Gitiles
Code Review Sign In
gerrit.openfyde.cn / chromium.googlesource.com / chromium / deps / sqlite / 1962bda76414921a526663e16d11602ce46dc212 / . / test / auth.test
blob: 2ba7fdf329d1436256c190d5ebaec2e2be0edafb [file] [log] [blame]
drh1962bda2003-01-12 19:33:52 +0000[diff] [blame^]1# 2003 January 12
2#
3# The author disclaims copyright to this source code. In place of
4# a legal notice, here is a blessing:
5#
6# May you do good and not evil.
7# May you find forgiveness for yourself and forgive others.
8# May you share freely, never taking more than you give.
9#
10#***********************************************************************
11# This file implements regression tests for SQLite library. The
12# focus of this script testing the sqlite_set_authorizer() API.
13#
14# $Id: auth.test,v 1.1 2003/01/12 19:33:54 drh Exp $
15#
16
17set testdir [file dirname $argv0]
18source $testdir/tester.tcl
19
20if {[info command sqlite_set_authorizer]!=""} {
21
22do_test auth-1.1 {
23 db close
24 set ::DB [sqlite db test.db]
25 proc auth {code arg1 arg2} {
26 if {$code=="SQLITE_INSERT_ROW"
27 && [string compare -nocase $arg1 sqlite_master]==0} {
28 return SQLITE_DENY
29 }
30 return SQLITE_OK
31 }
32 sqlite_set_authorizer $::DB ::auth
33 catchsql {CREATE TABLE t1(a,b,c)}
34} {1 {insertion into table sqlite_master is prohibited}}
35do_test auth-1.2 {
36 proc auth {code arg1 arg2} {
37 if {$code=="SQLITE_INSERT_ROW"
38 && [string compare -nocase $arg1 sqlite_master]==0} {
39 return SQLITE_IGNORE
40 }
41 return SQLITE_OK
42 }
43 catchsql {CREATE TABLE t1(a,b,c)}
44} {1 {insertion into table sqlite_master is prohibited}}
45do_test auth-1.3 {
46 proc auth {code arg1 arg2} {
47 if {$code=="SQLITE_INSERT_ROW"
48 && [string compare -nocase $arg1 sqlite_master]==0} {
49 return SQLITE_OK
50 }
51 return SQLITE_OK
52 }
53 catchsql {CREATE TABLE t1(a,b,c)}
54} {0 {}}
55do_test auth-1.4 {
56 execsql {SELECT name FROM sqlite_master}
57} {t1}
58do_test auth-1.5 {
59 proc auth {code arg1 arg2} {
60 if {$code=="SQLITE_INSERT_ROW"
61 && [string compare -nocase $arg1 sqlite_master]==0} {
62 return BOGUS
63 }
64 return SQLITE_OK
65 }
66 catchsql {CREATE TABLE t2(a,b,c)}
67} {1 {illegal return value (1) from the authorization function - should be SQLITE_OK, SQLITE_IGNORE, or SQLITE_DENY}}
68do_test auth-1.6 {
69 proc auth {code arg1 arg2} {
70 if {$code=="SQLITE_DELETE_ROW"
71 && [string compare -nocase $arg1 sqlite_master]==0} {
72 return SQLITE_DENY
73 }
74 return SQLITE_OK
75 }
76 catchsql {DROP TABLE t1}
77} {1 {deletion from table sqlite_master is prohibited}}
78do_test auth-1.7 {
79 proc auth {code arg1 arg2} {
80 if {$code=="SQLITE_DELETE_ROW"
81 && [string compare -nocase $arg1 sqlite_master]==0} {
82 return SQLITE_IGNORE
83 }
84 return SQLITE_OK
85 }
86 catchsql {DROP TABLE t1}
87} {1 {deletion from table sqlite_master is prohibited}}
88do_test auth-1.8 {
89 proc auth {code arg1 arg2} {
90 if {$code=="SQLITE_INSERT_ROW"
91 && [string compare -nocase $arg1 t1]==0} {
92 return SQLITE_DENY
93 }
94 return SQLITE_OK
95 }
96 catchsql {INSERT INTO t1 VALUES(1,2,3)}
97} {1 {insertion into table t1 is prohibited}}
98do_test auth-1.9 {
99 proc auth {code arg1 arg2} {
100 if {$code=="SQLITE_INSERT_ROW"
101 && [string compare -nocase $arg1 t1]==0} {
102 return SQLITE_IGNORE
103 }
104 return SQLITE_OK
105 }
106 catchsql {INSERT INTO t1 VALUES(1,2,3)}
107} {0 {}}
108do_test auth-1.10 {
109 execsql {SELECT * FROM t1}
110} {}
111do_test auth-1.11 {
112 proc auth {code arg1 arg2} {
113 if {$code=="SQLITE_INSERT_ROW"
114 && [string compare -nocase $arg1 t1]==0} {
115 return SQLITE_OK
116 }
117 return SQLITE_OK
118 }
119 catchsql {INSERT INTO t1 VALUES(1,2,3)}
120} {0 {}}
121do_test auth-1.12 {
122 execsql {SELECT * FROM t1}
123} {1 2 3}
124do_test auth-1.13 {
125 proc auth {code arg1 arg2} {
126 if {$code=="SQLITE_DELETE_ROW"
127 && [string compare -nocase $arg1 t1]==0} {
