Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
Overview
Comment: | Add test cases and assert() statements to ensure that the authorizer is being called as expected from within ALTER TABLE. |
---|---|
Downloads: | Tarball | ZIP archive |
Timelines: | family | ancestors | descendants | both | trunk |
Files: | files | file ages | folders |
SHA3-256: |
ff10d2c7de430c88167b1e6e4f5307ee |
User & Date: | dan 2018-10-06 13:46:22.771 |
Context
2018-10-06
| ||
14:38 | Fix the ".help -all" option in the command-line shell. (check-in: aac8f1dff0 user: drh tags: trunk) | |
14:33 | Ensure each ALTER TABLE statement makes just a single SQLITE_ALTER_TABLE call to the authorizer function. (Leaf check-in: dac285474a user: dan tags: alter-auth-callbacks) | |
13:46 | Add test cases and assert() statements to ensure that the authorizer is being called as expected from within ALTER TABLE. (check-in: ff10d2c7de user: dan tags: trunk) | |
2018-10-05
| ||
15:10 | Changes to geopoly to silience false-positive warnings coming out of clang. (check-in: 11d9015f31 user: drh tags: trunk) | |
Changes
Changes to src/auth.c.
︙ | ︙ | |||
147 148 149 150 151 152 153 154 155 156 157 158 159 160 | Table *pTab = 0; /* The table being read */ const char *zCol; /* Name of the column of the table */ int iSrc; /* Index in pTabList->a[] of table being read */ int iDb; /* The index of the database the expression refers to */ int iCol; /* Index of column in table */ assert( pExpr->op==TK_COLUMN || pExpr->op==TK_TRIGGER ); if( db->xAuth==0 ) return; iDb = sqlite3SchemaToIndex(pParse->db, pSchema); if( iDb<0 ){ /* An attempt to read a column out of a subquery or other ** temporary table. */ return; } | > | 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 | Table *pTab = 0; /* The table being read */ const char *zCol; /* Name of the column of the table */ int iSrc; /* Index in pTabList->a[] of table being read */ int iDb; /* The index of the database the expression refers to */ int iCol; /* Index of column in table */ assert( pExpr->op==TK_COLUMN || pExpr->op==TK_TRIGGER ); assert( !IN_RENAME_OBJECT || db->xAuth==0 ); if( db->xAuth==0 ) return; iDb = sqlite3SchemaToIndex(pParse->db, pSchema); if( iDb<0 ){ /* An attempt to read a column out of a subquery or other ** temporary table. */ return; } |
︙ | ︙ | |||
203 204 205 206 207 208 209 210 211 212 213 214 215 216 | ){ sqlite3 *db = pParse->db; int rc; /* Don't do any authorization checks if the database is initialising ** or if the parser is being invoked from within sqlite3_declare_vtab. */ if( db->init.busy || IN_SPECIAL_PARSE ){ return SQLITE_OK; } if( db->xAuth==0 ){ return SQLITE_OK; } | > | 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 | ){ sqlite3 *db = pParse->db; int rc; /* Don't do any authorization checks if the database is initialising ** or if the parser is being invoked from within sqlite3_declare_vtab. */ assert( !IN_RENAME_OBJECT || db->xAuth==0 ); if( db->init.busy || IN_SPECIAL_PARSE ){ return SQLITE_OK; } if( db->xAuth==0 ){ return SQLITE_OK; } |
︙ | ︙ |
Added test/alterauth2.test.
> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 | # 2018 October 6 # # The author disclaims copyright to this source code. In place of # a legal notice, here is a blessing: # # May you do good and not evil. # May you find forgiveness for yourself and forgive others. # May you share freely, never taking more than you give. # #************************************************************************* # set testdir [file dirname $argv0] source $testdir/tester.tcl # If SQLITE_OMIT_ALTERTABLE is defined, omit this file. ifcapable !altertable { finish_test return } set testprefix alterauth2 set ::auth [list] proc xAuth {type args} { lappend ::auth [concat $type [lrange $args 0 3]] if {$type=="SQLITE_READ" && [lindex $args 0] == "t2"} breakpoint return SQLITE_OK } db auth xAuth proc do_auth_test {tn sql authcode} { set script " set ::auth \[list\] execsql {$sql} lsort -unique \[set ::auth\] " set normal [list {*}$authcode] uplevel [list do_test $tn $script $normal] } do_execsql_test 1.0 { CREATE TABLE t1(a, b, c); CREATE VIEW v1 AS SELECT * FROM t1; CREATE TRIGGER tr1 AFTER INSERT ON t1 BEGIN DELETE FROM t1 WHERE a<new.a; END; CREATE TEMP TRIGGER tr2 AFTER UPDATE OF a, b ON t1 BEGIN UPDATE t1 SET a=a+1 WHERE new.b<b; END; } do_auth_test 1.1 { ALTER TABLE t1 RENAME TO t2; } { {SQLITE_ALTER_TABLE main t1 {} {}} {SQLITE_FUNCTION {} like {} {}} {SQLITE_FUNCTION {} sqlite_rename_table {} {}} {SQLITE_FUNCTION {} sqlite_rename_test {} {}} {SQLITE_FUNCTION {} substr {} {}} {SQLITE_READ sqlite_master name main {}} {SQLITE_READ sqlite_master sql main {}} {SQLITE_READ sqlite_master tbl_name main {}} {SQLITE_READ sqlite_master type main {}} {SQLITE_READ sqlite_temp_master name temp {}} {SQLITE_READ sqlite_temp_master sql temp {}} {SQLITE_READ sqlite_temp_master tbl_name temp {}} {SQLITE_READ sqlite_temp_master type temp {}} {SQLITE_SELECT {} {} {} {}} {SQLITE_UPDATE sqlite_master name main {}} {SQLITE_UPDATE sqlite_master sql main {}} {SQLITE_UPDATE sqlite_master tbl_name main {}} {SQLITE_UPDATE sqlite_temp_master sql temp {}} {SQLITE_UPDATE sqlite_temp_master tbl_name temp {}} } do_auth_test 1.2 { ALTER TABLE t2 RENAME a TO aaa; } { {SQLITE_ALTER_TABLE main t2 {} {}} {SQLITE_FUNCTION {} like {} {}} {SQLITE_FUNCTION {} sqlite_rename_column {} {}} {SQLITE_FUNCTION {} sqlite_rename_test {} {}} {SQLITE_READ sqlite_master name main {}} {SQLITE_READ sqlite_master sql main {}} {SQLITE_READ sqlite_master tbl_name main {}} {SQLITE_READ sqlite_master type main {}} {SQLITE_READ sqlite_temp_master name temp {}} {SQLITE_READ sqlite_temp_master sql temp {}} {SQLITE_READ sqlite_temp_master type temp {}} {SQLITE_SELECT {} {} {} {}} {SQLITE_UPDATE sqlite_master sql main {}} {SQLITE_UPDATE sqlite_temp_master sql temp {}} } finish_test |