Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Finish out the test suite for the new sqlite_set_authorizer API. (CVS 834) |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA1: |
701a73918db22fd134a8b959670ba7a4 |
User & Date: | drh 2003-01-14 13:48:21.000 |
Context
2003-01-16
| ||
13:42 | Improvements to the pager to help large updates against a large database run faster. Also improved the testing of the pager rollback algorithms. (CVS 835) (check-in: 717523d375 user: drh tags: trunk) | |
2003-01-14
| ||
13:48 | Finish out the test suite for the new sqlite_set_authorizer API. (CVS 834) (check-in: 701a73918d user: drh tags: trunk) | |
02:54 | Fix a memory leak in the PRAGMA authorization code. (CVS 833) (check-in: ba58979f2f user: drh tags: trunk) | |
Changes
Changes to test/auth.test.
1 2 3 4 5 6 7 8 9 10 11 12 13 | # 2003 January 12 # # The author disclaims copyright to this source code. In place of # a legal notice, here is a blessing: # # May you do good and not evil. # May you find forgiveness for yourself and forgive others. # May you share freely, never taking more than you give. # #*********************************************************************** # This file implements regression tests for SQLite library. The # focus of this script testing the sqlite_set_authorizer() API. # | | | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | # 2003 January 12 # # The author disclaims copyright to this source code. In place of # a legal notice, here is a blessing: # # May you do good and not evil. # May you find forgiveness for yourself and forgive others. # May you share freely, never taking more than you give. # #*********************************************************************** # This file implements regression tests for SQLite library. The # focus of this script testing the sqlite_set_authorizer() API. # # $Id: auth.test,v 1.4 2003/01/14 13:48:21 drh Exp $ # set testdir [file dirname $argv0] source $testdir/tester.tcl if {[info command sqlite_set_authorizer]!=""} { |
︙ | ︙ | |||
1505 1506 1507 1508 1509 1510 1511 | do_test auth-1.238 { set ::authargs } {full_column_names OFF} do_test auth-1.239 { execsql2 {SELECT a FROM t2} } {a 11 a 7} | > > > > > | > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1505 1506 1507 1508 1509 1510 1511 1512 1513 1514 1515 1516 1517 1518 1519 1520 1521 1522 1523 1524 1525 1526 1527 1528 1529 1530 1531 1532 1533 1534 1535 1536 1537 1538 1539 1540 1541 1542 1543 1544 1545 1546 1547 1548 1549 1550 1551 1552 1553 1554 1555 1556 1557 1558 1559 1560 1561 1562 1563 1564 1565 1566 1567 1568 1569 1570 1571 1572 1573 1574 1575 1576 1577 1578 1579 1580 1581 1582 1583 1584 1585 1586 1587 1588 1589 1590 1591 1592 1593 1594 1595 1596 1597 1598 1599 1600 1601 1602 1603 1604 1605 1606 1607 1608 1609 1610 1611 1612 1613 1614 1615 1616 1617 1618 1619 1620 1621 1622 1623 1624 1625 1626 1627 1628 1629 1630 1631 1632 1633 1634 1635 1636 1637 1638 1639 1640 1641 1642 1643 1644 1645 1646 1647 1648 1649 1650 1651 1652 1653 1654 | do_test auth-1.238 { set ::authargs } {full_column_names OFF} do_test auth-1.239 { execsql2 {SELECT a FROM t2} } {a 11 a 7} do_test auth-1.240 { proc auth {code arg1 arg2} { if {$code=="SQLITE_TRANSACTION"} { set ::authargs [list $arg1 $arg2] return SQLITE_DENY } return SQLITE_OK } catchsql {BEGIN} } {1 {not authorized}} do_test auth-1.241 { set ::authargs } {BEGIN {}} do_test auth-1.242 { proc auth {code arg1 arg2} { if {$code=="SQLITE_TRANSACTION" && $arg1!