Blame - test/auth.test - chromium.googlesource.com/chromium/deps/sqlite

blob: 5e91b33eaa879d25c7109d5cb6d16274d3ba6574 [file] [log] [blame]

drh	2d45834	2003-04-05 03:42:26 +0000	[diff] [blame]	1	# 2003 April 4
drh	1962bda	2003-01-12 19:33:52 +0000	[diff] [blame]	2	#
				3	# The author disclaims copyright to this source code. In place of
				4	# a legal notice, here is a blessing:
				5	#
				6	# May you do good and not evil.
				7	# May you find forgiveness for yourself and forgive others.
				8	# May you share freely, never taking more than you give.
				9	#
				10	#***********************************************************************
				11	# This file implements regression tests for SQLite library. The
drh	5169bbc	2006-08-24 14:59:45 +0000	[diff] [blame]	12	# focus of this script is testing the sqlite3_set_authorizer() API
drh	2d45834	2003-04-05 03:42:26 +0000	[diff] [blame]	13	# and related functionality.
drh	1962bda	2003-01-12 19:33:52 +0000	[diff] [blame]	14	#
danielk1977	34acdc9	2009-07-02 18:40:34 +0000	[diff] [blame]	15	# $Id: auth.test,v 1.46 2009/07/02 18:40:35 danielk1977 Exp $
drh	1962bda	2003-01-12 19:33:52 +0000	[diff] [blame]	16	#
				17
				18	set testdir [file dirname $argv0]
				19	source $testdir/tester.tcl
				20
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	21	# disable this test if the SQLITE_OMIT_AUTHORIZATION macro is
				22	# defined during compilation.
drh	1211de3	2004-07-26 12:24:22 +0000	[diff] [blame]	23	if {[catch {db auth {}} msg]} {
				24	finish_test
				25	return
				26	}
drh	1962bda	2003-01-12 19:33:52 +0000	[diff] [blame]	27
danielk1977	a21c6b6	2005-01-24 10:25:59 +0000	[diff] [blame]	28	rename proc proc_real
				29	proc_real proc {name arguments script} {
				30	proc_real $name $arguments $script
				31	if {$name=="auth"} {
				32	db authorizer ::auth
				33	}
				34	}
				35
drh	dcd997e	2003-01-31 17:21:49 +0000	[diff] [blame]	36	do_test auth-1.1.1 {
drh	1962bda	2003-01-12 19:33:52 +0000	[diff] [blame]	37	db close
drh	ef4ac8f	2004-06-19 00:16:31 +0000	[diff] [blame]	38	set ::DB [sqlite3 db test.db]
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	39	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	40	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} {
drh	1962bda	2003-01-12 19:33:52 +0000	[diff] [blame]	41	return SQLITE_DENY
				42	}
				43	return SQLITE_OK
				44	}
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	45	db authorizer ::auth
drh	1962bda	2003-01-12 19:33:52 +0000	[diff] [blame]	46	catchsql {CREATE TABLE t1(a,b,c)}
drh	e5f9c64	2003-01-13 23:27:31 +0000	[diff] [blame]	47	} {1 {not authorized}}
drh	dcd997e	2003-01-31 17:21:49 +0000	[diff] [blame]	48	do_test auth-1.1.2 {
				49	db errorcode
				50	} {23}
drh	0f14e2e	2004-06-29 12:39:08 +0000	[diff] [blame]	51	do_test auth-1.1.3 {
				52	db authorizer
				53	} {::auth}
drh	5689123	2004-09-09 13:55:50 +0000	[diff] [blame]	54	do_test auth-1.1.4 {
				55	# Ticket #896.
