wasCSharpSQLite – Blame information for rev 7
?pathlinks?
Rev | Author | Line No. | Line |
---|---|---|---|
1 | office | 1 | # 2003 April 4 |
2 | # |
||
3 | # The author disclaims copyright to this source code. In place of |
||
4 | # a legal notice, here is a blessing: |
||
5 | # |
||
6 | # May you do good and not evil. |
||
7 | # May you find forgiveness for yourself and forgive others. |
||
8 | # May you share freely, never taking more than you give. |
||
9 | # |
||
10 | #*********************************************************************** |
||
11 | # This file implements regression tests for SQLite library. The |
||
12 | # focus of this script is testing the sqlite3_set_authorizer() API |
||
13 | # and related functionality. |
||
14 | # |
||
15 | # $Id: auth.test,v 1.46 2009/07/02 18:40:35 danielk1977 Exp $ |
||
16 | # |
||
17 | |||
18 | set testdir [file dirname $argv0] |
||
19 | source $testdir/tester.tcl |
||
20 | |||
21 | # disable this test if the SQLITE_OMIT_AUTHORIZATION macro is |
||
22 | # defined during compilation. |
||
23 | if {[catch {db auth {}} msg]} { |
||
24 | finish_test |
||
25 | return |
||
26 | } |
||
27 | |||
28 | rename proc proc_real |
||
29 | proc_real proc {name arguments script} { |
||
30 | proc_real $name $arguments $script |
||
31 | if {$name=="auth"} { |
||
32 | db authorizer ::auth |
||
33 | } |
||
34 | } |
||
35 | |||
36 | do_test auth-1.1.1 { |
||
37 | db close |
||
38 | set ::DB [sqlite3 db test.db] |
||
39 | proc auth {code arg1 arg2 arg3 arg4} { |
||
40 | if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} { |
||
41 | return SQLITE_DENY |
||
42 | } |
||
43 | return SQLITE_OK |
||
44 | } |
||
45 | db authorizer ::auth |
||
46 | catchsql {CREATE TABLE t1(a,b,c)} |
||
47 | } {1 {not authorized}} |
||
48 | do_test auth-1.1.2 { |
||
49 | db errorcode |
||
50 | } {23} |
||
51 | do_test auth-1.1.3 { |
||
52 | db authorizer |
||
53 | } {::auth} |
||
54 | do_test auth-1.1.4 { |
||
55 | # Ticket #896. |
||
56 | catchsql { |
||
57 | SELECT x; |
||
58 | } |
||
59 | } {1 {no such column: x}} |
||
60 | do_test auth-1.2 { |
||
61 | execsql {SELECT name FROM sqlite_master} |
||
62 | } {} |
||
63 | do_test auth-1.3.1 { |
||
64 | proc auth {code arg1 arg2 arg3 arg4} { |
||
65 | if {$code=="SQLITE_CREATE_TABLE"} { |
||
66 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
67 | return SQLITE_DENY |
||
68 | } |
||
69 | return SQLITE_OK |
||
70 | } |
||
71 | catchsql {CREATE TABLE t1(a,b,c)} |
||
72 | } {1 {not authorized}} |
||
73 | do_test auth-1.3.2 { |
||
74 | db errorcode |
||
75 | } {23} |
||
76 | do_test auth-1.3.3 { |
||
77 | set ::authargs |
||
78 | } {t1 {} main {}} |
||
79 | do_test auth-1.4 { |
||
80 | execsql {SELECT name FROM sqlite_master} |
||
81 | } {} |
||
82 | |||
83 | ifcapable tempdb { |
||
84 | do_test auth-1.5 { |
||
85 | proc auth {code arg1 arg2 arg3 arg4} { |
||
86 | if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} { |
||
87 | return SQLITE_DENY |
||
88 | } |
||
89 | return SQLITE_OK |
||
90 | } |
||
91 | catchsql {CREATE TEMP TABLE t1(a,b,c)} |
||
92 | } {1 {not authorized}} |
||
93 | do_test auth-1.6 { |
||
94 | execsql {SELECT name FROM sqlite_temp_master} |
||
95 | } {} |
||
96 | do_test auth-1.7.1 { |
||
97 | proc auth {code arg1 arg2 arg3 arg4} { |
||
98 | if {$code=="SQLITE_CREATE_TEMP_TABLE"} { |
||
99 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
100 | return SQLITE_DENY |
||
101 | } |
||
102 | return SQLITE_OK |
||
103 | } |
||
104 | catchsql {CREATE TEMP TABLE t1(a,b,c)} |
||
105 | } {1 {not authorized}} |
||
106 | do_test auth-1.7.2 { |
||
107 | set ::authargs |
||
108 | } {t1 {} temp {}} |
||
109 | do_test auth-1.8 { |
||
110 | execsql {SELECT name FROM sqlite_temp_master} |
||
111 | } {} |
||
112 | } |
||
113 | |||
114 | do_test auth-1.9 { |
||
115 | proc auth {code arg1 arg2 arg3 arg4} { |
||
116 | if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} { |
||
117 | return SQLITE_IGNORE |
||
118 | } |
||
119 | return SQLITE_OK |
||
120 | } |
||
121 | catchsql {CREATE TABLE t1(a,b,c)} |
||
122 | } {0 {}} |
||
123 | do_test auth-1.10 { |
||
124 | execsql {SELECT name FROM sqlite_master} |
||
125 | } {} |
||
126 | do_test auth-1.11 { |
||
127 | proc auth {code arg1 arg2 arg3 arg4} { |
||
128 | if {$code=="SQLITE_CREATE_TABLE"} { |
||
129 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
130 | return SQLITE_IGNORE |
||
131 | } |
||
132 | return SQLITE_OK |
||
133 | } |
||
134 | catchsql {CREATE TABLE t1(a,b,c)} |
||
135 | } {0 {}} |
||
136 | do_test auth-1.12 { |
||
137 | execsql {SELECT name FROM sqlite_master} |
||
138 | } {} |
||
139 | |||
140 | ifcapable tempdb { |
||
141 | do_test auth-1.13 { |
||
142 | proc auth {code arg1 arg2 arg3 arg4} { |
||
143 | if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} { |
||
144 | return SQLITE_IGNORE |
||
145 | } |
||
146 | return SQLITE_OK |
||
147 | } |
||
148 | catchsql {CREATE TEMP TABLE t1(a,b,c)} |
||
149 | } {0 {}} |
||
150 | do_test auth-1.14 { |
||
151 | execsql {SELECT name FROM sqlite_temp_master} |
||
152 | } {} |
||
153 | do_test auth-1.15 { |
||
154 | proc auth {code arg1 arg2 arg3 arg4} { |
||
155 | if {$code=="SQLITE_CREATE_TEMP_TABLE"} { |
||
156 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
157 | return SQLITE_IGNORE |
||
158 | } |
||
159 | return SQLITE_OK |
||
160 | } |
||
161 | catchsql {CREATE TEMP TABLE t1(a,b,c)} |
||
162 | } {0 {}} |
||
163 | do_test auth-1.16 { |
||
164 | execsql {SELECT name FROM sqlite_temp_master} |
||
165 | } {} |
||
166 | |||
167 | do_test auth-1.17 { |
||
168 | proc auth {code arg1 arg2 arg3 arg4} { |
||
169 | if {$code=="SQLITE_CREATE_TABLE"} { |
||
170 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
171 | return SQLITE_DENY |
||
172 | } |
||
173 | return SQLITE_OK |
||
174 | } |
||
175 | catchsql {CREATE TEMP TABLE t1(a,b,c)} |
||
176 | } {0 {}} |
||
177 | do_test auth-1.18 { |
||
178 | execsql {SELECT name FROM sqlite_temp_master} |
||
179 | } {t1} |
||
180 | } |
||
181 | |||
182 | do_test auth-1.19.1 { |
||
183 | set ::authargs {} |
||
184 | proc auth {code arg1 arg2 arg3 arg4} { |
||
185 | if {$code=="SQLITE_CREATE_TEMP_TABLE"} { |
||
186 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
187 | return SQLITE_DENY |
||
188 | } |
||
189 | return SQLITE_OK |
||
190 | } |
||
191 | catchsql {CREATE TABLE t2(a,b,c)} |
||
192 | } {0 {}} |
||
193 | do_test auth-1.19.2 { |
||
194 | set ::authargs |
||
195 | } {} |
||
196 | do_test auth-1.20 { |
||
197 | execsql {SELECT name FROM sqlite_master} |
||
198 | } {t2} |
||
199 | |||
200 | do_test auth-1.21.1 { |
||
201 | proc auth {code arg1 arg2 arg3 arg4} { |
||
202 | if {$code=="SQLITE_DROP_TABLE"} { |
||
203 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
204 | return SQLITE_DENY |
||
205 | } |
||
206 | return SQLITE_OK |
||
207 | } |
||
208 | catchsql {DROP TABLE t2} |
||
209 | } {1 {not authorized}} |
||
210 | do_test auth-1.21.2 { |
||
211 | set ::authargs |
||
212 | } {t2 {} main {}} |
||
213 | do_test auth-1.22 { |
||
214 | execsql {SELECT name FROM sqlite_master} |
||
215 | } {t2} |
||
216 | do_test auth-1.23.1 { |
||
217 | proc auth {code arg1 arg2 arg3 arg4} { |
||
218 | if {$code=="SQLITE_DROP_TABLE"} { |
||
219 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
220 | return SQLITE_IGNORE |
||
221 | } |
||
222 | return SQLITE_OK |
||
223 | } |
||
224 | catchsql {DROP TABLE t2} |
||
225 | } {0 {}} |
||
226 | do_test auth-1.23.2 { |
||
227 | set ::authargs |
||
228 | } {t2 {} main {}} |
||
229 | do_test auth-1.24 { |
||
230 | execsql {SELECT name FROM sqlite_master} |
||
231 | } {t2} |
||
232 | |||
233 | ifcapable tempdb { |
||
234 | do_test auth-1.25 { |
||
235 | proc auth {code arg1 arg2 arg3 arg4} { |
||
236 | if {$code=="SQLITE_DROP_TEMP_TABLE"} { |
||
237 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
238 | return SQLITE_DENY |
||
239 | } |
||
240 | return SQLITE_OK |
||
241 | } |
||
242 | catchsql {DROP TABLE t1} |
||
243 | } {1 {not authorized}} |
||
244 | do_test auth-1.26 { |
||
245 | execsql {SELECT name FROM sqlite_temp_master} |
||
246 | } {t1} |
||
247 | do_test auth-1.27 { |
||
248 | proc auth {code arg1 arg2 arg3 arg4} { |
||
249 | if {$code=="SQLITE_DROP_TEMP_TABLE"} { |
||
250 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
251 | return SQLITE_IGNORE |
||
252 | } |
||
253 | return SQLITE_OK |
||
254 | } |
||
255 | catchsql {DROP TABLE t1} |
||
256 | } {0 {}} |
||
257 | do_test auth-1.28 { |
||
258 | execsql {SELECT name FROM sqlite_temp_master} |
||
259 | } {t1} |
||
260 | } |
||
261 | |||
262 | do_test auth-1.29 { |
||
263 | proc auth {code arg1 arg2 arg3 arg4} { |
||
264 | if {$code=="SQLITE_INSERT" && $arg1=="t2"} { |
||
265 | return SQLITE_DENY |
||
266 | } |
||
267 | return SQLITE_OK |
||
268 | } |
||
269 | catchsql {INSERT INTO t2 VALUES(1,2,3)} |
||
270 | } {1 {not authorized}} |
||
271 | do_test auth-1.30 { |
||
272 | execsql {SELECT * FROM t2} |
||
273 | } {} |
||
274 | do_test auth-1.31 { |
||
275 | proc auth {code arg1 arg2 arg3 arg4} { |
||
276 | if {$code=="SQLITE_INSERT" && $arg1=="t2"} { |
||
277 | return SQLITE_IGNORE |
||
278 | } |
||
279 | return SQLITE_OK |
||
280 | } |
||
281 | catchsql {INSERT INTO t2 VALUES(1,2,3)} |
||
282 | } {0 {}} |
||
283 | do_test auth-1.32 { |
||
284 | execsql {SELECT * FROM t2} |
||
285 | } {} |
||
286 | do_test auth-1.33 { |
||
287 | proc auth {code arg1 arg2 arg3 arg4} { |
||
288 | if {$code=="SQLITE_INSERT" && $arg1=="t1"} { |
||
289 | return SQLITE_IGNORE |
||
290 | } |
||
291 | return SQLITE_OK |
||
292 | } |
||
293 | catchsql {INSERT INTO t2 VALUES(1,2,3)} |
||
294 | } {0 {}} |
||
295 | do_test auth-1.34 { |
||
296 | execsql {SELECT * FROM t2} |
||
297 | } {1 2 3} |
||
298 | |||
299 | do_test auth-1.35.1 { |
||
300 | proc auth {code arg1 arg2 arg3 arg4} { |
||
301 | if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="b"} { |