="BEGIN"} { set ::authargs [list $arg1 $arg2] return SQLITE_DENY } return SQLITE_OK } catchsql {BEGIN; INSERT INTO t2 VALUES(44,55,66); COMMIT} } {1 {not authorized}} do_test auth-1.243 { set ::authargs } {COMMIT {}} do_test auth-1.244 { execsql {SELECT * FROM t2} } {11 2 33 7 8 9 44 55 66} do_test auth-1.245 { catchsql {ROLLBACK} } {1 {not authorized}} do_test auth-1.246 { set ::authargs } {ROLLBACK {}} do_test auth-1.247 { catchsql {END TRANSACTION} } {1 {not authorized}} do_test auth-1.248 { set ::authargs } {COMMIT {}} do_test auth-1.249 { sqlite_set_authorizer $::DB {} catchsql {ROLLBACK} } {0 {}} do_test auth-1.250 { execsql {SELECT * FROM t2} } {11 2 33 7 8 9} do_test auth-2.1 { proc auth {code arg1 arg2} { if {$code=="SQLITE_READ" && $arg1=="t3" && $arg2=="x"} { return SQLITE_DENY } return SQLITE_OK } sqlite_set_authorizer $::DB ::auth execsql {CREATE TABLE t3(x INTEGER PRIMARY KEY, y, z)} catchsql {SELECT * FROM t3} } {1 {access to t3.x is prohibited}} do_test auth-2.1 { catchsql {SELECT y,z FROM t3} } {0 {}} do_test auth-2.2 { catchsql {SELECT ROWID,y,z FROM t3} } {1 {access to t3.x is prohibited}} do_test auth-2.3 { catchsql {SELECT OID,y,z FROM t3} } {1 {access to t3.x is prohibited}} do_test auth-2.4 { proc auth {code arg1 arg2} { if {$code=="SQLITE_READ" && $arg1=="t3" && $arg2=="x"} { return SQLITE_IGNORE } return SQLITE_OK } execsql {INSERT INTO t3 VALUES(44,55,66)} catchsql {SELECT * FROM t3} } {0 {{} 55 66}} do_test auth-2.5 { catchsql {SELECT rowid,y,z FROM t3} } {0 {{} 55 66}} do_test auth-2.6 { proc auth {code arg1 arg2} { if {$code=="SQLITE_READ" && $arg1=="t3" && $arg2=="ROWID"} { return SQLITE_IGNORE } return SQLITE_OK } catchsql {SELECT * FROM t3} } {0 {44 55 66}} do_test auth-2.7 { catchsql {SELECT ROWID,y,z FROM t3} } {0 {44 55 66}} do_test auth-2.8 { proc auth {code arg1 arg2} { if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="ROWID"} { return SQLITE_IGNORE } return SQLITE_OK } catchsql {SELECT ROWID,b,c FROM t2} } {0 {{} 2 33 {} 8 9}} do_test auth-2.9 { proc auth {code arg1 arg2} { if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="ROWID"} { return bogus } return SQLITE_OK } catchsql {SELECT ROWID,b,c FROM t2} } {1 {illegal return value (999) from the authorization function - should be SQLITE_OK, SQLITE_IGNORE, or SQLITE_DENY}} do_test auth-2.10 { proc auth {code arg1 arg2} { if {$code=="SQLITE_SELECT"} { return bogus } return SQLITE_OK } catchsql {SELECT ROWID,b,c FROM t2} } {1 {illegal return value (1) from the authorization function - should be SQLITE_OK, SQLITE_IGNORE, or SQLITE_DENY}} do_test auth-2.11 { proc auth {code arg1 arg2} { if {$code=="SQLITE_READ" && $arg2=="a"} { return SQLITE_IGNORE } return SQLITE_OK } catchsql {SELECT * FROM t2, t3} } {0 {{} 2 33 44 55 66 {} 8 9 44 55 66}} do_test auth-2.11 { proc auth {code arg1 arg2} { if {$code=="SQLITE_READ" && $arg2=="x"} { return SQLITE_IGNORE } return SQLITE_OK } catchsql {SELECT * FROM t2, t3} } {0 {11 2 33 {} 55 66 7 8 9 {} 55 66}} } ;# End of the "if( db command exists )" finish_test |