				56	catchsql {
				57	SELECT x;
				58	}
				59	} {1 {no such column: x}}
drh	1962bda	2003-01-12 19:33:52 +0000	[diff] [blame]	60	do_test auth-1.2 {
drh	e5f9c64	2003-01-13 23:27:31 +0000	[diff] [blame]	61	execsql {SELECT name FROM sqlite_master}
				62	} {}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	63	do_test auth-1.3.1 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	64	proc auth {code arg1 arg2 arg3 arg4} {
drh	e5f9c64	2003-01-13 23:27:31 +0000	[diff] [blame]	65	if {$code=="SQLITE_CREATE_TABLE"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	66	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	e5f9c64	2003-01-13 23:27:31 +0000	[diff] [blame]	67	return SQLITE_DENY
				68	}
				69	return SQLITE_OK
				70	}
				71	catchsql {CREATE TABLE t1(a,b,c)}
				72	} {1 {not authorized}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	73	do_test auth-1.3.2 {
drh	dcd997e	2003-01-31 17:21:49 +0000	[diff] [blame]	74	db errorcode
				75	} {23}
				76	do_test auth-1.3.3 {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	77	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	78	} {t1 {} main {}}
drh	e5f9c64	2003-01-13 23:27:31 +0000	[diff] [blame]	79	do_test auth-1.4 {
				80	execsql {SELECT name FROM sqlite_master}
				81	} {}
				82
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	83	ifcapable tempdb {
				84	do_test auth-1.5 {
				85	proc auth {code arg1 arg2 arg3 arg4} {
				86	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} {
				87	return SQLITE_DENY
				88	}
				89	return SQLITE_OK
drh	e5f9c64	2003-01-13 23:27:31 +0000	[diff] [blame]	90	}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	91	catchsql {CREATE TEMP TABLE t1(a,b,c)}
				92	} {1 {not authorized}}
				93	do_test auth-1.6 {
				94	execsql {SELECT name FROM sqlite_temp_master}
				95	} {}
				96	do_test auth-1.7.1 {
				97	proc auth {code arg1 arg2 arg3 arg4} {
				98	if {$code=="SQLITE_CREATE_TEMP_TABLE"} {
				99	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				100	return SQLITE_DENY
				101	}
				102	return SQLITE_OK
drh	e5f9c64	2003-01-13 23:27:31 +0000	[diff] [blame]	103	}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	104	catchsql {CREATE TEMP TABLE t1(a,b,c)}
				105	} {1 {not authorized}}
				106	do_test auth-1.7.2 {
				107	set ::authargs
				108	} {t1 {} temp {}}
				109	do_test auth-1.8 {
				110	execsql {SELECT name FROM sqlite_temp_master}
				111	} {}
				112	}
drh	e5f9c64	2003-01-13 23:27:31 +0000	[diff] [blame]	113
				114	do_test auth-1.9 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	115	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	116	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} {
drh	1962bda	2003-01-12 19:33:52 +0000	[diff] [blame]	117	return SQLITE_IGNORE
				118	}
				119	return SQLITE_OK
				120	}
				121	catchsql {CREATE TABLE t1(a,b,c)}
drh	e5f9c64	2003-01-13 23:27:31 +0000	[diff] [blame]	122	} {0 {}}
				123	do_test auth-1.10 {
				124	execsql {SELECT name FROM sqlite_master}
				125	} {}
				126	do_test auth-1.11 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	127	proc auth {code arg1 arg2 arg3 arg4} {
drh	e5f9c64	2003-01-13 23:27:31 +0000	[diff] [blame]	128	if {$code=="SQLITE_CREATE_TABLE"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	129	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	e5f9c64	2003-01-13 23:27:31 +0000	[diff] [blame]	130	return SQLITE_IGNORE
drh	1962bda	2003-01-12 19:33:52 +0000	[diff] [blame]	131	}
				132	return SQLITE_OK
				133	}
				134	catchsql {CREATE TABLE t1(a,b,c)}
				135	} {0 {}}
drh	e5f9c64	2003-01-13 23:27:31 +0000	[diff] [blame]	136	do_test auth-1.12 {
drh	1962bda	2003-01-12 19:33:52 +0000	[diff] [blame]	137	execsql {SELECT name FROM sqlite_master}
drh	e5f9c64	2003-01-13 23:27:31 +0000	[diff] [blame]	138	} {}
drh	e5f9c64	2003-01-13 23:27:31 +0000	[diff] [blame]	139
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	140	ifcapable tempdb {
				141	do_test auth-1.13 {
				142	proc auth {code arg1 arg2 arg3 arg4} {
				143	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} {
				144	return SQLITE_IGNORE
				145	}
				146	return SQLITE_OK
drh	e5f9c64	2003-01-13 23:27:31 +0000	[diff] [blame]	147	}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	148	catchsql {CREATE TEMP TABLE t1(a,b,c)}
				149	} {0 {}}
				150	do_test auth-1.14 {
				151	execsql {SELECT name FROM sqlite_temp_master}
				152	} {}
				153	do_test auth-1.15 {
				154	proc auth {code arg1 arg2 arg3 arg4} {
				155	if {$code=="SQLITE_CREATE_TEMP_TABLE"} {
				156	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				157	return SQLITE_IGNORE
				158	}
				159	return SQLITE_OK
				160	}
