0 {}} do_test auth-1.32 { execsql {SELECT b, c FROM t1} } {33 44} } ;# End of the "if( db command exists )" finish_test |
| | | > > > > > > > > > > > > > > > > | > > > > > > > > > > > > > > > > > > > > > > > > > > | | > > > | < | | | | | | | | | | | < < < | < < < < | | < | | | > > > > | < | | < < < < < < < < < < | | | | | < | | < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < | | < < < < < < | < | < < < < < < < < < < < | < | < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < < |
7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 |
# May you find forgiveness for yourself and forgive others. # May you share freely, never taking more than you give. # #*********************************************************************** # This file implements regression tests for SQLite library. The # focus of this script testing the sqlite_set_authorizer() API. # # $Id: auth.test,v 1.2 2003/01/13 23:27:34 drh Exp $ # set testdir [file dirname $argv0] source $testdir/tester.tcl if {[info command sqlite_set_authorizer]!=""} { do_test auth-1.1 { db close set ::DB [sqlite db test.db] proc auth {code arg1 arg2} { if {$code=="SQLITE_INSERT" && [string compare -nocase $arg1 sqlite_master]==0} { return SQLITE_DENY } return SQLITE_OK } sqlite_set_authorizer $::DB ::auth catchsql {CREATE TABLE t1(a,b,c)} } {1 {not authorized}} do_test auth-1.2 { execsql {SELECT name FROM sqlite_master} } {} do_test auth-1.3 { proc auth {code arg1 arg2} { if {$code=="SQLITE_CREATE_TABLE"} { return SQLITE_DENY } return SQLITE_OK } catchsql {CREATE TABLE t1(a,b,c)} } {1 {not authorized}} do_test auth-1.4 { execsql {SELECT name FROM sqlite_master} } {} do_test auth-1.5 { proc auth {code arg1 arg2} { if {$code=="SQLITE_INSERT" && [string compare -nocase $arg1 sqlite_temp_master]==0} { return SQLITE_DENY } return SQLITE_OK } catchsql {CREATE TEMP TABLE t1(a,b,c)} } {1 {not authorized}} do_test auth-1.6 { execsql {SELECT name FROM sqlite_temp_master} } {} do_test auth-1.7 { proc auth {code arg1 arg2} { if {$code=="SQLITE_CREATE_TEMP_TABLE"} { return SQLITE_DENY } return SQLITE_OK } catchsql {CREATE TEMP TABLE t1(a,b,c)} } {1 {not authorized}} do_test auth-1.8 { execsql {SELECT name FROM sqlite_temp_master} } {} do_test auth-1.9 { proc auth {code arg1 arg2} { if {$code=="SQLITE_INSERT" && [string compare -nocase $arg1 sqlite_master]==0} { return SQLITE_IGNORE } return SQLITE_OK } catchsql {CREATE TABLE t1(a,b,c)} } {0 {}} do_test auth-1.10 { execsql {SELECT name FROM sqlite_master} } {} do_test auth-1.11 { proc auth {code arg1 arg2} { if {$code=="SQLITE_CREATE_TABLE"} { return SQLITE_IGNORE } return SQLITE_OK } catchsql {CREATE TABLE t1(a,b,c)} } {0 {}} do_test auth-1.12 { execsql {SELECT name FROM sqlite_master} } {} do_test auth-1.13 { proc auth {code arg1 arg2} { if {$code=="SQLITE_INSERT" && [string compare -nocase $arg1 sqlite_temp_master]==0} { return SQLITE_IGNORE } return SQLITE_OK } catchsql {CREATE TEMP TABLE t1(a,b,c)} } {0 {}} do_test auth-1.14 { execsql {SELECT name FROM sqlite_temp_master} } {} do_test auth-1.15 { proc auth {code arg1 arg2} { if {$code=="SQLITE_CREATE_TEMP_TABLE"} { return SQLITE_IGNORE } return SQLITE_OK } catchsql {CREATE TEMP TABLE t1(a,b,c)} } {0 {}} do_test auth-1.16 { execsql {SELECT name FROM sqlite_temp_master} } {} do_test auth-1.17 { proc auth {code arg1 arg2} { if {$code=="SQLITE_CREATE_TABLE"} { return SQLITE_DEBY } return SQLITE_OK } catchsql {CREATE TEMP TABLE t1(a,b,c)} } {0 {}} do_test auth-1.18 { execsql {SELECT name FROM sqlite_temp_master} } {t1} do_test auth-1.19 { proc auth {code arg1 arg2} { if {$code=="SQLITE_CREATE_TEMP_TABLE"} { return SQLITE_DEBY } return SQLITE_OK } catchsql {CREATE TABLE t2(a,b,c)} } {0 {}} do_test auth-1.20 { execsql {SELECT name FROM sqlite_master} } {t2} } ;# End of the "if( db command exists )" finish_test |