128 return SQLITE_DENY
129 }
130 return SQLITE_OK
131 }
132 catchsql {DELETE FROM t1 WHERE a=1}
133} {1 {deletion from table t1 is prohibited}}
134do_test auth-1.14 {
135 execsql {SELECT * FROM t1}
136} {1 2 3}
137do_test auth-1.15 {
138 proc auth {code arg1 arg2} {
139 if {$code=="SQLITE_DELETE_ROW"
140 && [string compare -nocase $arg1 t1]==0} {
141 return SQLITE_IGNORE
142 }
143 return SQLITE_OK
144 }
145 catchsql {DELETE FROM t1 WHERE a=1}
146} {0 {}}
147do_test auth-1.16 {
148 execsql {SELECT * FROM t1}
149} {1 2 3}
150do_test auth-1.17 {
151 proc auth {code arg1 arg2} {
152 if {$code=="SQLITE_READ_COLUMN"
153 && [string compare -nocase $arg1 t1]==0
154 && [string compare -nocase $arg2 a]==0} {
155 return SQLITE_DENY
156 }
157 return SQLITE_OK
158 }
159 catchsql {SELECT * FROM t1}
160} {1 {access to t1.a is prohibited}}
161do_test auth-1.18 {
162 proc auth {code arg1 arg2} {
163 if {$code=="SQLITE_READ_COLUMN"
164 && [string compare -nocase $arg1 t1]==0
165 && [string compare -nocase $arg2 a]==0} {
166 return SQLITE_IGNORE
167 }
168 return SQLITE_OK
169 }
170 catchsql {SELECT * FROM t1}
171} {0 {{} 2 3}}
172do_test auth-1.19 {
173 proc auth {code arg1 arg2} {
174 if {$code=="SQLITE_WRITE_COLUMN"
175 && [string compare -nocase $arg1 t1]==0
176 && [string compare -nocase $arg2 a]==0} {
177 return SQLITE_DENY
178 }
179 return SQLITE_OK
180 }
181 catchsql {UPDATE t1 SET a=11 WHERE a=1}
182} {1 {changes to t1.a are prohibited}}
183do_test auth-1.20 {
184 execsql {SELECT * FROM t1}
185} {1 2 3}
186do_test auth-1.21 {
187 proc auth {code arg1 arg2} {
188 if {$code=="SQLITE_WRITE_COLUMN"
189 && [string compare -nocase $arg1 t1]==0
190 && [string compare -nocase $arg2 a]==0} {
191 return SQLITE_DENY
192 }
193 return SQLITE_OK
194 }
195 catchsql {UPDATE t1 SET b=12 WHERE a=1}
196} {0 {}}
197do_test auth-1.22 {
198 execsql {SELECT * FROM t1}
199} {1 12 3}
200do_test auth-1.23 {
201 proc auth {code arg1 arg2} {
202 if {$code=="SQLITE_WRITE_COLUMN"
203 && [string compare -nocase $arg1 t1]==0
204 && [string compare -nocase $arg2 a]==0} {
205 return SQLITE_IGNORE
206 }
207 return SQLITE_OK
208 }
209 catchsql {UPDATE t1 SET a=11, b=22 WHERE a=1}
210} {0 {}}
211do_test auth-1.24 {
212 execsql {SELECT * FROM t1}
213} {1 22 3}
214do_test auth-1.25 {
215 proc auth {code arg1 arg2} {
216 if {$code=="SQLITE_WRITE_COLUMN"
217 && [string compare -nocase $arg1 t1]==0
218 && [string compare -nocase $arg2 a]==0} {
219 return SQLITE_DENY
220 }
221 return SQLITE_OK
222 }
223 catchsql {UPDATE t1 SET a=11, b=33 WHERE a=1}
224} {1 {changes to t1.a are prohibited}}
225do_test auth-1.26 {
226 execsql {SELECT * FROM t1}
227} {1 22 3}
228do_test auth-1.27 {
229 proc auth {code arg1 arg2} {
230 if {$code=="SQLITE_READ_COLUMN"
231 && [string compare -nocase $arg1 t1]==0
232 && [string compare -nocase $arg2 a]==0} {
233 return SQLITE_DENY
234 }
235 return SQLITE_OK
236 }
237 catchsql {UPDATE t1 SET b=33, c=44 WHERE a=1}
238} {1 {access to t1.a is prohibited}}
239do_test auth-1.28 {
240 execsql {SELECT b, c FROM t1}
241} {22 3}
242do_test auth-1.29 {
243 proc auth {code arg1 arg2} {
244 if {$code=="SQLITE_READ_COLUMN"
245 && [string compare -nocase $arg1 t1]==0
246 && [string compare -nocase $arg2 a]==0} {
247 return SQLITE_IGNORE
248 }
249 return SQLITE_OK
250 }
251 catchsql {UPDATE t1 SET b=33, c=44 WHERE a=1}
252} {0 {}}
253do_test auth-1.30 {
254 execsql {SELECT b, c FROM t1}
255} {22 3}
256do_test auth-1.31 {
257 proc auth {code arg1 arg2} {
258 if {$code=="SQLITE_READ_COLUMN"
259 && [string compare -nocase $arg1 t1]==0
260 && [string compare -nocase $arg2 a]==0} {
261 return SQLITE_IGNORE
262 }
263 return SQLITE_OK
264 }
265 catchsql {UPDATE t1 SET b=33, c=44 WHERE a IS NULL}
266} {0 {}}
267do_test auth-1.32 {
268 execsql {SELECT b, c FROM t1}
269} {33 44}
270
271
272} ;# End of the "if( db command exists )"
273
274finish_test