				161	catchsql {CREATE TEMP TABLE t1(a,b,c)}
				162	} {0 {}}
				163	do_test auth-1.16 {
				164	execsql {SELECT name FROM sqlite_temp_master}
				165	} {}
				166
				167	do_test auth-1.17 {
				168	proc auth {code arg1 arg2 arg3 arg4} {
				169	if {$code=="SQLITE_CREATE_TABLE"} {
				170	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				171	return SQLITE_DENY
				172	}
				173	return SQLITE_OK
				174	}
				175	catchsql {CREATE TEMP TABLE t1(a,b,c)}
				176	} {0 {}}
				177	do_test auth-1.18 {
				178	execsql {SELECT name FROM sqlite_temp_master}
				179	} {t1}
				180	}
				181
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	182	do_test auth-1.19.1 {
				183	set ::authargs {}
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	184	proc auth {code arg1 arg2 arg3 arg4} {
drh	e5f9c64	2003-01-13 23:27:31 +0000	[diff] [blame]	185	if {$code=="SQLITE_CREATE_TEMP_TABLE"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	186	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	187	return SQLITE_DENY
drh	1962bda	2003-01-12 19:33:52 +0000	[diff] [blame]	188	}
				189	return SQLITE_OK
				190	}
				191	catchsql {CREATE TABLE t2(a,b,c)}
drh	1962bda	2003-01-12 19:33:52 +0000	[diff] [blame]	192	} {0 {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	193	do_test auth-1.19.2 {
				194	set ::authargs
				195	} {}
drh	1962bda	2003-01-12 19:33:52 +0000	[diff] [blame]	196	do_test auth-1.20 {
drh	e5f9c64	2003-01-13 23:27:31 +0000	[diff] [blame]	197	execsql {SELECT name FROM sqlite_master}
				198	} {t2}
drh	1962bda	2003-01-12 19:33:52 +0000	[diff] [blame]	199
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	200	do_test auth-1.21.1 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	201	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	202	if {$code=="SQLITE_DROP_TABLE"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	203	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	204	return SQLITE_DENY
				205	}
				206	return SQLITE_OK
				207	}
				208	catchsql {DROP TABLE t2}
				209	} {1 {not authorized}}
				210	do_test auth-1.21.2 {
				211	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	212	} {t2 {} main {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	213	do_test auth-1.22 {
				214	execsql {SELECT name FROM sqlite_master}
				215	} {t2}
				216	do_test auth-1.23.1 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	217	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	218	if {$code=="SQLITE_DROP_TABLE"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	219	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	220	return SQLITE_IGNORE
				221	}
				222	return SQLITE_OK
				223	}
				224	catchsql {DROP TABLE t2}
				225	} {0 {}}
				226	do_test auth-1.23.2 {
				227	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	228	} {t2 {} main {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	229	do_test auth-1.24 {
				230	execsql {SELECT name FROM sqlite_master}
				231	} {t2}
drh	e5f9c64	2003-01-13 23:27:31 +0000	[diff] [blame]	232
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	233	ifcapable tempdb {
				234	do_test auth-1.25 {
				235	proc auth {code arg1 arg2 arg3 arg4} {
				236	if {$code=="SQLITE_DROP_TEMP_TABLE"} {
				237	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				238	return SQLITE_DENY
				239	}
				240	return SQLITE_OK
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	241	}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	242	catchsql {DROP TABLE t1}
				243	} {1 {not authorized}}
				244	do_test auth-1.26 {
				245	execsql {SELECT name FROM sqlite_temp_master}
				246	} {t1}
				247	do_test auth-1.27 {
				248	proc auth {code arg1 arg2 arg3 arg4} {
				249	if {$code=="SQLITE_DROP_TEMP_TABLE"} {
				250	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				251	return SQLITE_IGNORE
				252	}
				253	return SQLITE_OK
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	254	}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	255	catchsql {DROP TABLE t1}
				256	} {0 {}}
				257	do_test auth-1.28 {
				258	execsql {SELECT name FROM sqlite_temp_master}
				259	} {t1}
				260	}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	261
				262	do_test auth-1.29 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	263	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	264	if {$code=="SQLITE_INSERT" && $arg1=="t2"} {
				265	return SQLITE_DENY
				266	}
				267	return SQLITE_OK
				268	}
				269	catchsql {INSERT INTO t2 VALUES(1,2,3)}
				270	} {1 {not authorized}}
				271	do_test auth-1.30 {
				272	execsql {SELECT * FROM t2}
				273	} {}