||
302 | return SQLITE_DENY |
||
303 | } |
||
304 | return SQLITE_OK |
||
305 | } |
||
306 | catchsql {SELECT * FROM t2} |
||
307 | } {1 {access to t2.b is prohibited}} |
||
308 | ifcapable attach { |
||
309 | do_test auth-1.35.2 { |
||
310 | execsql {ATTACH DATABASE 'test.db' AS two} |
||
311 | catchsql {SELECT * FROM two.t2} |
||
312 | } {1 {access to two.t2.b is prohibited}} |
||
313 | execsql {DETACH DATABASE two} |
||
314 | } |
||
315 | do_test auth-1.36 { |
||
316 | proc auth {code arg1 arg2 arg3 arg4} { |
||
317 | if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="b"} { |
||
318 | return SQLITE_IGNORE |
||
319 | } |
||
320 | return SQLITE_OK |
||
321 | } |
||
322 | catchsql {SELECT * FROM t2} |
||
323 | } {0 {1 {} 3}} |
||
324 | do_test auth-1.37 { |
||
325 | proc auth {code arg1 arg2 arg3 arg4} { |
||
326 | if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="b"} { |
||
327 | return SQLITE_IGNORE |
||
328 | } |
||
329 | return SQLITE_OK |
||
330 | } |
||
331 | catchsql {SELECT * FROM t2 WHERE b=2} |
||
332 | } {0 {}} |
||
333 | do_test auth-1.38 { |
||
334 | proc auth {code arg1 arg2 arg3 arg4} { |
||
335 | if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="a"} { |
||
336 | return SQLITE_IGNORE |
||
337 | } |
||
338 | return SQLITE_OK |
||
339 | } |
||
340 | catchsql {SELECT * FROM t2 WHERE b=2} |
||
341 | } {0 {{} 2 3}} |
||
342 | do_test auth-1.39 { |
||
343 | proc auth {code arg1 arg2 arg3 arg4} { |
||
344 | if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="b"} { |
||
345 | return SQLITE_IGNORE |
||
346 | } |
||
347 | return SQLITE_OK |
||
348 | } |
||
349 | catchsql {SELECT * FROM t2 WHERE b IS NULL} |
||
350 | } {0 {1 {} 3}} |
||
351 | do_test auth-1.40 { |
||
352 | proc auth {code arg1 arg2 arg3 arg4} { |
||
353 | if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="b"} { |
||
354 | return SQLITE_DENY |
||
355 | } |
||
356 | return SQLITE_OK |
||
357 | } |
||
358 | catchsql {SELECT a,c FROM t2 WHERE b IS NULL} |
||
359 | } {1 {access to t2.b is prohibited}} |
||
360 | |||
361 | do_test auth-1.41 { |
||
362 | proc auth {code arg1 arg2 arg3 arg4} { |
||
363 | if {$code=="SQLITE_UPDATE" && $arg1=="t2" && $arg2=="b"} { |
||
364 | return SQLITE_DENY |
||
365 | } |
||
366 | return SQLITE_OK |
||
367 | } |
||
368 | catchsql {UPDATE t2 SET a=11} |
||
369 | } {0 {}} |
||
370 | do_test auth-1.42 { |
||
371 | execsql {SELECT * FROM t2} |
||
372 | } {11 2 3} |
||
373 | do_test auth-1.43 { |
||
374 | proc auth {code arg1 arg2 arg3 arg4} { |
||
375 | if {$code=="SQLITE_UPDATE" && $arg1=="t2" && $arg2=="b"} { |
||
376 | return SQLITE_DENY |
||
377 | } |
||
378 | return SQLITE_OK |
||
379 | } |
||
380 | catchsql {UPDATE t2 SET b=22, c=33} |
||
381 | } {1 {not authorized}} |
||
382 | do_test auth-1.44 { |
||
383 | execsql {SELECT * FROM t2} |
||
384 | } {11 2 3} |
||
385 | do_test auth-1.45 { |
||
386 | proc auth {code arg1 arg2 arg3 arg4} { |
||
387 | if {$code=="SQLITE_UPDATE" && $arg1=="t2" && $arg2=="b"} { |
||
388 | return SQLITE_IGNORE |
||
389 | } |
||
390 | return SQLITE_OK |
||
391 | } |
||
392 | catchsql {UPDATE t2 SET b=22, c=33} |
||
393 | } {0 {}} |
||
394 | do_test auth-1.46 { |
||
395 | execsql {SELECT * FROM t2} |
||
396 | } {11 2 33} |
||
397 | |||
398 | do_test auth-1.47 { |
||
399 | proc auth {code arg1 arg2 arg3 arg4} { |
||
400 | if {$code=="SQLITE_DELETE" && $arg1=="t2"} { |
||
401 | return SQLITE_DENY |
||
402 | } |
||
403 | return SQLITE_OK |
||
404 | } |
||
405 | catchsql {DELETE FROM t2 WHERE a=11} |
||
406 | } {1 {not authorized}} |
||
407 | do_test auth-1.48 { |
||
408 | execsql {SELECT * FROM t2} |
||
409 | } {11 2 33} |
||
410 | do_test auth-1.49 { |
||
411 | proc auth {code arg1 arg2 arg3 arg4} { |
||
412 | if {$code=="SQLITE_DELETE" && $arg1=="t2"} { |
||
413 | return SQLITE_IGNORE |
||
414 | } |
||
415 | return SQLITE_OK |
||
416 | } |
||
417 | catchsql {DELETE FROM t2 WHERE a=11} |
||
418 | } {0 {}} |
||
419 | do_test auth-1.50 { |
||
420 | execsql {SELECT * FROM t2} |
||
421 | } {} |
||
422 | do_test auth-1.50.2 { |
||
423 | execsql {INSERT INTO t2 VALUES(11, 2, 33)} |
||
424 | } {} |
||
425 | |||
426 | do_test auth-1.51 { |
||
427 | proc auth {code arg1 arg2 arg3 arg4} { |
||
428 | if {$code=="SQLITE_SELECT"} { |
||
429 | return SQLITE_DENY |
||
430 | } |
||
431 | return SQLITE_OK |
||
432 | } |
||
433 | catchsql {SELECT * FROM t2} |
||
434 | } {1 {not authorized}} |
||
435 | do_test auth-1.52 { |
||
436 | proc auth {code arg1 arg2 arg3 arg4} { |
||
437 | if {$code=="SQLITE_SELECT"} { |
||
438 | return SQLITE_IGNORE |
||
439 | } |
||
440 | return SQLITE_OK |
||
441 | } |
||
442 | catchsql {SELECT * FROM t2} |
||
443 | } {0 {}} |
||
444 | do_test auth-1.53 { |
||
445 | proc auth {code arg1 arg2 arg3 arg4} { |
||
446 | if {$code=="SQLITE_SELECT"} { |
||
447 | return SQLITE_OK |
||
448 | } |
||
449 | return SQLITE_OK |
||
450 | } |
||
451 | catchsql {SELECT * FROM t2} |
||
452 | } {0 {11 2 33}} |
||
453 | |||
454 | # Update for version 3: There used to be a handful of test here that |
||
455 | # tested the authorisation callback with the COPY command. The following |
||
456 | # test makes the same database modifications as they used to. |
||
457 | do_test auth-1.54 { |
||
458 | execsql {INSERT INTO t2 VALUES(7, 8, 9);} |
||
459 | } {} |
||
460 | do_test auth-1.55 { |
||
461 | execsql {SELECT * FROM t2} |
||
462 | } {11 2 33 7 8 9} |
||
463 | |||
464 | do_test auth-1.63 { |
||
465 | proc auth {code arg1 arg2 arg3 arg4} { |
||
466 | if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} { |
||
467 | return SQLITE_DENY |
||
468 | } |
||
469 | return SQLITE_OK |
||
470 | } |
||
471 | catchsql {DROP TABLE t2} |
||
472 | } {1 {not authorized}} |
||
473 | do_test auth-1.64 { |
||
474 | execsql {SELECT name FROM sqlite_master} |
||
475 | } {t2} |
||
476 | do_test auth-1.65 { |
||
477 | proc auth {code arg1 arg2 arg3 arg4} { |
||
478 | if {$code=="SQLITE_DELETE" && $arg1=="t2"} { |
||
479 | return SQLITE_DENY |
||
480 | } |
||
481 | return SQLITE_OK |
||
482 | } |
||
483 | catchsql {DROP TABLE t2} |
||
484 | } {1 {not authorized}} |
||
485 | do_test auth-1.66 { |
||
486 | execsql {SELECT name FROM sqlite_master} |
||
487 | } {t2} |
||
488 | |||
489 | ifcapable tempdb { |
||
490 | do_test auth-1.67 { |
||
491 | proc auth {code arg1 arg2 arg3 arg4} { |
||
492 | if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} { |
||
493 | return SQLITE_DENY |
||
494 | } |
||
495 | return SQLITE_OK |
||
496 | } |
||
497 | catchsql {DROP TABLE t1} |
||
498 | } {1 {not authorized}} |
||
499 | do_test auth-1.68 { |
||
500 | execsql {SELECT name FROM sqlite_temp_master} |
||
501 | } {t1} |
||
502 | do_test auth-1.69 { |
||
503 | proc auth {code arg1 arg2 arg3 arg4} { |
||
504 | if {$code=="SQLITE_DELETE" && $arg1=="t1"} { |
||
505 | return SQLITE_DENY |
||
506 | } |
||
507 | return SQLITE_OK |
||
508 | } |
||
509 | catchsql {DROP TABLE t1} |
||
510 | } {1 {not authorized}} |
||
511 | do_test auth-1.70 { |
||
512 | execsql {SELECT name FROM sqlite_temp_master} |
||
513 | } {t1} |
||
514 | } |
||
515 | |||
516 | do_test auth-1.71 { |
||
517 | proc auth {code arg1 arg2 arg3 arg4} { |
||
518 | if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} { |
||
519 | return SQLITE_IGNORE |
||
520 | } |
||
521 | return SQLITE_OK |
||
522 | } |
||
523 | catchsql {DROP TABLE t2} |
||
524 | } {0 {}} |
||
525 | do_test auth-1.72 { |
||
526 | execsql {SELECT name FROM sqlite_master} |
||
527 | } {t2} |
||
528 | do_test auth-1.73 { |
||
529 | proc auth {code arg1 arg2 arg3 arg4} { |
||
530 | if {$code=="SQLITE_DELETE" && $arg1=="t2"} { |
||
531 | return SQLITE_IGNORE |
||
532 | } |
||
533 | return SQLITE_OK |
||
534 | } |
||
535 | catchsql {DROP TABLE t2} |
||
536 | } {0 {}} |
||
537 | do_test auth-1.74 { |
||
538 | execsql {SELECT name FROM sqlite_master} |
||
539 | } {t2} |
||
540 | |||
541 | ifcapable tempdb { |
||
542 | do_test auth-1.75 { |
||
543 | proc auth {code arg1 arg2 arg3 arg4} { |
||
544 | if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} { |
||
545 | return SQLITE_IGNORE |
||
546 | } |
||
547 | return SQLITE_OK |
||
548 | } |
||
549 | catchsql {DROP TABLE t1} |
||
550 | } {0 {}} |
||
551 | do_test auth-1.76 { |
||
552 | execsql {SELECT name FROM sqlite_temp_master} |
||
553 | } {t1} |
||
554 | do_test auth-1.77 { |
||
555 | proc auth {code arg1 arg2 arg3 arg4} { |
||
556 | if {$code=="SQLITE_DELETE" && $arg1=="t1"} { |
||
557 | return SQLITE_IGNORE |
||
558 | } |
||
559 | return SQLITE_OK |
||
560 | } |
||
561 | catchsql {DROP TABLE t1} |
||
562 | } {0 {}} |
||
563 | do_test auth-1.78 { |
||
564 | execsql {SELECT name FROM sqlite_temp_master} |
||
565 | } {t1} |
||
566 | } |
||
567 | |||
568 | # Test cases auth-1.79 to auth-1.124 test creating and dropping views. |
||
569 | # Omit these if the library was compiled with views omitted. |
||
570 | ifcapable view { |
||
571 | do_test auth-1.79 { |
||
572 | proc auth {code arg1 arg2 arg3 arg4} { |
||
573 | if {$code=="SQLITE_CREATE_VIEW"} { |
||
574 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
575 | return SQLITE_DENY |
||
576 | } |
||
577 | return SQLITE_OK |
||
578 | } |
||
579 | catchsql {CREATE VIEW v1 AS SELECT a+1,b+1 FROM t2} |
||
580 | } {1 {not authorized}} |
||
581 | do_test auth-1.80 { |
||
582 | set ::authargs |
||
583 | } {v1 {} main {}} |
||
584 | do_test auth-1.81 { |
||
585 | execsql {SELECT name FROM sqlite_master} |
||
586 | } {t2} |
||
587 | do_test auth-1.82 { |
||
588 | proc auth {code arg1 arg2 arg3 arg4} { |
||
589 | if {$code=="SQLITE_CREATE_VIEW"} { |
||
590 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
591 | return SQLITE_IGNORE |
||
592 | } |
||
593 | return SQLITE_OK |
||
594 | } |
||
595 | catchsql {CREATE VIEW v1 AS SELECT a+1,b+1 FROM t2} |
||
596 | } {0 {}} |
||
