drh | 5169bbc | 2006-08-24 14:59:45 +0000 | [diff] [blame] | 1 | # 2006 Aug 24 |
| 2 | # |
| 3 | # The author disclaims copyright to this source code. In place of |
| 4 | # a legal notice, here is a blessing: |
| 5 | # |
| 6 | # May you do good and not evil. |
| 7 | # May you find forgiveness for yourself and forgive others. |
| 8 | # May you share freely, never taking more than you give. |
| 9 | # |
| 10 | #*********************************************************************** |
| 11 | # This file implements regression tests for SQLite library. The |
| 12 | # focus of this script is testing the sqlite3_set_authorizer() API |
| 13 | # and related functionality. |
| 14 | # |
danielk1977 | 524cc21 | 2008-07-02 13:13:51 +0000 | [diff] [blame] | 15 | # $Id: auth2.test,v 1.3 2008/07/02 13:13:53 danielk1977 Exp $ |
drh | 5169bbc | 2006-08-24 14:59:45 +0000 | [diff] [blame] | 16 | # |
| 17 | |
| 18 | set testdir [file dirname $argv0] |
| 19 | source $testdir/tester.tcl |
| 20 | |
| 21 | # disable this test if the SQLITE_OMIT_AUTHORIZATION macro is |
| 22 | # defined during compilation. |
| 23 | if {[catch {db auth {}} msg]} { |
| 24 | finish_test |
| 25 | return |
| 26 | } |
| 27 | |
| 28 | do_test auth2-1.1 { |
| 29 | execsql { |
| 30 | CREATE TABLE t1(a,b,c); |
| 31 | INSERT INTO t1 VALUES(1,2,3); |
| 32 | } |
| 33 | set ::flist {} |
drh | 32c6a48 | 2014-09-11 13:44:52 +0000 | [diff] [blame] | 34 | proc auth {code arg1 arg2 arg3 arg4 args} { |
drh | 5169bbc | 2006-08-24 14:59:45 +0000 | [diff] [blame] | 35 | if {$code=="SQLITE_FUNCTION"} { |
| 36 | lappend ::flist $arg2 |
| 37 | if {$arg2=="max"} { |
| 38 | return SQLITE_DENY |
| 39 | } elseif {$arg2=="min"} { |
| 40 | return SQLITE_IGNORE |
| 41 | } else { |
| 42 | return SQLITE_OK |
| 43 | } |
| 44 | } |
| 45 | return SQLITE_OK |
| 46 | } |
| 47 | db authorizer ::auth |
| 48 | catchsql {SELECT max(a,b,c) FROM t1} |
| 49 | } {1 {not authorized to use function: max}} |
| 50 | do_test auth2-1.2 { |
| 51 | set ::flist |
| 52 | } max |
| 53 | do_test auth2-1.3 { |
| 54 | set ::flist {} |
| 55 | catchsql {SELECT min(a,b,c) FROM t1} |
| 56 | } {0 {{}}} |
| 57 | do_test auth2-1.4 { |
| 58 | set ::flist |
| 59 | } min |
| 60 | do_test auth2-1.5 { |
| 61 | set ::flist {} |
| 62 | catchsql {SELECT coalesce(min(a,b,c),999) FROM t1} |
| 63 | } {0 999} |
| 64 | do_test auth2-1.6 { |
| 65 | set ::flist |
| 66 | } {coalesce min} |
| 67 | do_test auth2-1.7 { |
| 68 | set ::flist {} |
| 69 | catchsql {SELECT coalesce(a,b,c) FROM t1} |
| 70 | } {0 1} |
| 71 | do_test auth2-1.8 { |
| 72 | set ::flist |
| 73 | } coalesce |
| 74 | |
drh | a6d0ffc | 2007-10-12 20:42:28 +0000 | [diff] [blame] | 75 | # Make sure the authorizer is not called when parsing the schema |
| 76 | # and when computing the result set of a view. |
| 77 | # |
| 78 | db close |
| 79 | sqlite3 db test.db |
| 80 | sqlite3 db2 test.db |
| 81 | proc auth {args} { |
| 82 | global authargs |
drh | 32c6a48 | 2014-09-11 13:44:52 +0000 | [diff] [blame] | 83 | append authargs [lrange $args 0 4]\n |
drh | a6d0ffc | 2007-10-12 20:42:28 +0000 | [diff] [blame] | 84 | return SQLITE_OK |
| 85 | } |
| 86 | db auth auth |
| 87 | do_test auth2-2.1 { |
| 88 | set ::authargs {} |
| 89 | db eval { |
| 90 | CREATE TABLE t2(x,y,z); |