				274	do_test auth-1.31 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	275	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	276	if {$code=="SQLITE_INSERT" && $arg1=="t2"} {
				277	return SQLITE_IGNORE
				278	}
				279	return SQLITE_OK
				280	}
				281	catchsql {INSERT INTO t2 VALUES(1,2,3)}
				282	} {0 {}}
				283	do_test auth-1.32 {
				284	execsql {SELECT * FROM t2}
				285	} {}
				286	do_test auth-1.33 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	287	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	288	if {$code=="SQLITE_INSERT" && $arg1=="t1"} {
				289	return SQLITE_IGNORE
				290	}
				291	return SQLITE_OK
				292	}
				293	catchsql {INSERT INTO t2 VALUES(1,2,3)}
				294	} {0 {}}
				295	do_test auth-1.34 {
				296	execsql {SELECT * FROM t2}
				297	} {1 2 3}
				298
drh	4925ca0	2003-11-27 00:48:57 +0000	[diff] [blame]	299	do_test auth-1.35.1 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	300	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	301	if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="b"} {
				302	return SQLITE_DENY
				303	}
				304	return SQLITE_OK
				305	}
				306	catchsql {SELECT * FROM t2}
				307	} {1 {access to t2.b is prohibited}}
danielk1977	5a8f937	2007-10-09 08:29:32 +0000	[diff] [blame]	308	ifcapable attach {
				309	do_test auth-1.35.2 {
				310	execsql {ATTACH DATABASE 'test.db' AS two}
				311	catchsql {SELECT * FROM two.t2}
				312	} {1 {access to two.t2.b is prohibited}}
				313	execsql {DETACH DATABASE two}
				314	}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	315	do_test auth-1.36 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	316	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	317	if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="b"} {
				318	return SQLITE_IGNORE
				319	}
				320	return SQLITE_OK
				321	}
				322	catchsql {SELECT * FROM t2}
				323	} {0 {1 {} 3}}
				324	do_test auth-1.37 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	325	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	326	if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="b"} {
				327	return SQLITE_IGNORE
				328	}
				329	return SQLITE_OK
				330	}
				331	catchsql {SELECT * FROM t2 WHERE b=2}
				332	} {0 {}}
				333	do_test auth-1.38 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	334	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	335	if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="a"} {
				336	return SQLITE_IGNORE
				337	}
				338	return SQLITE_OK
				339	}
				340	catchsql {SELECT * FROM t2 WHERE b=2}
				341	} {0 {{} 2 3}}
				342	do_test auth-1.39 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	343	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	344	if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="b"} {
				345	return SQLITE_IGNORE
				346	}
				347	return SQLITE_OK
				348	}
				349	catchsql {SELECT * FROM t2 WHERE b IS NULL}
				350	} {0 {1 {} 3}}
				351	do_test auth-1.40 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	352	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	353	if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="b"} {
				354	return SQLITE_DENY
				355	}
				356	return SQLITE_OK
				357	}
				358	catchsql {SELECT a,c FROM t2 WHERE b IS NULL}
				359	} {1 {access to t2.b is prohibited}}
				360
				361	do_test auth-1.41 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	362	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	363	if {$code=="SQLITE_UPDATE" && $arg1=="t2" && $arg2=="b"} {
				364	return SQLITE_DENY
				365	}
				366	return SQLITE_OK
				367	}
				368	catchsql {UPDATE t2 SET a=11}
				369	} {0 {}}
				370	do_test auth-1.42 {
				371	execsql {SELECT * FROM t2}
				372	} {11 2 3}
				373	do_test auth-1.43 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	374	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	375	if {$code=="SQLITE_UPDATE" && $arg1=="t2" && $arg2=="b"} {
				376	return SQLITE_DENY
				377	}
				378	return SQLITE_OK
				379	}
				380	catchsql {UPDATE t2 SET b=22, c=33}
				381	} {1 {not authorized}}
				382	do_test auth-1.44 {
				383	execsql {SELECT * FROM t2}
				384	} {11 2 3}
				385	do_test auth-1.45 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	386	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	387	if {$code=="SQLITE_UPDATE" && $arg1=="t2" && $arg2=="b"} {
				388	return SQLITE_IGNORE
				389	}
				390	return SQLITE_OK
				391	}
				392	catchsql {UPDATE t2 SET b=22, c=33}
				393	} {0 {}}
				394	do_test auth-1.46 {
				395	execsql {SELECT * FROM t2}
				396	} {11 2 33}
				397
				398	do_test auth-1.47 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	399	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	400	if {$code=="SQLITE_DELETE" && $arg1=="t2"} {