597 | do_test auth-1.83 { |
||
598 | set ::authargs |
||
599 | } {v1 {} main {}} |
||
600 | do_test auth-1.84 { |
||
601 | execsql {SELECT name FROM sqlite_master} |
||
602 | } {t2} |
||
603 | |||
604 | ifcapable tempdb { |
||
605 | do_test auth-1.85 { |
||
606 | proc auth {code arg1 arg2 arg3 arg4} { |
||
607 | if {$code=="SQLITE_CREATE_TEMP_VIEW"} { |
||
608 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
609 | return SQLITE_DENY |
||
610 | } |
||
611 | return SQLITE_OK |
||
612 | } |
||
613 | catchsql {CREATE TEMPORARY VIEW v1 AS SELECT a+1,b+1 FROM t2} |
||
614 | } {1 {not authorized}} |
||
615 | do_test auth-1.86 { |
||
616 | set ::authargs |
||
617 | } {v1 {} temp {}} |
||
618 | do_test auth-1.87 { |
||
619 | execsql {SELECT name FROM sqlite_temp_master} |
||
620 | } {t1} |
||
621 | do_test auth-1.88 { |
||
622 | proc auth {code arg1 arg2 arg3 arg4} { |
||
623 | if {$code=="SQLITE_CREATE_TEMP_VIEW"} { |
||
624 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
625 | return SQLITE_IGNORE |
||
626 | } |
||
627 | return SQLITE_OK |
||
628 | } |
||
629 | catchsql {CREATE TEMPORARY VIEW v1 AS SELECT a+1,b+1 FROM t2} |
||
630 | } {0 {}} |
||
631 | do_test auth-1.89 { |
||
632 | set ::authargs |
||
633 | } {v1 {} temp {}} |
||
634 | do_test auth-1.90 { |
||
635 | execsql {SELECT name FROM sqlite_temp_master} |
||
636 | } {t1} |
||
637 | } |
||
638 | |||
639 | do_test auth-1.91 { |
||
640 | proc auth {code arg1 arg2 arg3 arg4} { |
||
641 | if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} { |
||
642 | return SQLITE_DENY |
||
643 | } |
||
644 | return SQLITE_OK |
||
645 | } |
||
646 | catchsql {CREATE VIEW v1 AS SELECT a+1,b+1 FROM t2} |
||
647 | } {1 {not authorized}} |
||
648 | do_test auth-1.92 { |
||
649 | execsql {SELECT name FROM sqlite_master} |
||
650 | } {t2} |
||
651 | do_test auth-1.93 { |
||
652 | proc auth {code arg1 arg2 arg3 arg4} { |
||
653 | if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} { |
||
654 | return SQLITE_IGNORE |
||
655 | } |
||
656 | return SQLITE_OK |
||
657 | } |
||
658 | catchsql {CREATE VIEW v1 AS SELECT a+1,b+1 FROM t2} |
||
659 | } {0 {}} |
||
660 | do_test auth-1.94 { |
||
661 | execsql {SELECT name FROM sqlite_master} |
||
662 | } {t2} |
||
663 | |||
664 | ifcapable tempdb { |
||
665 | do_test auth-1.95 { |
||
666 | proc auth {code arg1 arg2 arg3 arg4} { |
||
667 | if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} { |
||
668 | return SQLITE_DENY |
||
669 | } |
||
670 | return SQLITE_OK |
||
671 | } |
||
672 | catchsql {CREATE TEMPORARY VIEW v1 AS SELECT a+1,b+1 FROM t2} |
||
673 | } {1 {not authorized}} |
||
674 | do_test auth-1.96 { |
||
675 | execsql {SELECT name FROM sqlite_temp_master} |
||
676 | } {t1} |
||
677 | do_test auth-1.97 { |
||
678 | proc auth {code arg1 arg2 arg3 arg4} { |
||
679 | if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} { |
||
680 | return SQLITE_IGNORE |
||
681 | } |
||
682 | return SQLITE_OK |
||
683 | } |
||
684 | catchsql {CREATE TEMPORARY VIEW v1 AS SELECT a+1,b+1 FROM t2} |
||
685 | } {0 {}} |
||
686 | do_test auth-1.98 { |
||
687 | execsql {SELECT name FROM sqlite_temp_master} |
||
688 | } {t1} |
||
689 | } |
||
690 | |||
691 | do_test auth-1.99 { |
||
692 | proc auth {code arg1 arg2 arg3 arg4} { |
||
693 | if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} { |
||
694 | return SQLITE_DENY |
||
695 | } |
||
696 | return SQLITE_OK |
||
697 | } |
||
698 | catchsql { |
||
699 | CREATE VIEW v2 AS SELECT a+1,b+1 FROM t2; |
||
700 | DROP VIEW v2 |
||
701 | } |
||
702 | } {1 {not authorized}} |
||
703 | do_test auth-1.100 { |
||
704 | execsql {SELECT name FROM sqlite_master} |
||
705 | } {t2 v2} |
||
706 | do_test auth-1.101 { |
||
707 | proc auth {code arg1 arg2 arg3 arg4} { |
||
708 | if {$code=="SQLITE_DROP_VIEW"} { |
||
709 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
710 | return SQLITE_DENY |
||
711 | } |
||
712 | return SQLITE_OK |
||
713 | } |
||
714 | catchsql {DROP VIEW v2} |
||
715 | } {1 {not authorized}} |
||
716 | do_test auth-1.102 { |
||
717 | set ::authargs |
||
718 | } {v2 {} main {}} |
||
719 | do_test auth-1.103 { |
||
720 | execsql {SELECT name FROM sqlite_master} |
||
721 | } {t2 v2} |
||
722 | do_test auth-1.104 { |
||
723 | proc auth {code arg1 arg2 arg3 arg4} { |
||
724 | if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} { |
||
725 | return SQLITE_IGNORE |
||
726 | } |
||
727 | return SQLITE_OK |
||
728 | } |
||
729 | catchsql {DROP VIEW v2} |
||
730 | } {0 {}} |
||
731 | do_test auth-1.105 { |
||
732 | execsql {SELECT name FROM sqlite_master} |
||
733 | } {t2 v2} |
||
734 | do_test auth-1.106 { |
||
735 | proc auth {code arg1 arg2 arg3 arg4} { |
||
736 | if {$code=="SQLITE_DROP_VIEW"} { |
||
737 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
738 | return SQLITE_IGNORE |
||
739 | } |
||
740 | return SQLITE_OK |
||
741 | } |
||
742 | catchsql {DROP VIEW v2} |
||
743 | } {0 {}} |
||
744 | do_test auth-1.107 { |
||
745 | set ::authargs |
||
746 | } {v2 {} main {}} |
||
747 | do_test auth-1.108 { |
||
748 | execsql {SELECT name FROM sqlite_master} |
||
749 | } {t2 v2} |
||
750 | do_test auth-1.109 { |
||
751 | proc auth {code arg1 arg2 arg3 arg4} { |
||
752 | if {$code=="SQLITE_DROP_VIEW"} { |
||
753 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
754 | return SQLITE_OK |
||
755 | } |
||
756 | return SQLITE_OK |
||
757 | } |
||
758 | catchsql {DROP VIEW v2} |
||
759 | } {0 {}} |
||
760 | do_test auth-1.110 { |
||
761 | set ::authargs |
||
762 | } {v2 {} main {}} |
||
763 | do_test auth-1.111 { |
||
764 | execsql {SELECT name FROM sqlite_master} |
||
765 | } {t2} |
||
766 | |||
767 | |||
768 | ifcapable tempdb { |
||
769 | do_test auth-1.112 { |
||
770 | proc auth {code arg1 arg2 arg3 arg4} { |
||
771 | if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} { |
||
772 | return SQLITE_DENY |
||
773 | } |
||
774 | return SQLITE_OK |
||
775 | } |
||
776 | catchsql { |
||
777 | CREATE TEMP VIEW v1 AS SELECT a+1,b+1 FROM t1; |
||
778 | DROP VIEW v1 |
||
779 | } |
||
780 | } {1 {not authorized}} |
||
781 | do_test auth-1.113 { |
||
782 | execsql {SELECT name FROM sqlite_temp_master} |
||
783 | } {t1 v1} |
||
784 | do_test auth-1.114 { |
||
785 | proc auth {code arg1 arg2 arg3 arg4} { |
||
786 | if {$code=="SQLITE_DROP_TEMP_VIEW"} { |
||
787 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
788 | return SQLITE_DENY |
||
789 | } |
||
790 | return SQLITE_OK |
||
791 | } |
||
792 | catchsql {DROP VIEW v1} |
||
793 | } {1 {not authorized}} |
||
794 | do_test auth-1.115 { |
||
795 | set ::authargs |
||
796 | } {v1 {} temp {}} |
||
797 | do_test auth-1.116 { |
||
798 | execsql {SELECT name FROM sqlite_temp_master} |
||
799 | } {t1 v1} |
||
800 | do_test auth-1.117 { |
||
801 | proc auth {code arg1 arg2 arg3 arg4} { |
||
802 | if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} { |
||
803 | return SQLITE_IGNORE |
||
804 | } |
||
805 | return SQLITE_OK |
||
806 | } |
||
807 | catchsql {DROP VIEW v1} |
||
808 | } {0 {}} |
||
809 | do_test auth-1.118 { |
||
810 | execsql {SELECT name FROM sqlite_temp_master} |
||
811 | } {t1 v1} |
||
812 | do_test auth-1.119 { |
||
813 | proc auth {code arg1 arg2 arg3 arg4} { |
||
814 | if {$code=="SQLITE_DROP_TEMP_VIEW"} { |
||
815 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
816 | return SQLITE_IGNORE |
||
817 | } |
||
818 | return SQLITE_OK |
||
819 | } |
||
820 | catchsql {DROP VIEW v1} |
||
821 | } {0 {}} |
||
822 | do_test auth-1.120 { |
||
823 | set ::authargs |
||
824 | } {v1 {} temp {}} |
||
825 | do_test auth-1.121 { |
||
826 | execsql {SELECT name FROM sqlite_temp_master} |
||
827 | } {t1 v1} |
||
828 | do_test auth-1.122 { |
||
829 | proc auth {code arg1 arg2 arg3 arg4} { |
||
830 | if {$code=="SQLITE_DROP_TEMP_VIEW"} { |
||
831 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
832 | return SQLITE_OK |
||
833 | } |
||
834 | return SQLITE_OK |
||
835 | } |
||
836 | catchsql {DROP VIEW v1} |
||
837 | } {0 {}} |
||
838 | do_test auth-1.123 { |
||
839 | set ::authargs |
||
840 | } {v1 {} temp {}} |
||
841 | do_test auth-1.124 { |
||
842 | execsql {SELECT name FROM sqlite_temp_master} |
||
843 | } {t1} |
||
844 | } |
||
845 | } ;# ifcapable view |
||
846 | |||
847 | # Test cases auth-1.125 to auth-1.176 test creating and dropping triggers. |
||
848 | # Omit these if the library was compiled with triggers omitted. |
||
849 | # |
||
850 | ifcapable trigger&&tempdb { |
||
851 | do_test auth-1.125 { |
||
852 | proc auth {code arg1 arg2 arg3 arg4} { |
||
853 | if {$code=="SQLITE_CREATE_TRIGGER"} { |
||
854 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
855 | return SQLITE_DENY |
||
856 | } |
||
857 | return SQLITE_OK |
||
858 | } |
||
859 | catchsql { |
||
860 | CREATE TRIGGER r2 DELETE on t2 BEGIN |
||
861 | SELECT NULL; |
||
862 | END; |
||
863 | } |
||
864 | } {1 {not authorized}} |
||
865 | do_test auth-1.126 { |
||
866 | set ::authargs |
||
867 | } {r2 t2 main {}} |
||
868 | do_test auth-1.127 { |
||
869 | execsql {SELECT name FROM sqlite_master} |
||
870 | } {t2} |
||
871 | do_test auth-1.128 { |
||
872 | proc auth {code arg1 arg2 arg3 arg4} { |
||
873 | if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} { |
||
874 | return SQLITE_DENY |
||
875 | } |
||
876 | return SQLITE_OK |
||
877 | } |
||
878 | catchsql { |
||
879 | CREATE TRIGGER r2 DELETE on t2 BEGIN |
||
880 | SELECT NULL; |
||
881 | END; |
||
882 | } |
||
883 | } {1 {not authorized}} |
||
884 | do_test auth-1.129 { |
||
885 | execsql {SELECT name FROM sqlite_master} |
||
886 | } {t2} |
||
887 | do_test auth-1.130 { |
||
888 | proc auth {code arg1 arg2 arg3 arg4} { |
||
889 | if {$code=="SQLITE_CREATE_TRIGGER"} { |
||
890 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
891 | return SQLITE_IGNORE |
||
892 | } |
||
893 | return SQLITE_OK |
||
894 | } |
||
