gitlab.com/CoiaPrant/sqlite3@v1.19.1/testdata/tcl/auth3.test (about) 1 # 2008 October 27 2 # 3 # The author disclaims copyright to this source code. In place of 4 # a legal notice, here is a blessing: 5 # 6 # May you do good and not evil. 7 # May you find forgiveness for yourself and forgive others. 8 # May you share freely, never taking more than you give. 9 # 10 #*********************************************************************** 11 # 12 # Test that the truncate optimization is disabled if the SQLITE_DELETE 13 # authorization callback returns SQLITE_IGNORE. 14 # 15 # Test that authorizer is disabled during schema parsing. 16 17 set testdir [file dirname $argv0] 18 source $testdir/tester.tcl 19 20 # disable this test if the SQLITE_OMIT_AUTHORIZATION macro is 21 # defined during compilation. 22 if {[catch {db auth {}} msg]} { 23 finish_test 24 return 25 } 26 27 # Disable the statement cache for these tests. 28 # 29 db cache size 0 30 31 db authorizer ::auth 32 proc auth {code arg1 arg2 arg3 arg4 args} { 33 if {$code=="SQLITE_DELETE"} { 34 return $::authcode 35 } 36 return SQLITE_OK 37 } 38 39 #-------------------------------------------------------------------------- 40 # The following tests - auth3-1.* - test that return values of SQLITE_DENY, 41 # SQLITE_IGNORE, SQLITE_OK and <invalid> are correctly handled when returned 42 # by an SQLITE_DELETE authorization callback triggered by a 43 # "DELETE FROM <table-name>" statement. 44 # 45 do_test auth3-1.1 { 46 execsql { 47 CREATE TABLE t1(a,b,c); 48 INSERT INTO t1 VALUES(1, 2, 3); 49 INSERT INTO t1 VALUES(4, 5, 6); 50 } 51 } {} 52 do_test auth3.1.2 { 53 set ::authcode SQLITE_DENY 54 catchsql { DELETE FROM t1 } 55 } {1 {not authorized}} 56 # EVIDENCE-OF: R-64962-58611 If the authorizer callback returns any 57 # value other than SQLITE_IGNORE, SQLITE_OK, or SQLITE_DENY then the 58 # sqlite3_prepare_v2() or equivalent call that triggered the authorizer 59 # will fail with an error message. 60 do_test auth3.1.3 { 61 set ::authcode SQLITE_INVALID 62 catchsql { DELETE FROM t1 } 63 } {1 {authorizer malfunction}} 64 do_test auth3.1.4 { 65 execsql { SELECT * FROM t1 } 66 } {1 2 3 4 5 6} 67 do_test auth3-1.5 { 68 set ::authcode SQLITE_IGNORE 69 execsql { 70 DELETE FROM t1; 71 SELECT * FROM t1; 72 } 73 } {} 74 do_test auth3-1.6 { 75 set ::authcode SQLITE_OK 76 execsql { 77 INSERT INTO t1 VALUES(1, 2, 3); 78 INSERT INTO t1 VALUES(4, 5, 6); 79 DELETE FROM t1; 80 SELECT * FROM t1; 81 } 82 } {} 83 84 #-------------------------------------------------------------------------- 85 # These tests - auth3-2.* - test that returning SQLITE_IGNORE really does 86 # disable the truncate optimization. 87 # 88 do_test auth3-2.1 { 89 set ::authcode SQLITE_OK 90 execsql { 91 INSERT INTO t1 VALUES(1, 2, 3); 92 INSERT INTO t1 VALUES(4, 5, 6); 93 } 94 set sqlite_search_count 0 95 execsql { 96 DELETE FROM t1; 97 } 98 set sqlite_search_count 99 } {0} 100 101 do_test auth3-2.2 { 102 set ::authcode SQLITE_IGNORE 103 execsql { 104 INSERT INTO t1 VALUES(1, 2, 3); 105 INSERT INTO t1 VALUES(4, 5, 6); 106 } 107 set sqlite_search_count 0 108 execsql { 109 DELETE FROM t1; 110 } 111 set sqlite_search_count 112 } {1} 113 114 # 2016-07-28. A problem report from a private client complaining about 115 # an authorizer failure during an ALTER TABLE. The solution (I think) is 116 # to disable the authorizer during schema parsing. 117 # 118 ifcapable altertable { 119 proc auth {code args} { 120 if {$code=="SQLITE_READ" && [regexp {DoNotRead} $args]} { 121 return SQLITE_DENY 122 } 123 return SQLITE_OK 124 } 125 do_execsql_test auth3-3.0 { 126 CREATE TEMPORARY TABLE TempTable ( 127 key TEXT NOT NULL ON CONFLICT FAIL UNIQUE ON CONFLICT REPLACE, 128 value TEXT NOT NULL ON CONFLICT FAIL); 129 ALTER TABLE TempTable RENAME TO DoNotRead; 130 SELECT name FROM temp.sqlite_master; 131 } {DoNotRead sqlite_autoindex_DoNotRead_1} 132 } 133 134 finish_test