/ Check-in [701a7391]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Finish out the test suite for the new sqlite_set_authorizer API. (CVS 834)
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 701a73918db22fd134a8b959670ba7a4a908c8c5
User & Date: drh 2003-01-14 13:48:21
Context
2003-01-16
13:42
Improvements to the pager to help large updates against a large database run faster. Also improved the testing of the pager rollback algorithms. (CVS 835) check-in: 717523d3 user: drh tags: trunk
2003-01-14
13:48
Finish out the test suite for the new sqlite_set_authorizer API. (CVS 834) check-in: 701a7391 user: drh tags: trunk
02:54
Fix a memory leak in the PRAGMA authorization code. (CVS 833) check-in: ba58979f user: drh tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to test/auth.test.

     7      7   #    May you find forgiveness for yourself and forgive others.
     8      8   #    May you share freely, never taking more than you give.
     9      9   #
    10     10   #***********************************************************************
    11     11   # This file implements regression tests for SQLite library.  The
    12     12   # focus of this script testing the sqlite_set_authorizer() API.
    13     13   #
    14         -# $Id: auth.test,v 1.3 2003/01/14 02:49:28 drh Exp $
           14  +# $Id: auth.test,v 1.4 2003/01/14 13:48:21 drh Exp $
    15     15   #
    16     16   
    17     17   set testdir [file dirname $argv0]
    18     18   source $testdir/tester.tcl
    19     19   
    20     20   if {[info command sqlite_set_authorizer]!=""} {
    21     21   
................................................................................
  1505   1505   do_test auth-1.238 {
  1506   1506     set ::authargs
  1507   1507   } {full_column_names OFF}
  1508   1508   do_test auth-1.239 {
  1509   1509     execsql2 {SELECT a FROM t2}
  1510   1510   } {a 11 a 7}
  1511   1511   
         1512  +do_test auth-1.240 {
         1513  +  proc auth {code arg1 arg2} {
         1514  +    if {$code=="SQLITE_TRANSACTION"} {
         1515  +      set ::authargs [list $arg1 $arg2]
         1516  +      return SQLITE_DENY
         1517  +    }
         1518  +    return SQLITE_OK
         1519  +  }
         1520  +  catchsql {BEGIN}
         1521  +} {1 {not authorized}}
         1522  +do_test auth-1.241 {
         1523  +  set ::authargs
         1524  +} {BEGIN {}}
         1525  +do_test auth-1.242 {
         1526  +  proc auth {code arg1 arg2} {
         1527  +    if {$code=="SQLITE_TRANSACTION" && $arg1!="BEGIN"} {
         1528  +      set ::authargs [list $arg1 $arg2]
         1529  +      return SQLITE_DENY
         1530  +    }
         1531  +    return SQLITE_OK
         1532  +  }
         1533  +  catchsql {BEGIN; INSERT INTO t2 VALUES(44,55,66); COMMIT}
         1534  +} {1 {not authorized}}
         1535  +do_test auth-1.243 {
         1536  +  set ::authargs
         1537  +} {COMMIT {}}
         1538  +do_test auth-1.244 {
         1539  +  execsql {SELECT * FROM t2}
         1540  +} {11 2 33 7 8 9 44 55 66}
         1541  +do_test auth-1.245 {
         1542  +  catchsql {ROLLBACK}
         1543  +} {1 {not authorized}}
         1544  +do_test auth-1.246 {
         1545  +  set ::authargs
         1546  +} {ROLLBACK {}}
         1547  +do_test auth-1.247 {
         1548  +  catchsql {END TRANSACTION}
         1549  +} {1 {not authorized}}
         1550  +do_test auth-1.248 {
         1551  +  set ::authargs
         1552  +} {COMMIT {}}
         1553  +do_test auth-1.249 {
         1554  +  sqlite_set_authorizer $::DB {}
         1555  +  catchsql {ROLLBACK}
         1556  +} {0 {}}
         1557  +do_test auth-1.250 {
         1558  +  execsql {SELECT * FROM t2}
         1559  +} {11 2 33 7 8 9}
         1560  +
         1561  +do_test auth-2.1 {
         1562  +  proc auth {code arg1 arg2} {
         1563  +    if {$code=="SQLITE_READ" && $arg1=="t3" && $arg2=="x"} {