895 | catchsql { |
||
896 | CREATE TRIGGER r2 DELETE on t2 BEGIN |
||
897 | SELECT NULL; |
||
898 | END; |
||
899 | } |
||
900 | } {0 {}} |
||
901 | do_test auth-1.131 { |
||
902 | set ::authargs |
||
903 | } {r2 t2 main {}} |
||
904 | do_test auth-1.132 { |
||
905 | execsql {SELECT name FROM sqlite_master} |
||
906 | } {t2} |
||
907 | do_test auth-1.133 { |
||
908 | proc auth {code arg1 arg2 arg3 arg4} { |
||
909 | if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} { |
||
910 | return SQLITE_IGNORE |
||
911 | } |
||
912 | return SQLITE_OK |
||
913 | } |
||
914 | catchsql { |
||
915 | CREATE TRIGGER r2 DELETE on t2 BEGIN |
||
916 | SELECT NULL; |
||
917 | END; |
||
918 | } |
||
919 | } {0 {}} |
||
920 | do_test auth-1.134 { |
||
921 | execsql {SELECT name FROM sqlite_master} |
||
922 | } {t2} |
||
923 | do_test auth-1.135 { |
||
924 | proc auth {code arg1 arg2 arg3 arg4} { |
||
925 | if {$code=="SQLITE_CREATE_TRIGGER"} { |
||
926 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
927 | return SQLITE_OK |
||
928 | } |
||
929 | return SQLITE_OK |
||
930 | } |
||
931 | catchsql { |
||
932 | CREATE TABLE tx(id); |
||
933 | CREATE TRIGGER r2 AFTER INSERT ON t2 BEGIN |
||
934 | INSERT INTO tx VALUES(NEW.rowid); |
||
935 | END; |
||
936 | } |
||
937 | } {0 {}} |
||
938 | do_test auth-1.136.1 { |
||
939 | set ::authargs |
||
940 | } {r2 t2 main {}} |
||
941 | do_test auth-1.136.2 { |
||
942 | execsql { |
||
943 | SELECT name FROM sqlite_master WHERE type='trigger' |
||
944 | } |
||
945 | } {r2} |
||
946 | do_test auth-1.136.3 { |
||
947 | proc auth {code arg1 arg2 arg3 arg4} { |
||
948 | lappend ::authargs $code $arg1 $arg2 $arg3 $arg4 |
||
949 | return SQLITE_OK |
||
950 | } |
||
951 | set ::authargs {} |
||
952 | execsql { |
||
953 | INSERT INTO t2 VALUES(1,2,3); |
||
954 | } |
||
955 | set ::authargs |
||
956 | } {SQLITE_INSERT t2 {} main {} SQLITE_INSERT tx {} main r2 SQLITE_READ t2 ROWID main r2} |
||
957 | do_test auth-1.136.4 { |
||
958 | execsql { |
||
959 | SELECT * FROM tx; |
||
960 | } |
||
961 | } {3} |
||
962 | do_test auth-1.137 { |
||
963 | execsql {SELECT name FROM sqlite_master} |
||
964 | } {t2 tx r2} |
||
965 | do_test auth-1.138 { |
||
966 | proc auth {code arg1 arg2 arg3 arg4} { |
||
967 | if {$code=="SQLITE_CREATE_TEMP_TRIGGER"} { |
||
968 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
969 | return SQLITE_DENY |
||
970 | } |
||
971 | return SQLITE_OK |
||
972 | } |
||
973 | catchsql { |
||
974 | CREATE TRIGGER r1 DELETE on t1 BEGIN |
||
975 | SELECT NULL; |
||
976 | END; |
||
977 | } |
||
978 | } {1 {not authorized}} |
||
979 | do_test auth-1.139 { |
||
980 | set ::authargs |
||
981 | } {r1 t1 temp {}} |
||
982 | do_test auth-1.140 { |
||
983 | execsql {SELECT name FROM sqlite_temp_master} |
||
984 | } {t1} |
||
985 | do_test auth-1.141 { |
||
986 | proc auth {code arg1 arg2 arg3 arg4} { |
||
987 | if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} { |
||
988 | return SQLITE_DENY |
||
989 | } |
||
990 | return SQLITE_OK |
||
991 | } |
||
992 | catchsql { |
||
993 | CREATE TRIGGER r1 DELETE on t1 BEGIN |
||
994 | SELECT NULL; |
||
995 | END; |
||
996 | } |
||
997 | } {1 {not authorized}} |
||
998 | do_test auth-1.142 { |
||
999 | execsql {SELECT name FROM sqlite_temp_master} |
||
1000 | } {t1} |
||
1001 | do_test auth-1.143 { |
||
1002 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1003 | if {$code=="SQLITE_CREATE_TEMP_TRIGGER"} { |
||
1004 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1005 | return SQLITE_IGNORE |
||
1006 | } |
||
1007 | return SQLITE_OK |
||
1008 | } |
||
1009 | catchsql { |
||
1010 | CREATE TRIGGER r1 DELETE on t1 BEGIN |
||
1011 | SELECT NULL; |
||
1012 | END; |
||
1013 | } |
||
1014 | } {0 {}} |
||
1015 | do_test auth-1.144 { |
||
1016 | set ::authargs |
||
1017 | } {r1 t1 temp {}} |
||
1018 | do_test auth-1.145 { |
||
1019 | execsql {SELECT name FROM sqlite_temp_master} |
||
1020 | } {t1} |
||
1021 | do_test auth-1.146 { |
||
1022 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1023 | if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} { |
||
1024 | return SQLITE_IGNORE |
||
1025 | } |
||
1026 | return SQLITE_OK |
||
1027 | } |
||
1028 | catchsql { |
||
1029 | CREATE TRIGGER r1 DELETE on t1 BEGIN |
||
1030 | SELECT NULL; |
||
1031 | END; |
||
1032 | } |
||
1033 | } {0 {}} |
||
1034 | do_test auth-1.147 { |
||
1035 | execsql {SELECT name FROM sqlite_temp_master} |
||
1036 | } {t1} |
||
1037 | do_test auth-1.148 { |
||
1038 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1039 | if {$code=="SQLITE_CREATE_TEMP_TRIGGER"} { |
||
1040 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1041 | return SQLITE_OK |
||
1042 | } |
||
1043 | return SQLITE_OK |
||
1044 | } |
||
1045 | catchsql { |
||
1046 | CREATE TRIGGER r1 DELETE on t1 BEGIN |
||
1047 | SELECT NULL; |
||
1048 | END; |
||
1049 | } |
||
1050 | } {0 {}} |
||
1051 | do_test auth-1.149 { |
||
1052 | set ::authargs |
||
1053 | } {r1 t1 temp {}} |
||
1054 | do_test auth-1.150 { |
||
1055 | execsql {SELECT name FROM sqlite_temp_master} |
||
1056 | } {t1 r1} |
||
1057 | |||
1058 | do_test auth-1.151 { |
||
1059 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1060 | if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} { |
||
1061 | return SQLITE_DENY |
||
1062 | } |
||
1063 | return SQLITE_OK |
||
1064 | } |
||
1065 | catchsql {DROP TRIGGER r2} |
||
1066 | } {1 {not authorized}} |
||
1067 | do_test auth-1.152 { |
||
1068 | execsql {SELECT name FROM sqlite_master} |
||
1069 | } {t2 tx r2} |
||
1070 | do_test auth-1.153 { |
||
1071 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1072 | if {$code=="SQLITE_DROP_TRIGGER"} { |
||
1073 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1074 | return SQLITE_DENY |
||
1075 | } |
||
1076 | return SQLITE_OK |
||
1077 | } |
||
1078 | catchsql {DROP TRIGGER r2} |
||
1079 | } {1 {not authorized}} |
||
1080 | do_test auth-1.154 { |
||
1081 | set ::authargs |
||
1082 | } {r2 t2 main {}} |
||
1083 | do_test auth-1.155 { |
||
1084 | execsql {SELECT name FROM sqlite_master} |
||
1085 | } {t2 tx r2} |
||
1086 | do_test auth-1.156 { |
||
1087 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1088 | if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} { |
||
1089 | return SQLITE_IGNORE |
||
1090 | } |
||
1091 | return SQLITE_OK |
||
1092 | } |
||
1093 | catchsql {DROP TRIGGER r2} |
||
1094 | } {0 {}} |
||
1095 | do_test auth-1.157 { |
||
1096 | execsql {SELECT name FROM sqlite_master} |
||
1097 | } {t2 tx r2} |
||
1098 | do_test auth-1.158 { |
||
1099 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1100 | if {$code=="SQLITE_DROP_TRIGGER"} { |
||
1101 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1102 | return SQLITE_IGNORE |
||
1103 | } |
||
1104 | return SQLITE_OK |
||
1105 | } |
||
1106 | catchsql {DROP TRIGGER r2} |
||
1107 | } {0 {}} |
||
1108 | do_test auth-1.159 { |
||
1109 | set ::authargs |
||
1110 | } {r2 t2 main {}} |
||
1111 | do_test auth-1.160 { |
||
1112 | execsql {SELECT name FROM sqlite_master} |
||
1113 | } {t2 tx r2} |
||
1114 | do_test auth-1.161 { |
||
1115 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1116 | if {$code=="SQLITE_DROP_TRIGGER"} { |
||
1117 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1118 | return SQLITE_OK |
||
1119 | } |
||
1120 | return SQLITE_OK |
||
1121 | } |
||
1122 | catchsql {DROP TRIGGER r2} |
||
1123 | } {0 {}} |
||
1124 | do_test auth-1.162 { |
||
1125 | set ::authargs |
||
1126 | } {r2 t2 main {}} |
||
1127 | do_test auth-1.163 { |
||
1128 | execsql { |
||
1129 | DROP TABLE tx; |
||
1130 | DELETE FROM t2 WHERE a=1 AND b=2 AND c=3; |
||
1131 | SELECT name FROM sqlite_master; |
||
1132 | } |
||
1133 | } {t2} |
||
1134 | |||
1135 | do_test auth-1.164 { |
||
1136 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1137 | if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} { |
||
1138 | return SQLITE_DENY |
||
1139 | } |
||
1140 | return SQLITE_OK |
||
1141 | } |
||
1142 | catchsql {DROP TRIGGER r1} |
||
1143 | } {1 {not authorized}} |
||
1144 | do_test auth-1.165 { |
||
1145 | execsql {SELECT name FROM sqlite_temp_master} |
||
1146 | } {t1 r1} |
||
1147 | do_test auth-1.166 { |
||
1148 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1149 | if {$code=="SQLITE_DROP_TEMP_TRIGGER"} { |
||
1150 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1151 | return SQLITE_DENY |
||
1152 | } |
||
1153 | return SQLITE_OK |
||
1154 | } |
||
1155 | catchsql {DROP TRIGGER r1} |
||
1156 | } {1 {not authorized}} |
||
1157 | do_test auth-1.167 { |
||
1158 | set ::authargs |
||
1159 | } {r1 t1 temp {}} |
||
1160 | do_test auth-1.168 { |
||
1161 | execsql {SELECT name FROM sqlite_temp_master} |
||
1162 | } {t1 r1} |
||
1163 | do_test auth-1.169 { |
||
1164 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1165 | if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} { |
||
1166 | return SQLITE_IGNORE |
||
1167 | } |
||
1168 | return SQLITE_OK |
||
1169 | } |
||
1170 | catchsql {DROP TRIGGER r1} |
||
1171 | } {0 {}} |
||
1172 | do_test auth-1.170 { |
||
1173 | execsql {SELECT name FROM sqlite_temp_master} |
||
1174 | } {t1 r1} |
||
1175 | do_test auth-1.171 { |
||
1176 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1177 | if {$code=="SQLITE_DROP_TEMP_TRIGGER"} { |
||
1178 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1179 | return SQLITE_IGNORE |
||
1180 | } |
||
1181 | return SQLITE_OK |
||
1182 | } |
||
1183 | catchsql {DROP TRIGGER r1} |
||
1184 | } {0 {}} |
||
1185 | do_test auth-1.172 { |
||
1186 | set ::authargs |
||
1187 | } {r1 t1 temp {}} |
||
1188 | do_test auth-1.173 { |
||
1189 | execsql {SELECT name FROM sqlite_temp_master} |
||
1190 | } {t1 r1} |
||
1191 | do_test auth-1.174 { |
||
1192 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1193 | if {$code=="SQLITE_DROP_TEMP_TRIGGER"} { |