| 91 | } |
| 92 | set ::authargs |
| 93 | } {SQLITE_INSERT sqlite_master {} main {} |
| 94 | SQLITE_CREATE_TABLE t2 {} main {} |
| 95 | SQLITE_UPDATE sqlite_master type main {} |
| 96 | SQLITE_UPDATE sqlite_master name main {} |
| 97 | SQLITE_UPDATE sqlite_master tbl_name main {} |
| 98 | SQLITE_UPDATE sqlite_master rootpage main {} |
| 99 | SQLITE_UPDATE sqlite_master sql main {} |
| 100 | SQLITE_READ sqlite_master ROWID main {} |
drh | a6d0ffc | 2007-10-12 20:42:28 +0000 | [diff] [blame] | 101 | } |
| 102 | do_test auth2-2.2 { |
| 103 | set ::authargs {} |
| 104 | db eval { |
| 105 | CREATE VIEW v2 AS SELECT x+y AS a, y+z AS b from t2; |
| 106 | } |
| 107 | set ::authargs |
| 108 | } {SQLITE_INSERT sqlite_master {} main {} |
| 109 | SQLITE_CREATE_VIEW v2 {} main {} |
| 110 | SQLITE_UPDATE sqlite_master type main {} |
| 111 | SQLITE_UPDATE sqlite_master name main {} |
| 112 | SQLITE_UPDATE sqlite_master tbl_name main {} |
| 113 | SQLITE_UPDATE sqlite_master rootpage main {} |
| 114 | SQLITE_UPDATE sqlite_master sql main {} |
| 115 | SQLITE_READ sqlite_master ROWID main {} |
drh | a6d0ffc | 2007-10-12 20:42:28 +0000 | [diff] [blame] | 116 | } |
| 117 | do_test auth2-2.3 { |
| 118 | set ::authargs {} |
| 119 | db eval { |
| 120 | SELECT a, b FROM v2; |
| 121 | } |
| 122 | set ::authargs |
| 123 | } {SQLITE_SELECT {} {} {} {} |
drh | a6d0ffc | 2007-10-12 20:42:28 +0000 | [diff] [blame] | 124 | SQLITE_READ t2 x main v2 |
| 125 | SQLITE_READ t2 y main v2 |
| 126 | SQLITE_READ t2 y main v2 |
| 127 | SQLITE_READ t2 z main v2 |
drh | 92689d2 | 2012-12-18 16:07:08 +0000 | [diff] [blame] | 128 | SQLITE_READ v2 a main {} |
| 129 | SQLITE_READ v2 b main {} |
danielk1977 | 524cc21 | 2008-07-02 13:13:51 +0000 | [diff] [blame] | 130 | SQLITE_SELECT {} {} {} v2 |
drh | a6d0ffc | 2007-10-12 20:42:28 +0000 | [diff] [blame] | 131 | } |
| 132 | do_test auth2-2.4 { |
| 133 | db2 eval { |
| 134 | CREATE TABLE t3(p,q,r); |
| 135 | } |
| 136 | set ::authargs {} |
| 137 | db eval { |
| 138 | SELECT b, a FROM v2; |
| 139 | } |
| 140 | set ::authargs |
| 141 | } {SQLITE_SELECT {} {} {} {} |
drh | a6d0ffc | 2007-10-12 20:42:28 +0000 | [diff] [blame] | 142 | SQLITE_READ t2 x main v2 |
| 143 | SQLITE_READ t2 y main v2 |
| 144 | SQLITE_READ t2 y main v2 |
| 145 | SQLITE_READ t2 z main v2 |
drh | 92689d2 | 2012-12-18 16:07:08 +0000 | [diff] [blame] | 146 | SQLITE_READ v2 b main {} |
| 147 | SQLITE_READ v2 a main {} |
danielk1977 | 524cc21 | 2008-07-02 13:13:51 +0000 | [diff] [blame] | 148 | SQLITE_SELECT {} {} {} v2 |
drh | a6d0ffc | 2007-10-12 20:42:28 +0000 | [diff] [blame] | 149 | SQLITE_SELECT {} {} {} {} |
drh | a6d0ffc | 2007-10-12 20:42:28 +0000 | [diff] [blame] | 150 | SQLITE_READ t2 x main v2 |
| 151 | SQLITE_READ t2 y main v2 |
| 152 | SQLITE_READ t2 y main v2 |
| 153 | SQLITE_READ t2 z main v2 |
drh | 92689d2 | 2012-12-18 16:07:08 +0000 | [diff] [blame] | 154 | SQLITE_READ v2 b main {} |
| 155 | SQLITE_READ v2 a main {} |
danielk1977 | 524cc21 | 2008-07-02 13:13:51 +0000 | [diff] [blame] | 156 | SQLITE_SELECT {} {} {} v2 |
drh | a6d0ffc | 2007-10-12 20:42:28 +0000 | [diff] [blame] | 157 | } |
| 158 | db2 close |
| 159 | |
drh | 5169bbc | 2006-08-24 14:59:45 +0000 | [diff] [blame] | 160 | finish_test |