| blob | abc973433ee41f698e94b99d04a3061586e195f2 |
1 # 2008 October 27
2 #
3 # The author disclaims copyright to this source code. In place of
4 # a legal notice, here is a blessing:
5 #
6 # May you do good and not evil.
7 # May you find forgiveness for yourself and forgive others.
8 # May you share freely, never taking more than you give.
9 #
10 #***********************************************************************
11 #
12 # Test that the truncate optimization is disabled if the SQLITE_DELETE
13 # authorization callback returns SQLITE_IGNORE.
14 #
15 # Test that authorizer is disabled during schema parsing.
17 set testdir [file dirname $argv0]
18 source $testdir/tester.tcl
20 # disable this test if the SQLITE_OMIT_AUTHORIZATION macro is
21 # defined during compilation.
22 if {[catch {db auth {}} msg]} {
23 finish_test
24 return
25 }
27 # Disable the statement cache for these tests.
28 #
29 db cache size 0
31 db authorizer ::auth
32 proc auth {code arg1 arg2 arg3 arg4 args} {
33 if {$code=="SQLITE_DELETE"} {
34 return $::authcode
35 }
36 return SQLITE_OK
37 }
39 #--------------------------------------------------------------------------
40 # The following tests - auth3-1.* - test that return values of SQLITE_DENY,
41 # SQLITE_IGNORE, SQLITE_OK and <invalid> are correctly handled when returned
42 # by an SQLITE_DELETE authorization callback triggered by a
43 # "DELETE FROM <table-name>" statement.
44 #
45 do_test auth3-1.1 {
46 execsql {
47 CREATE TABLE t1(a,b,c);
48 INSERT INTO t1 VALUES(1, 2, 3);
49 INSERT INTO t1 VALUES(4, 5, 6);
50 }
51 } {}
52 do_test auth3.1.2 {
53 set ::authcode SQLITE_DENY
54 catchsql { DELETE FROM t1 }
55 } {1 {not authorized}}
56 # EVIDENCE-OF: R-64962-58611 If the authorizer callback returns any
57 # value other than SQLITE_IGNORE, SQLITE_OK, or SQLITE_DENY then the
58 # sqlite3_prepare_v2() or equivalent call that triggered the authorizer
59 # will fail with an error message.
60 do_test auth3.1.3 {
61 set ::authcode SQLITE_INVALID
62 catchsql { DELETE FROM t1 }
63 } {1 {authorizer malfunction}}
64 do_test auth3.1.4 {
65 execsql { SELECT * FROM t1 }
66 } {1 2 3 4 5 6}
67 do_test auth3-1.5 {
68 set ::authcode SQLITE_IGNORE
69 execsql {
70 DELETE FROM t1;
71 SELECT * FROM t1;
72 }
73 } {}
74 do_test auth3-1.6 {
75 set ::authcode SQLITE_OK
76 execsql {
77 INSERT INTO t1 VALUES(1, 2, 3);
78 INSERT INTO t1 VALUES(4, 5, 6);
79 DELETE FROM t1;
80 SELECT * FROM t1;
81 }
82 } {}
84 #--------------------------------------------------------------------------
85 # These tests - auth3-2.* - test that returning SQLITE_IGNORE really does
86 # disable the truncate optimization.
87 #
88 do_test auth3-2.1 {
89 set ::authcode SQLITE_OK
90 execsql {
91 INSERT INTO t1 VALUES(1, 2, 3);
92 INSERT INTO t1 VALUES(4, 5, 6);
93 }
94 set sqlite_search_count 0
95 execsql {
96 DELETE FROM t1;
97 }
98 set sqlite_search_count
99 } {0}
101 do_test auth3-2.2 {
102 set ::authcode SQLITE_IGNORE
103 execsql {
104 INSERT INTO t1 VALUES(1, 2, 3);
105 INSERT INTO t1 VALUES(4, 5, 6);
106 }
107 set sqlite_search_count 0
108 execsql {
109 DELETE FROM t1;
110 }
111 set sqlite_search_count
112 } {1}
114 # 2016-07-28. A problem report from a private client complaining about
115 # an authorizer failure during an ALTER TABLE. The solution (I think) is
116 # to disable the authorizer during schema parsing.
117 #
118 ifcapable altertable {
119 proc auth {code args} {
120 if {$code=="SQLITE_READ" && [regexp {DoNotRead} $args]} {
121 return SQLITE_DENY
122 }
123 return SQLITE_OK
124 }
125 do_execsql_test auth3-3.0 {
126 CREATE TEMPORARY TABLE TempTable (
127 key TEXT NOT NULL ON CONFLICT FAIL UNIQUE ON CONFLICT REPLACE,
128 value TEXT NOT NULL ON CONFLICT FAIL);
129 ALTER TABLE TempTable RENAME TO DoNotRead;
130 SELECT name FROM temp.sqlite_master;
131 } {DoNotRead sqlite_autoindex_DoNotRead_1}
132 }
134 finish_test