||
1194 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1195 | return SQLITE_OK |
||
1196 | } |
||
1197 | return SQLITE_OK |
||
1198 | } |
||
1199 | catchsql {DROP TRIGGER r1} |
||
1200 | } {0 {}} |
||
1201 | do_test auth-1.175 { |
||
1202 | set ::authargs |
||
1203 | } {r1 t1 temp {}} |
||
1204 | do_test auth-1.176 { |
||
1205 | execsql {SELECT name FROM sqlite_temp_master} |
||
1206 | } {t1} |
||
1207 | } ;# ifcapable trigger |
||
1208 | |||
1209 | do_test auth-1.177 { |
||
1210 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1211 | if {$code=="SQLITE_CREATE_INDEX"} { |
||
1212 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1213 | return SQLITE_DENY |
||
1214 | } |
||
1215 | return SQLITE_OK |
||
1216 | } |
||
1217 | catchsql {CREATE INDEX i2 ON t2(a)} |
||
1218 | } {1 {not authorized}} |
||
1219 | do_test auth-1.178 { |
||
1220 | set ::authargs |
||
1221 | } {i2 t2 main {}} |
||
1222 | do_test auth-1.179 { |
||
1223 | execsql {SELECT name FROM sqlite_master} |
||
1224 | } {t2} |
||
1225 | do_test auth-1.180 { |
||
1226 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1227 | if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} { |
||
1228 | return SQLITE_DENY |
||
1229 | } |
||
1230 | return SQLITE_OK |
||
1231 | } |
||
1232 | catchsql {CREATE INDEX i2 ON t2(a)} |
||
1233 | } {1 {not authorized}} |
||
1234 | do_test auth-1.181 { |
||
1235 | execsql {SELECT name FROM sqlite_master} |
||
1236 | } {t2} |
||
1237 | do_test auth-1.182 { |
||
1238 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1239 | if {$code=="SQLITE_CREATE_INDEX"} { |
||
1240 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1241 | return SQLITE_IGNORE |
||
1242 | } |
||
1243 | return SQLITE_OK |
||
1244 | } |
||
1245 | catchsql {CREATE INDEX i2 ON t2(b)} |
||
1246 | } {0 {}} |
||
1247 | do_test auth-1.183 { |
||
1248 | set ::authargs |
||
1249 | } {i2 t2 main {}} |
||
1250 | do_test auth-1.184 { |
||
1251 | execsql {SELECT name FROM sqlite_master} |
||
1252 | } {t2} |
||
1253 | do_test auth-1.185 { |
||
1254 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1255 | if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} { |
||
1256 | return SQLITE_IGNORE |
||
1257 | } |
||
1258 | return SQLITE_OK |
||
1259 | } |
||
1260 | catchsql {CREATE INDEX i2 ON t2(b)} |
||
1261 | } {0 {}} |
||
1262 | do_test auth-1.186 { |
||
1263 | execsql {SELECT name FROM sqlite_master} |
||
1264 | } {t2} |
||
1265 | do_test auth-1.187 { |
||
1266 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1267 | if {$code=="SQLITE_CREATE_INDEX"} { |
||
1268 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1269 | return SQLITE_OK |
||
1270 | } |
||
1271 | return SQLITE_OK |
||
1272 | } |
||
1273 | catchsql {CREATE INDEX i2 ON t2(a)} |
||
1274 | } {0 {}} |
||
1275 | do_test auth-1.188 { |
||
1276 | set ::authargs |
||
1277 | } {i2 t2 main {}} |
||
1278 | do_test auth-1.189 { |
||
1279 | execsql {SELECT name FROM sqlite_master} |
||
1280 | } {t2 i2} |
||
1281 | |||
1282 | ifcapable tempdb { |
||
1283 | do_test auth-1.190 { |
||
1284 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1285 | if {$code=="SQLITE_CREATE_TEMP_INDEX"} { |
||
1286 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1287 | return SQLITE_DENY |
||
1288 | } |
||
1289 | return SQLITE_OK |
||
1290 | } |
||
1291 | catchsql {CREATE INDEX i1 ON t1(a)} |
||
1292 | } {1 {not authorized}} |
||
1293 | do_test auth-1.191 { |
||
1294 | set ::authargs |
||
1295 | } {i1 t1 temp {}} |
||
1296 | do_test auth-1.192 { |
||
1297 | execsql {SELECT name FROM sqlite_temp_master} |
||
1298 | } {t1} |
||
1299 | do_test auth-1.193 { |
||
1300 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1301 | if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} { |
||
1302 | return SQLITE_DENY |
||
1303 | } |
||
1304 | return SQLITE_OK |
||
1305 | } |
||
1306 | catchsql {CREATE INDEX i1 ON t1(b)} |
||
1307 | } {1 {not authorized}} |
||
1308 | do_test auth-1.194 { |
||
1309 | execsql {SELECT name FROM sqlite_temp_master} |
||
1310 | } {t1} |
||
1311 | do_test auth-1.195 { |
||
1312 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1313 | if {$code=="SQLITE_CREATE_TEMP_INDEX"} { |
||
1314 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1315 | return SQLITE_IGNORE |
||
1316 | } |
||
1317 | return SQLITE_OK |
||
1318 | } |
||
1319 | catchsql {CREATE INDEX i1 ON t1(b)} |
||
1320 | } {0 {}} |
||
1321 | do_test auth-1.196 { |
||
1322 | set ::authargs |
||
1323 | } {i1 t1 temp {}} |
||
1324 | do_test auth-1.197 { |
||
1325 | execsql {SELECT name FROM sqlite_temp_master} |
||
1326 | } {t1} |
||
1327 | do_test auth-1.198 { |
||
1328 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1329 | if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} { |
||
1330 | return SQLITE_IGNORE |
||
1331 | } |
||
1332 | return SQLITE_OK |
||
1333 | } |
||
1334 | catchsql {CREATE INDEX i1 ON t1(c)} |
||
1335 | } {0 {}} |
||
1336 | do_test auth-1.199 { |
||
1337 | execsql {SELECT name FROM sqlite_temp_master} |
||
1338 | } {t1} |
||
1339 | do_test auth-1.200 { |
||
1340 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1341 | if {$code=="SQLITE_CREATE_TEMP_INDEX"} { |
||
1342 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1343 | return SQLITE_OK |
||
1344 | } |
||
1345 | return SQLITE_OK |
||
1346 | } |
||
1347 | catchsql {CREATE INDEX i1 ON t1(a)} |
||
1348 | } {0 {}} |
||
1349 | do_test auth-1.201 { |
||
1350 | set ::authargs |
||
1351 | } {i1 t1 temp {}} |
||
1352 | do_test auth-1.202 { |
||
1353 | execsql {SELECT name FROM sqlite_temp_master} |
||
1354 | } {t1 i1} |
||
1355 | } |
||
1356 | |||
1357 | do_test auth-1.203 { |
||
1358 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1359 | if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} { |
||
1360 | return SQLITE_DENY |
||
1361 | } |
||
1362 | return SQLITE_OK |
||
1363 | } |
||
1364 | catchsql {DROP INDEX i2} |
||
1365 | } {1 {not authorized}} |
||
1366 | do_test auth-1.204 { |
||
1367 | execsql {SELECT name FROM sqlite_master} |
||
1368 | } {t2 i2} |
||
1369 | do_test auth-1.205 { |
||
1370 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1371 | if {$code=="SQLITE_DROP_INDEX"} { |
||
1372 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1373 | return SQLITE_DENY |
||
1374 | } |
||
1375 | return SQLITE_OK |
||
1376 | } |
||
1377 | catchsql {DROP INDEX i2} |
||
1378 | } {1 {not authorized}} |
||
1379 | do_test auth-1.206 { |
||
1380 | set ::authargs |
||
1381 | } {i2 t2 main {}} |
||
1382 | do_test auth-1.207 { |
||
1383 | execsql {SELECT name FROM sqlite_master} |
||
1384 | } {t2 i2} |
||
1385 | do_test auth-1.208 { |
||
1386 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1387 | if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} { |
||
1388 | return SQLITE_IGNORE |
||
1389 | } |
||
1390 | return SQLITE_OK |
||
1391 | } |
||
1392 | catchsql {DROP INDEX i2} |
||
1393 | } {0 {}} |
||
1394 | do_test auth-1.209 { |
||
1395 | execsql {SELECT name FROM sqlite_master} |
||
1396 | } {t2 i2} |
||
1397 | do_test auth-1.210 { |
||
1398 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1399 | if {$code=="SQLITE_DROP_INDEX"} { |
||
1400 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1401 | return SQLITE_IGNORE |
||
1402 | } |
||
1403 | return SQLITE_OK |
||
1404 | } |
||
1405 | catchsql {DROP INDEX i2} |
||
1406 | } {0 {}} |
||
1407 | do_test auth-1.211 { |
||
1408 | set ::authargs |
||
1409 | } {i2 t2 main {}} |
||
1410 | do_test auth-1.212 { |
||
1411 | execsql {SELECT name FROM sqlite_master} |
||
1412 | } {t2 i2} |
||
1413 | do_test auth-1.213 { |
||
1414 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1415 | if {$code=="SQLITE_DROP_INDEX"} { |
||
1416 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1417 | return SQLITE_OK |
||
1418 | } |
||
1419 | return SQLITE_OK |
||
1420 | } |
||
1421 | catchsql {DROP INDEX i2} |
||
1422 | } {0 {}} |
||
1423 | do_test auth-1.214 { |
||
1424 | set ::authargs |
||
1425 | } {i2 t2 main {}} |
||
1426 | do_test auth-1.215 { |
||
1427 | execsql {SELECT name FROM sqlite_master} |
||
1428 | } {t2} |
||
1429 | |||
1430 | ifcapable tempdb { |
||
1431 | do_test auth-1.216 { |
||
1432 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1433 | if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} { |
||
1434 | return SQLITE_DENY |
||
1435 | } |
||
1436 | return SQLITE_OK |
||
1437 | } |
||
1438 | catchsql {DROP INDEX i1} |
||
1439 | } {1 {not authorized}} |
||
1440 | do_test auth-1.217 { |
||
1441 | execsql {SELECT name FROM sqlite_temp_master} |
||
1442 | } {t1 i1} |
||
1443 | do_test auth-1.218 { |
||
1444 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1445 | if {$code=="SQLITE_DROP_TEMP_INDEX"} { |
||
1446 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1447 | return SQLITE_DENY |
||
1448 | } |
||
1449 | return SQLITE_OK |
||
1450 | } |
||
1451 | catchsql {DROP INDEX i1} |
||
1452 | } {1 {not authorized}} |
||
1453 | do_test auth-1.219 { |
||
1454 | set ::authargs |
||
1455 | } {i1 t1 temp {}} |
||
1456 | do_test auth-1.220 { |
||
1457 | execsql {SELECT name FROM sqlite_temp_master} |
||
1458 | } {t1 i1} |
||
1459 | do_test auth-1.221 { |
||
1460 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1461 | if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} { |
||
1462 | return SQLITE_IGNORE |
||
1463 | } |
||
1464 | return SQLITE_OK |
||
1465 | } |
||
1466 | catchsql {DROP INDEX i1} |
||
1467 | } {0 {}} |
||
1468 | do_test auth-1.222 { |
||
1469 | execsql {SELECT name FROM sqlite_temp_master} |
||
1470 | } {t1 i1} |
||
1471 | do_test auth-1.223 { |
||
1472 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1473 | if {$code=="SQLITE_DROP_TEMP_INDEX"} { |
||
1474 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1475 | return SQLITE_IGNORE |
||
1476 | } |