         1564  +      return SQLITE_DENY
         1565  +    }
         1566  +    return SQLITE_OK
         1567  +  }
         1568  +  sqlite_set_authorizer $::DB ::auth
         1569  +  execsql {CREATE TABLE t3(x INTEGER PRIMARY KEY, y, z)}
         1570  +  catchsql {SELECT * FROM t3}
         1571  +} {1 {access to t3.x is prohibited}}
         1572  +do_test auth-2.1 {
         1573  +  catchsql {SELECT y,z FROM t3}
         1574  +} {0 {}}
         1575  +do_test auth-2.2 {
         1576  +  catchsql {SELECT ROWID,y,z FROM t3}
         1577  +} {1 {access to t3.x is prohibited}}
         1578  +do_test auth-2.3 {
         1579  +  catchsql {SELECT OID,y,z FROM t3}
         1580  +} {1 {access to t3.x is prohibited}}
         1581  +do_test auth-2.4 {
         1582  +  proc auth {code arg1 arg2} {
         1583  +    if {$code=="SQLITE_READ" && $arg1=="t3" && $arg2=="x"} {
         1584  +      return SQLITE_IGNORE
         1585  +    }
         1586  +    return SQLITE_OK
         1587  +  }
         1588  +  execsql {INSERT INTO t3 VALUES(44,55,66)}
         1589  +  catchsql {SELECT * FROM t3}
         1590  +} {0 {{} 55 66}}
         1591  +do_test auth-2.5 {
         1592  +  catchsql {SELECT rowid,y,z FROM t3}
         1593  +} {0 {{} 55 66}}
         1594  +do_test auth-2.6 {
         1595  +  proc auth {code arg1 arg2} {
         1596  +    if {$code=="SQLITE_READ" && $arg1=="t3" && $arg2=="ROWID"} {
         1597  +      return SQLITE_IGNORE
         1598  +    }
         1599  +    return SQLITE_OK
         1600  +  }
         1601  +  catchsql {SELECT * FROM t3}
         1602  +} {0 {44 55 66}}
         1603  +do_test auth-2.7 {
         1604  +  catchsql {SELECT ROWID,y,z FROM t3}
         1605  +} {0 {44 55 66}}
         1606  +do_test auth-2.8 {
         1607  +  proc auth {code arg1 arg2} {
         1608  +    if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="ROWID"} {
         1609  +      return SQLITE_IGNORE
         1610  +    }
         1611  +    return SQLITE_OK
         1612  +  }
         1613  +  catchsql {SELECT ROWID,b,c FROM t2}
         1614  +} {0 {{} 2 33 {} 8 9}}
         1615  +do_test auth-2.9 {
         1616  +  proc auth {code arg1 arg2} {
         1617  +    if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="ROWID"} {
         1618  +      return bogus
         1619  +    }
         1620  +    return SQLITE_OK
         1621  +  }
         1622  +  catchsql {SELECT ROWID,b,c FROM t2}
         1623  +} {1 {illegal return value (999) from the authorization function - should be SQLITE_OK, SQLITE_IGNORE, or SQLITE_DENY}}
         1624  +do_test auth-2.10 {
         1625  +  proc auth {code arg1 arg2} {
         1626  +    if {$code=="SQLITE_SELECT"} {
         1627  +      return bogus
         1628  +    }
         1629  +    return SQLITE_OK
         1630  +  }
         1631  +  catchsql {SELECT ROWID,b,c FROM t2}
         1632  +} {1 {illegal return value (1) from the authorization function - should be SQLITE_OK, SQLITE_IGNORE, or SQLITE_DENY}}
         1633  +do_test auth-2.11 {
         1634  +  proc auth {code arg1 arg2} {
         1635  +    if {$code=="SQLITE_READ" && $arg2=="a"} {
         1636  +      return SQLITE_IGNORE
         1637  +    }
         1638  +    return SQLITE_OK
         1639  +  }
         1640  +  catchsql {SELECT * FROM t2, t3}
         1641  +} {0 {{} 2 33 44 55 66 {} 8 9 44 55 66}}
         1642  +do_test auth-2.11 {
         1643  +  proc auth {code arg1 arg2} {
         1644  +    if {$code=="SQLITE_READ" && $arg2=="x"} {
         1645  +      return SQLITE_IGNORE
         1646  +    }
         1647  +    return SQLITE_OK
         1648  +  }
         1649  +  catchsql {SELECT * FROM t2, t3}
         1650  +} {0 {11 2 33 {} 55 66 7 8 9 {} 55 66}}
  1512   1651   
  1513   1652   } ;# End of the "if( db command exists )"
  1514   1653   
  1515   1654   finish_test