||
1477 | return SQLITE_OK |
||
1478 | } |
||
1479 | catchsql {DROP INDEX i1} |
||
1480 | } {0 {}} |
||
1481 | do_test auth-1.224 { |
||
1482 | set ::authargs |
||
1483 | } {i1 t1 temp {}} |
||
1484 | do_test auth-1.225 { |
||
1485 | execsql {SELECT name FROM sqlite_temp_master} |
||
1486 | } {t1 i1} |
||
1487 | do_test auth-1.226 { |
||
1488 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1489 | if {$code=="SQLITE_DROP_TEMP_INDEX"} { |
||
1490 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1491 | return SQLITE_OK |
||
1492 | } |
||
1493 | return SQLITE_OK |
||
1494 | } |
||
1495 | catchsql {DROP INDEX i1} |
||
1496 | } {0 {}} |
||
1497 | do_test auth-1.227 { |
||
1498 | set ::authargs |
||
1499 | } {i1 t1 temp {}} |
||
1500 | do_test auth-1.228 { |
||
1501 | execsql {SELECT name FROM sqlite_temp_master} |
||
1502 | } {t1} |
||
1503 | } |
||
1504 | |||
1505 | do_test auth-1.229 { |
||
1506 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1507 | if {$code=="SQLITE_PRAGMA"} { |
||
1508 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1509 | return SQLITE_DENY |
||
1510 | } |
||
1511 | return SQLITE_OK |
||
1512 | } |
||
1513 | catchsql {PRAGMA full_column_names=on} |
||
1514 | } {1 {not authorized}} |
||
1515 | do_test auth-1.230 { |
||
1516 | set ::authargs |
||
1517 | } {full_column_names on {} {}} |
||
1518 | do_test auth-1.231 { |
||
1519 | execsql2 {SELECT a FROM t2} |
||
1520 | } {a 11 a 7} |
||
1521 | do_test auth-1.232 { |
||
1522 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1523 | if {$code=="SQLITE_PRAGMA"} { |
||
1524 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1525 | return SQLITE_IGNORE |
||
1526 | } |
||
1527 | return SQLITE_OK |
||
1528 | } |
||
1529 | catchsql {PRAGMA full_column_names=on} |
||
1530 | } {0 {}} |
||
1531 | do_test auth-1.233 { |
||
1532 | set ::authargs |
||
1533 | } {full_column_names on {} {}} |
||
1534 | do_test auth-1.234 { |
||
1535 | execsql2 {SELECT a FROM t2} |
||
1536 | } {a 11 a 7} |
||
1537 | do_test auth-1.235 { |
||
1538 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1539 | if {$code=="SQLITE_PRAGMA"} { |
||
1540 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1541 | return SQLITE_OK |
||
1542 | } |
||
1543 | return SQLITE_OK |
||
1544 | } |
||
1545 | catchsql {PRAGMA full_column_names=on} |
||
1546 | } {0 {}} |
||
1547 | do_test auth-1.236 { |
||
1548 | execsql2 {SELECT a FROM t2} |
||
1549 | } {t2.a 11 t2.a 7} |
||
1550 | do_test auth-1.237 { |
||
1551 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1552 | if {$code=="SQLITE_PRAGMA"} { |
||
1553 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1554 | return SQLITE_OK |
||
1555 | } |
||
1556 | return SQLITE_OK |
||
1557 | } |
||
1558 | catchsql {PRAGMA full_column_names=OFF} |
||
1559 | } {0 {}} |
||
1560 | do_test auth-1.238 { |
||
1561 | set ::authargs |
||
1562 | } {full_column_names OFF {} {}} |
||
1563 | do_test auth-1.239 { |
||
1564 | execsql2 {SELECT a FROM t2} |
||
1565 | } {a 11 a 7} |
||
1566 | |||
1567 | do_test auth-1.240 { |
||
1568 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1569 | if {$code=="SQLITE_TRANSACTION"} { |
||
1570 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1571 | return SQLITE_DENY |
||
1572 | } |
||
1573 | return SQLITE_OK |
||
1574 | } |
||
1575 | catchsql {BEGIN} |
||
1576 | } {1 {not authorized}} |
||
1577 | do_test auth-1.241 { |
||
1578 | set ::authargs |
||
1579 | } {BEGIN {} {} {}} |
||
1580 | do_test auth-1.242 { |
||
1581 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1582 | if {$code=="SQLITE_TRANSACTION" && $arg1!="BEGIN"} { |
||
1583 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1584 | return SQLITE_DENY |
||
1585 | } |
||
1586 | return SQLITE_OK |
||
1587 | } |
||
1588 | catchsql {BEGIN; INSERT INTO t2 VALUES(44,55,66); COMMIT} |
||
1589 | } {1 {not authorized}} |
||
1590 | do_test auth-1.243 { |
||
1591 | set ::authargs |
||
1592 | } {COMMIT {} {} {}} |
||
1593 | do_test auth-1.244 { |
||
1594 | execsql {SELECT * FROM t2} |
||
1595 | } {11 2 33 7 8 9 44 55 66} |
||
1596 | do_test auth-1.245 { |
||
1597 | catchsql {ROLLBACK} |
||
1598 | } {1 {not authorized}} |
||
1599 | do_test auth-1.246 { |
||
1600 | set ::authargs |
||
1601 | } {ROLLBACK {} {} {}} |
||
1602 | do_test auth-1.247 { |
||
1603 | catchsql {END TRANSACTION} |
||
1604 | } {1 {not authorized}} |
||
1605 | do_test auth-1.248 { |
||
1606 | set ::authargs |
||
1607 | } {COMMIT {} {} {}} |
||
1608 | do_test auth-1.249 { |
||
1609 | db authorizer {} |
||
1610 | catchsql {ROLLBACK} |
||
1611 | } {0 {}} |
||
1612 | do_test auth-1.250 { |
||
1613 | execsql {SELECT * FROM t2} |
||
1614 | } {11 2 33 7 8 9} |
||
1615 | |||
1616 | # ticket #340 - authorization for ATTACH and DETACH. |
||
1617 | # |
||
1618 | ifcapable attach { |
||
1619 | do_test auth-1.251 { |
||
1620 | db authorizer ::auth |
||
1621 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1622 | if {$code=="SQLITE_ATTACH"} { |
||
1623 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1624 | } |
||
1625 | return SQLITE_OK |
||
1626 | } |
||
1627 | catchsql { |
||
1628 | ATTACH DATABASE ':memory:' AS test1 |
||
1629 | } |
||
1630 | } {0 {}} |
||
1631 | do_test auth-1.252a { |
||
1632 | set ::authargs |
||
1633 | } {:memory: {} {} {}} |
||
1634 | do_test auth-1.252b { |
||
1635 | db eval {DETACH test1} |
||
1636 | set ::attachfilename :memory: |
||
1637 | db eval {ATTACH $::attachfilename AS test1} |
||
1638 | set ::authargs |
||
1639 | } {{} {} {} {}} |
||
1640 | do_test auth-1.252c { |
||
1641 | db eval {DETACH test1} |
||
1642 | db eval {ATTACH ':mem' || 'ory:' AS test1} |
||
1643 | set ::authargs |
||
1644 | } {{} {} {} {}} |
||
1645 | do_test auth-1.253 { |
||
1646 | catchsql {DETACH DATABASE test1} |
||
1647 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1648 | if {$code=="SQLITE_ATTACH"} { |
||
1649 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1650 | return SQLITE_DENY |
||
1651 | } |
||
1652 | return SQLITE_OK |
||
1653 | } |
||
1654 | catchsql { |
||
1655 | ATTACH DATABASE ':memory:' AS test1; |
||
1656 | } |
||
1657 | } {1 {not authorized}} |
||
1658 | do_test auth-1.254 { |
||
1659 | lindex [execsql {PRAGMA database_list}] 7 |
||
1660 | } {} |
||
1661 | do_test auth-1.255 { |
||
1662 | catchsql {DETACH DATABASE test1} |
||
1663 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1664 | if {$code=="SQLITE_ATTACH"} { |
||
1665 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1666 | return SQLITE_IGNORE |
||
1667 | } |
||
1668 | return SQLITE_OK |
||
1669 | } |
||
1670 | catchsql { |
||
1671 | ATTACH DATABASE ':memory:' AS test1; |
||
1672 | } |
||
1673 | } {0 {}} |
||
1674 | do_test auth-1.256 { |
||
1675 | lindex [execsql {PRAGMA database_list}] 7 |
||
1676 | } {} |
||
1677 | do_test auth-1.257 { |
||
1678 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1679 | if {$code=="SQLITE_DETACH"} { |
||
1680 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1681 | return SQLITE_OK |
||
1682 | } |
||
1683 | return SQLITE_OK |
||
1684 | } |
||
1685 | execsql {ATTACH DATABASE ':memory:' AS test1} |
||
1686 | catchsql { |
||
1687 | DETACH DATABASE test1; |
||
1688 | } |
||
1689 | } {0 {}} |
||
1690 | do_test auth-1.258 { |
||
1691 | lindex [execsql {PRAGMA database_list}] 7 |
||
1692 | } {} |
||
1693 | do_test auth-1.259 { |
||
1694 | execsql {ATTACH DATABASE ':memory:' AS test1} |
||
1695 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1696 | if {$code=="SQLITE_DETACH"} { |
||
1697 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1698 | return SQLITE_IGNORE |
||
1699 | } |
||
1700 | return SQLITE_OK |
||
1701 | } |
||
1702 | catchsql { |
||
1703 | DETACH DATABASE test1; |
||
1704 | } |
||
1705 | } {0 {}} |
||
1706 | ifcapable tempdb { |
||
1707 | ifcapable schema_pragmas { |
||
1708 | do_test auth-1.260 { |
||
1709 | lindex [execsql {PRAGMA database_list}] 7 |
||
1710 | } {test1} |
||
1711 | } ;# ifcapable schema_pragmas |
||
1712 | do_test auth-1.261 { |
||
1713 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1714 | if {$code=="SQLITE_DETACH"} { |
||
1715 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1716 | return SQLITE_DENY |
||
1717 | } |
||
1718 | return SQLITE_OK |
||
1719 | } |
||
1720 | catchsql { |
||
1721 | DETACH DATABASE test1; |
||
1722 | } |
||
1723 | } {1 {not authorized}} |
||
1724 | ifcapable schema_pragmas { |
||
1725 | do_test auth-1.262 { |
||
1726 | lindex [execsql {PRAGMA database_list}] 7 |
||
1727 | } {test1} |
||
1728 | } ;# ifcapable schema_pragmas |
||
1729 | db authorizer {} |
||
1730 | execsql {DETACH DATABASE test1} |
||
1731 | db authorizer ::auth |
||
1732 | |||
1733 | # Authorization for ALTER TABLE. These tests are omitted if the library |
||
1734 | # was built without ALTER TABLE support. |
||
1735 | ifcapable altertable { |
||
1736 | |||
1737 | do_test auth-1.263 { |
||
1738 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1739 | if {$code=="SQLITE_ALTER_TABLE"} { |
||
1740 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1741 | return SQLITE_OK |
||
1742 | } |
||
1743 | return SQLITE_OK |
||
1744 | } |
||
1745 | catchsql { |
||
1746 | ALTER TABLE t1 RENAME TO t1x |
||
1747 | } |
||
1748 | } {0 {}} |
||
1749 | do_test auth-1.264 { |
||
1750 | execsql {SELECT name FROM sqlite_temp_master WHERE type='table'} |
||
1751 | } {t1x} |
||
1752 | do_test auth-1.265 { |
||
1753 | set authargs |
||
1754 | } {temp t1 {} {}} |
||
1755 | do_test auth-1.266 { |
||
1756 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1757 | if {$code=="SQLITE_ALTER_TABLE"} { |
||
1758 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1759 | return SQLITE_IGNORE |
||
1760 | } |
||
1761 | return SQLITE_OK |
||
1762 | } |
||
1763 | catchsql { |
||
1764 | ALTER TABLE t1x RENAME TO t1 |
||
1765 | } |
||
1766 | } {0 {}} |
||
1767 | do_test auth-1.267 { |
||
1768 | execsql {SELECT name FROM sqlite_temp_master WHERE type='table'} |
||
1769 | } {t1x} |
||
1770 | do_test auth-1.268 { |
||
1771 | set authargs |
||
1772 | } {temp t1x {} {}} |
||
1773 | do_test auth-1.269 { |
||
1774 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1775 | if {$code=="SQLITE_ALTER_TABLE"} { |
||
1776 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1777 | return SQLITE_DENY |
||
1778 | } |
||
1779 | return SQLITE_OK |
||
1780 | } |
||
1781 | catchsql { |
||
1782 | ALTER TABLE t1x RENAME TO t1 |
||
1783 | } |
||
1784 | } {1 {not authorized}} |
||
1785 | do_test auth-1.270 { |
||
1786 | execsql {SELECT name FROM sqlite_temp_master WHERE type='table'} |
||
1787 | } {t1x} |
||
1788 | |||
1789 | do_test auth-1.271 { |
||
1790 | set authargs |
||
1791 | } {temp t1x {} {}} |
||
1792 | } ;# ifcapable altertable |
||
1793 | |||
1794 | } else { |
||
1795 | db authorizer {} |
||
1796 | db eval { |
||
1797 | DETACH DATABASE test1; |
||
1798 | } |
||
1799 | } |
||
1800 | } |
||
1801 | |||
1802 | ifcapable altertable { |
||
1803 | db authorizer {} |
||
1804 | catchsql {ALTER TABLE t1x RENAME TO t1} |
||
1805 | db authorizer ::auth |
||
1806 | do_test auth-1.272 { |
||
1807 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1808 | if {$code=="SQLITE_ALTER_TABLE"} { |
||
1809 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1810 | return SQLITE_OK |
||
1811 | } |
||
1812 | return SQLITE_OK |
||
1813 | } |
||
1814 | catchsql { |
||
1815 | ALTER TABLE t2 RENAME TO t2x |
||
1816 | } |
||
1817 | } {0 {}} |
||
1818 | do_test auth-1.273 { |
||
1819 | execsql {SELECT name FROM sqlite_master WHERE type='table'} |
||
1820 | } {t2x} |
||
1821 | do_test auth-1.274 { |
||
1822 | set authargs |
||
1823 | } {main t2 {} {}} |
||
1824 | do_test auth-1.275 { |
||
1825 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1826 | if {$code=="SQLITE_ALTER_TABLE"} { |
||
1827 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1828 | return SQLITE_IGNORE |
||
1829 | } |
||
1830 | return SQLITE_OK |
||
1831 | } |
||
1832 | catchsql { |
||
1833 | ALTER TABLE t2x RENAME TO t2 |
||
1834 | } |
||
1835 | } {0 {}} |
||
1836 | do_test auth-1.276 { |
||
1837 | execsql {SELECT name FROM sqlite_master WHERE type='table'} |
||
1838 | } {t2x} |
||
1839 | do_test auth-1.277 { |
||
1840 | set authargs |
||
1841 | } {main t2x {} {}} |
||
1842 | do_test auth-1.278 { |
||
1843 | proc auth {code arg1 arg2 arg3 arg4} { |
||
1844 | if {$code=="SQLITE_ALTER_TABLE"} { |
||
1845 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
1846 | return SQLITE_DENY |
||
1847 | } |
||
1848 | return SQLITE_OK |
||
1849 | } |
||
1850 | catchsql { |
||
1851 | ALTER TABLE t2x RENAME TO t2 |
||
1852 | } |
||
1853 | } {1 {not authorized}} |
||
1854 | do_test auth-1.279 { |
||
1855 | execsql {SELECT name FROM sqlite_master WHERE type='table'} |
||
1856 | } {t2x} |
||
1857 | do_test auth-1.280 { |
||
1858 | set authargs |
||
1859 | } {main t2x {} {}} |
||
1860 | db authorizer {} |
||
1861 | catchsql {ALTER TABLE t2x RENAME TO t2} |
||
1862 | |||
1863 | } ;# ifcapable altertable |
||
1864 | |||
1865 | # Test the authorization callbacks for the REINDEX command. |
||
1866 | ifcapable reindex { |
||
1867 | |||
1868 | proc auth {code args} { |
||
1869 | if {$code=="SQLITE_REINDEX"} { |
||
1870 | set ::authargs [concat $::authargs $args] |
||
1871 | } |
||
1872 | return SQLITE_OK |
||
1873 | } |
||
1874 | db authorizer auth |
||
1875 | do_test auth-1.281 { |
||
1876 | execsql { |
||
1877 | CREATE TABLE t3(a PRIMARY KEY, b, c); |
||
1878 | CREATE INDEX t3_idx1 ON t3(c COLLATE BINARY); |
||
1879 | CREATE INDEX t3_idx2 ON t3(b COLLATE NOCASE); |
||
1880 | } |
||
1881 | } {} |
||
1882 | do_test auth-1.282 { |
||
1883 | set ::authargs {} |
||
1884 | execsql { |
||
1885 | REINDEX t3_idx1; |
||
1886 | } |
||
1887 | set ::authargs |
||
1888 | } {t3_idx1 {} main {}} |
||
1889 | do_test auth-1.283 { |
||
1890 | set ::authargs {} |
||
1891 | execsql { |
||
1892 | REINDEX BINARY; |
||
1893 | } |
||
1894 | set ::authargs |
||
1895 | } {t3_idx1 {} main {} sqlite_autoindex_t3_1 {} main {}} |
||
1896 | do_test auth-1.284 { |
||
1897 | set ::authargs {} |
||
1898 | execsql { |
||
1899 | REINDEX NOCASE; |
||
1900 | } |
||
1901 | set ::authargs |
||
1902 | } {t3_idx2 {} main {}} |
||
1903 | do_test auth-1.285 { |
||
1904 | set ::authargs {} |
||
1905 | execsql { |
||
1906 | REINDEX t3; |
||
1907 | } |
||
1908 | set ::authargs |
||
1909 | } {t3_idx2 {} main {} t3_idx1 {} main {} sqlite_autoindex_t3_1 {} main {}} |
||
1910 | do_test auth-1.286 { |
||
1911 | execsql { |
||
1912 | DROP TABLE t3; |
||
1913 | } |
||
1914 | } {} |
||
1915 | ifcapable tempdb { |
||
1916 | do_test auth-1.287 { |
||
1917 | execsql { |
||
1918 | CREATE TEMP TABLE t3(a PRIMARY KEY, b, c); |
||
1919 | CREATE INDEX t3_idx1 ON t3(c COLLATE BINARY); |
||
1920 | CREATE INDEX t3_idx2 ON t3(b COLLATE NOCASE); |
||
1921 | } |
||
1922 | } {} |
||
1923 | do_test auth-1.288 { |
||
1924 | set ::authargs {} |
||
1925 | execsql { |
||
1926 | REINDEX temp.t3_idx1; |
||
1927 | } |
||
1928 | set ::authargs |
||
1929 | } {t3_idx1 {} temp {}} |
||
1930 | do_test auth-1.289 { |
||
1931 | set ::authargs {} |
||
1932 | execsql { |
||
1933 | REINDEX BINARY; |
||
1934 | } |
||
1935 | set ::authargs |
||
1936 | } {t3_idx1 {} temp {} sqlite_autoindex_t3_1 {} temp {}} |
||
1937 | do_test auth-1.290 { |
||
1938 | set ::authargs {} |
||
1939 | execsql { |
||
1940 | REINDEX NOCASE; |
||
1941 | } |
||
1942 | set ::authargs |
||
1943 | } {t3_idx2 {} temp {}} |
||
1944 | do_test auth-1.291 { |
||
1945 | set ::authargs {} |
||
1946 | execsql { |
||
1947 | REINDEX temp.t3; |
||
1948 | } |
||
1949 | set ::authargs |
||
1950 | } {t3_idx2 {} temp {} t3_idx1 {} temp {} sqlite_autoindex_t3_1 {} temp {}} |
||
1951 | proc auth {code args} { |
||
1952 | if {$code=="SQLITE_REINDEX"} { |
||
1953 | set ::authargs [concat $::authargs $args] |
||
1954 | return SQLITE_DENY |
||
1955 | } |
||
1956 | return SQLITE_OK |
||
1957 | } |
||
1958 | do_test auth-1.292 { |
||
1959 | set ::authargs {} |
||
1960 | catchsql { |
||
1961 | REINDEX temp.t3; |
||
1962 | } |
||
1963 | } {1 {not authorized}} |
||
1964 | do_test auth-1.293 { |
||
1965 | execsql { |
||
1966 | DROP TABLE t3; |
||
1967 | } |
||
1968 | } {} |
||
1969 | } |
||
1970 | |||
1971 | } ;# ifcapable reindex |
||
1972 | |||
1973 | ifcapable analyze { |
||
1974 | proc auth {code args} { |
||
1975 | if {$code=="SQLITE_ANALYZE"} { |
||
1976 | set ::authargs [concat $::authargs $args] |
||
1977 | } |
||
1978 | return SQLITE_OK |
||
1979 | } |
||
1980 | do_test auth-1.294 { |
||
1981 | set ::authargs {} |
||
1982 | execsql { |
||
1983 | CREATE TABLE t4(a,b,c); |
||
1984 | CREATE INDEX t4i1 ON t4(a); |
||
1985 | CREATE INDEX t4i2 ON t4(b,a,c); |
||
1986 | INSERT INTO t4 VALUES(1,2,3); |
||
1987 | ANALYZE; |
||
1988 | } |
||
1989 | set ::authargs |
||
1990 | } {t4 {} main {} t2 {} main {}} |
||
1991 | do_test auth-1.295 { |
||
1992 | execsql { |
||
1993 | SELECT count(*) FROM sqlite_stat1; |
||
1994 | } |
||
1995 | } 3 |
||
1996 | proc auth {code args} { |
||
1997 | if {$code=="SQLITE_ANALYZE"} { |
||
1998 | set ::authargs [concat $::authargs $args] |
||
1999 | return SQLITE_DENY |
||
2000 | } |
||
2001 | return SQLITE_OK |
||
2002 | } |
||
2003 | do_test auth-1.296 { |
||
2004 | set ::authargs {} |
||
2005 | catchsql { |
||
2006 | ANALYZE; |
||
2007 | } |
||
2008 | } {1 {not authorized}} |
||
2009 | do_test auth-1.297 { |
||
2010 | execsql { |
||
2011 | SELECT count(*) FROM sqlite_stat1; |
||
2012 | } |
||
2013 | } 3 |
||
2014 | } ;# ifcapable analyze |
||
2015 | |||
2016 | |||
2017 | # Authorization for ALTER TABLE ADD COLUMN. |
||
2018 | # These tests are omitted if the library |
||
2019 | # was built without ALTER TABLE support. |
||
2020 | ifcapable {altertable} { |
||
2021 | do_test auth-1.300 { |
||
2022 | execsql {CREATE TABLE t5(x)} |
||
2023 | proc auth {code arg1 arg2 arg3 arg4} { |
||
2024 | if {$code=="SQLITE_ALTER_TABLE"} { |
||
2025 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
2026 | return SQLITE_OK |
||
2027 | } |
||
2028 | return SQLITE_OK |
||
2029 | } |
||
2030 | catchsql { |
||
2031 | ALTER TABLE t5 ADD COLUMN new_col_1; |
||
2032 | } |
||
2033 | } {0 {}} |
||
2034 | do_test auth-1.301 { |
||
2035 | set x [execsql {SELECT sql FROM sqlite_master WHERE name='t5'}] |
||
2036 | regexp new_col_1 $x |
||
2037 | } {1} |
||
2038 | do_test auth-1.302 { |
||
2039 | set authargs |
||
2040 | } {main t5 {} {}} |
||
2041 | do_test auth-1.303 { |
||
2042 | proc auth {code arg1 arg2 arg3 arg4} { |
||
2043 | if {$code=="SQLITE_ALTER_TABLE"} { |
||
2044 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
2045 | return SQLITE_IGNORE |
||
2046 | } |
||
2047 | return SQLITE_OK |
||
2048 | } |
||
2049 | catchsql { |
||
2050 | ALTER TABLE t5 ADD COLUMN new_col_2; |
||
2051 | } |
||
2052 | } {0 {}} |
||
2053 | do_test auth-1.304 { |
||
2054 | set x [execsql {SELECT sql FROM sqlite_master WHERE name='t5'}] |
||
2055 | regexp new_col_2 $x |
||
2056 | } {0} |
||
2057 | do_test auth-1.305 { |
||
2058 | set authargs |
||
2059 | } {main t5 {} {}} |
||
2060 | do_test auth-1.306 { |
||
2061 | proc auth {code arg1 arg2 arg3 arg4} { |
||
2062 | if {$code=="SQLITE_ALTER_TABLE"} { |
||
2063 | set ::authargs [list $arg1 $arg2 $arg3 $arg4] |
||
2064 | return SQLITE_DENY |
||
2065 | } |
||
2066 | return SQLITE_OK |
||
2067 | } |
||
2068 | catchsql { |
||
2069 | ALTER TABLE t5 ADD COLUMN new_col_3 |
||
2070 | } |
||
2071 | } {1 {not authorized}} |
||
2072 | do_test auth-1.307 { |
||
2073 | set x [execsql {SELECT sql FROM sqlite_temp_master WHERE type='t5'}] |
||
2074 | regexp new_col_3 $x |
||
2075 | } {0} |
||
2076 | |||
2077 | do_test auth-1.308 { |
||
2078 | set authargs |
||
2079 | } {main t5 {} {}} |
||
2080 | execsql {DROP TABLE t5} |
||
2081 | } ;# ifcapable altertable |
||
2082 | |||
2083 | do_test auth-2.1 { |
||
2084 | proc auth {code arg1 arg2 arg3 arg4} { |
||
2085 | if {$code=="SQLITE_READ" && $arg1=="t3" && $arg2=="x"} { |
||
2086 | return SQLITE_DENY |
||
2087 | } |
||
2088 | return SQLITE_OK |
||
2089 | } |
||
2090 | db authorizer ::auth |
||
2091 | execsql {CREATE TABLE t3(x INTEGER PRIMARY KEY, y, z)} |
||
2092 | catchsql {SELECT * FROM t3} |
||
2093 | } {1 {access to t3.x is prohibited}} |
||
2094 | do_test auth-2.1 { |
||
2095 | catchsql {SELECT y,z FROM t3} |
||
2096 | } {0 {}} |
||
2097 | do_test auth-2.2 { |
||
2098 | catchsql {SELECT ROWID,y,z FROM t3} |
||
2099 | } {1 {access to t3.x is prohibited}} |
||
2100 | do_test auth-2.3 { |
||
2101 | catchsql {SELECT OID,y,z FROM t3} |
||
2102 | } {1 {access to t3.x is prohibited}} |
||
2103 | do_test auth-2.4 { |
||
2104 | proc auth {code arg1 arg2 arg3 arg4} { |
||
2105 | if {$code=="SQLITE_READ" && $arg1=="t3" && $arg2=="x"} { |
||
2106 | return SQLITE_IGNORE |
||
2107 | } |
||
2108 | return SQLITE_OK |
||
2109 | } |
||
2110 | execsql {INSERT INTO t3 VALUES(44,55,66)} |
||
2111 | catchsql {SELECT * FROM t3} |
||
2112 | } {0 {{} 55 66}} |
||
2113 | do_test auth-2.5 { |
||
2114 | catchsql {SELECT rowid,y,z FROM t3} |
||
2115 | } {0 {{} 55 66}} |
||
2116 | do_test auth-2.6 { |
||
2117 | proc auth {code arg1 arg2 arg3 arg4} { |
||
2118 | if {$code=="SQLITE_READ" && $arg1=="t3" && $arg2=="ROWID"} { |
||
2119 | return SQLITE_IGNORE |
||
2120 | } |
||
2121 | return SQLITE_OK |
||
2122 | } |
||
2123 | catchsql {SELECT * FROM t3} |
||
2124 | } {0 {44 55 66}} |
||
2125 | do_test auth-2.7 { |
||
2126 | catchsql {SELECT ROWID,y,z FROM t3} |
||
2127 | } {0 {44 55 66}} |
||
2128 | do_test auth-2.8 { |
||
2129 | proc auth {code arg1 arg2 arg3 arg4} { |
||
2130 | if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="ROWID"} { |
||
2131 | return SQLITE_IGNORE |
||
2132 | } |
||
2133 | return SQLITE_OK |
||
2134 | } |
||
2135 | catchsql {SELECT ROWID,b,c FROM t2} |
||
2136 | } {0 {{} 2 33 {} 8 9}} |
||
2137 | do_test auth-2.9.1 { |
||
2138 | # We have to flush the cache here in case the Tcl interface tries to |
||
2139 | # reuse a statement compiled with sqlite3_prepare_v2(). In this case, |
||
2140 | # the first error encountered is an SQLITE_SCHEMA error. Then, when |
||
2141 | # trying to recompile the statement, the authorization error is encountered. |
||
2142 | # If we do not flush the cache, the correct error message is returned, but |
||
2143 | # the error code is SQLITE_SCHEMA, not SQLITE_ERROR as required by the test |
||
2144 | # case after this one. |
||
2145 | # |
||
2146 | db cache flush |
||
2147 | |||
2148 | proc auth {code arg1 arg2 arg3 arg4} { |
||
2149 | if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="ROWID"} { |
||
2150 | return bogus |
||
2151 | } |
||
2152 | return SQLITE_OK |
||
2153 | } |
||
2154 | catchsql {SELECT ROWID,b,c FROM t2} |
||
2155 | } {1 {authorizer malfunction}} |
||
2156 | do_test auth-2.9.2 { |
||
2157 | db errorcode |
||
2158 | } {1} |
||
2159 | do_test auth-2.10 { |
||
2160 | proc auth {code arg1 arg2 arg3 arg4} { |
||
2161 | if {$code=="SQLITE_SELECT"} { |
||
2162 | return bogus |
||
2163 | } |
||
2164 | return SQLITE_OK |
||
2165 | } |
||
2166 | catchsql {SELECT ROWID,b,c FROM t2} |
||
2167 | } {1 {authorizer malfunction}} |
||
2168 | do_test auth-2.11.1 { |
||
2169 | proc auth {code arg1 arg2 arg3 arg4} { |
||
2170 | if {$code=="SQLITE_READ" && $arg2=="a"} { |
||
2171 | return SQLITE_IGNORE |
||
2172 | } |
||
2173 | return SQLITE_OK |
||
2174 | } |
||
2175 | catchsql {SELECT * FROM t2, t3} |
||
2176 | } {0 {{} 2 33 44 55 66 {} 8 9 44 55 66}} |
||
2177 | do_test auth-2.11.2 { |
||
2178 | proc auth {code arg1 arg2 arg3 arg4} { |
||
2179 | if {$code=="SQLITE_READ" && $arg2=="x"} { |
||
2180 | return SQLITE_IGNORE |
||
2181 | } |
||
2182 | return SQLITE_OK |
||
2183 | } |
||
2184 | catchsql {SELECT * FROM t2, t3} |
||
2185 | } {0 {11 2 33 {} 55 66 7 8 9 {} 55 66}} |
||
2186 | |||
2187 | # Make sure the OLD and NEW pseudo-tables of a trigger get authorized. |
||
2188 | # |
||
2189 | ifcapable trigger { |
||
2190 | do_test auth-3.1 { |
||
2191 | proc auth {code arg1 arg2 arg3 arg4} { |
||
2192 | return SQLITE_OK |
||
2193 | } |
||
2194 | execsql { |
||
2195 | CREATE TABLE tx(a1,a2,b1,b2,c1,c2); |
||
2196 | CREATE TRIGGER r1 AFTER UPDATE ON t2 FOR EACH ROW BEGIN |
||
2197 | INSERT INTO tx VALUES(OLD.a,NEW.a,OLD.b,NEW.b,OLD.c,NEW.c); |
||
2198 | END; |
||
2199 | UPDATE t2 SET a=a+1; |
||
2200 | SELECT * FROM tx; |
||
2201 | } |
||
2202 | } {11 12 2 2 33 33 7 8 8 8 9 9} |
||
2203 | do_test auth-3.2 { |
||
2204 | proc auth {code arg1 arg2 arg3 arg4} { |
||
2205 | if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="c"} { |
||
2206 | return SQLITE_IGNORE |
||
2207 | } |
||
2208 | return SQLITE_OK |
||
2209 | } |
||
2210 | execsql { |
||
2211 | DELETE FROM tx; |
||
2212 | UPDATE t2 SET a=a+100; |
||
2213 | SELECT * FROM tx; |
||
2214 | } |
||
2215 | } {12 112 2 2 {} {} 8 108 8 8 {} {}} |
||
2216 | } ;# ifcapable trigger |
||
2217 | |||
2218 | # Make sure the names of views and triggers are passed on on arg4. |
||
2219 | # |
||
2220 | ifcapable trigger { |
||
2221 | do_test auth-4.1 { |
||
2222 | proc auth {code arg1 arg2 arg3 arg4} { |
||
2223 | lappend ::authargs $code $arg1 $arg2 $arg3 $arg4 |
||
2224 | return SQLITE_OK |
||
2225 | } |
||
2226 | set authargs {} |
||
2227 | execsql { |
||
2228 | UPDATE t2 SET a=a+1; |
||
2229 | } |
||
2230 | set authargs |
||
2231 | } [list \ |
||
2232 | SQLITE_READ t2 a main {} \ |
||
2233 | SQLITE_UPDATE t2 a main {} \ |
||
2234 | SQLITE_INSERT tx {} main r1 \ |
||
2235 | SQLITE_READ t2 a main r1 \ |
||
2236 | SQLITE_READ t2 a main r1 \ |
||
2237 | SQLITE_READ t2 b main r1 \ |
||
2238 | SQLITE_READ t2 b main r1 \ |
||
2239 | SQLITE_READ t2 c main r1 \ |
||
2240 | SQLITE_READ t2 c main r1] |
||
2241 | } |
||
2242 | |||
2243 | ifcapable {view && trigger} { |
||
2244 | do_test auth-4.2 { |
||
2245 | execsql { |
||
2246 | CREATE VIEW v1 AS SELECT a+b AS x FROM t2; |
||
2247 | CREATE TABLE v1chng(x1,x2); |
||
2248 | CREATE TRIGGER r2 INSTEAD OF UPDATE ON v1 BEGIN |
||
2249 | INSERT INTO v1chng VALUES(OLD.x,NEW.x); |
||
2250 | END; |
||
2251 | SELECT * FROM v1; |
||
2252 | } |
||
2253 | } {115 117} |
||
2254 | do_test auth-4.3 { |
||
2255 | set authargs {} |
||
2256 | execsql { |
||
2257 | UPDATE v1 SET x=1 WHERE x=117 |
||
2258 | } |
||
2259 | set authargs |
||
2260 | } [list \ |
||
2261 | SQLITE_UPDATE v1 x main {} \ |
||
2262 | SQLITE_SELECT {} {} {} v1 \ |
||
2263 | SQLITE_READ t2 a main v1 \ |
||
2264 | SQLITE_READ t2 b main v1 \ |
||
2265 | SQLITE_SELECT {} {} {} {} \ |
||
2266 | SQLITE_READ v1 x main v1 \ |
||
2267 | SQLITE_INSERT v1chng {} main r2 \ |
||
2268 | SQLITE_READ v1 x main r2 \ |
||
2269 | SQLITE_READ v1 x main r2 \ |
||
2270 | ] |
||
2271 | |||
2272 | do_test auth-4.4 { |
||
2273 | execsql { |
||
2274 | CREATE TRIGGER r3 INSTEAD OF DELETE ON v1 BEGIN |
||
2275 | INSERT INTO v1chng VALUES(OLD.x,NULL); |
||
2276 | END; |
||
2277 | SELECT * FROM v1; |
||
2278 | } |
||
2279 | } {115 117} |
||
2280 | do_test auth-4.5 { |
||
2281 | set authargs {} |
||
2282 | execsql { |
||
2283 | DELETE FROM v1 WHERE x=117 |
||
2284 | } |
||
2285 | set authargs |
||
2286 | } [list \ |
||
2287 | SQLITE_DELETE v1 {} main {} \ |
||
2288 | SQLITE_SELECT {} {} {} v1 \ |
||
2289 | SQLITE_READ t2 a main v1 \ |
||
2290 | SQLITE_READ t2 b main v1 \ |
||
2291 | SQLITE_SELECT {} {} {} {} \ |
||
2292 | SQLITE_READ v1 x main v1 \ |
||
2293 | SQLITE_INSERT v1chng {} main r3 \ |
||
2294 | SQLITE_READ v1 x main r3 \ |
||
2295 | ] |
||
2296 | |||
2297 | } ;# ifcapable view && trigger |
||
2298 | |||
2299 | # Ticket #1338: Make sure authentication works in the presence of an AS |
||
2300 | # clause. |
||
2301 | # |
||
2302 | do_test auth-5.1 { |
||
2303 | proc auth {code arg1 arg2 arg3 arg4} { |
||
2304 | return SQLITE_OK |
||
2305 | } |
||
2306 | execsql { |
||
2307 | SELECT count(a) AS cnt FROM t4 ORDER BY cnt |
||
2308 | } |
||
2309 | } {1} |
||
2310 | |||
2311 | # Ticket #1607 |
||
2312 | # |
||
2313 | ifcapable compound&&subquery { |
||
2314 | ifcapable trigger { |
||
2315 | execsql { |
||
2316 | DROP TABLE tx; |
||
2317 | } |
||
2318 | ifcapable view { |
||
2319 | execsql { |
||
2320 | DROP TABLE v1chng; |
||
2321 | } |
||
2322 | } |
||
2323 | } |
||
2324 | ifcapable stat2 { |
||
2325 | set stat2 "sqlite_stat2 " |
||
2326 | } else { |
||
2327 | set stat2 "" |
||
2328 | } |
||
2329 | do_test auth-5.2 { |
||
2330 | execsql { |
||
2331 | SELECT name FROM ( |
||
2332 | SELECT * FROM sqlite_master UNION ALL SELECT * FROM sqlite_temp_master) |
||
2333 | WHERE type='table' |
||
2334 | ORDER BY name |
||
2335 | } |
||
2336 | } "sqlite_stat1 ${stat2}t1 t2 t3 t4" |
||
2337 | } |
||
2338 | |||
2339 | # Ticket #3944 |
||
2340 | # |
||
2341 | ifcapable trigger { |
||
2342 | do_test auth-5.3.1 { |
||
2343 | execsql { |
||
2344 | CREATE TABLE t5 ( x ); |
||
2345 | CREATE TRIGGER t5_tr1 AFTER INSERT ON t5 BEGIN |
||
2346 | UPDATE t5 SET x = 1 WHERE NEW.x = 0; |
||
2347 | END; |
||
2348 | } |
||
2349 | } {} |
||
2350 | set ::authargs [list] |
||
2351 | proc auth {args} { |
||
2352 | eval lappend ::authargs $args |
||
2353 | return SQLITE_OK |
||
2354 | } |
||
2355 | do_test auth-5.3.2 { |
||
2356 | execsql { INSERT INTO t5 (x) values(0) } |
||
2357 | set ::authargs |
||
2358 | } [list SQLITE_INSERT t5 {} main {} \ |
||
2359 | SQLITE_UPDATE t5 x main t5_tr1 \ |
||
2360 | SQLITE_READ t5 x main t5_tr1 \ |
||
2361 | ] |
||
2362 | do_test auth-5.3.2 { |
||
2363 | execsql { SELECT * FROM t5 } |
||
2364 | } {1} |
||
2365 | } |
||
2366 | |||
2367 | |||
2368 | rename proc {} |
||
2369 | rename proc_real proc |
||
2370 | |||
2371 | |||
2372 | finish_test |