				401	return SQLITE_DENY
				402	}
				403	return SQLITE_OK
				404	}
				405	catchsql {DELETE FROM t2 WHERE a=11}
				406	} {1 {not authorized}}
				407	do_test auth-1.48 {
				408	execsql {SELECT * FROM t2}
				409	} {11 2 33}
				410	do_test auth-1.49 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	411	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	412	if {$code=="SQLITE_DELETE" && $arg1=="t2"} {
				413	return SQLITE_IGNORE
				414	}
				415	return SQLITE_OK
				416	}
				417	catchsql {DELETE FROM t2 WHERE a=11}
				418	} {0 {}}
				419	do_test auth-1.50 {
				420	execsql {SELECT * FROM t2}
danielk1977	52bd791	2008-10-27 15:34:32 +0000	[diff] [blame]	421	} {}
				422	do_test auth-1.50.2 {
				423	execsql {INSERT INTO t2 VALUES(11, 2, 33)}
				424	} {}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	425
				426	do_test auth-1.51 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	427	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	428	if {$code=="SQLITE_SELECT"} {
				429	return SQLITE_DENY
				430	}
				431	return SQLITE_OK
				432	}
				433	catchsql {SELECT * FROM t2}
				434	} {1 {not authorized}}
				435	do_test auth-1.52 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	436	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	437	if {$code=="SQLITE_SELECT"} {
				438	return SQLITE_IGNORE
				439	}
				440	return SQLITE_OK
				441	}
				442	catchsql {SELECT * FROM t2}
				443	} {0 {}}
				444	do_test auth-1.53 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	445	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	446	if {$code=="SQLITE_SELECT"} {
				447	return SQLITE_OK
				448	}
				449	return SQLITE_OK
				450	}
				451	catchsql {SELECT * FROM t2}
				452	} {0 {11 2 33}}
				453
danielk1977	2ac7970	2004-06-14 11:54:18 +0000	[diff] [blame]	454	# Update for version 3: There used to be a handful of test here that
				455	# tested the authorisation callback with the COPY command. The following
				456	# test makes the same database modifications as they used to.
				457	do_test auth-1.54 {
				458	execsql {INSERT INTO t2 VALUES(7, 8, 9);}
				459	} {}
				460	do_test auth-1.55 {
				461	execsql {SELECT * FROM t2}
				462	} {11 2 33 7 8 9}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	463
				464	do_test auth-1.63 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	465	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	466	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} {
				467	return SQLITE_DENY
				468	}
				469	return SQLITE_OK
				470	}
				471	catchsql {DROP TABLE t2}
				472	} {1 {not authorized}}
				473	do_test auth-1.64 {
				474	execsql {SELECT name FROM sqlite_master}
				475	} {t2}
				476	do_test auth-1.65 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	477	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	478	if {$code=="SQLITE_DELETE" && $arg1=="t2"} {
				479	return SQLITE_DENY
				480	}
				481	return SQLITE_OK
				482	}
				483	catchsql {DROP TABLE t2}
				484	} {1 {not authorized}}
				485	do_test auth-1.66 {
				486	execsql {SELECT name FROM sqlite_master}
				487	} {t2}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	488
				489	ifcapable tempdb {
				490	do_test auth-1.67 {
				491	proc auth {code arg1 arg2 arg3 arg4} {
				492	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} {
				493	return SQLITE_DENY
				494	}
				495	return SQLITE_OK
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	496	}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	497	catchsql {DROP TABLE t1}
				498	} {1 {not authorized}}
				499	do_test auth-1.68 {
				500	execsql {SELECT name FROM sqlite_temp_master}
				501	} {t1}
				502	do_test auth-1.69 {
				503	proc auth {code arg1 arg2 arg3 arg4} {
				504	if {$code=="SQLITE_DELETE" && $arg1=="t1"} {
				505	return SQLITE_DENY
				506	}
				507	return SQLITE_OK
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	508	}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	509	catchsql {DROP TABLE t1}
				510	} {1 {not authorized}}
				511	do_test auth-1.70 {
				512	execsql {SELECT name FROM sqlite_temp_master}
				513	} {t1}
				514	}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	515
				516	do_test auth-1.71 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	517	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	518	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} {
				519	return SQLITE_IGNORE
				520	}
				521	return SQLITE_OK
				522	}
				523	catchsql {DROP TABLE t2}
				524	} {0 {}}
				525	do_test auth-1.72 {
				526	execsql {SELECT name FROM sqlite_master}
				527	} {t2}
				528	do_test auth-1.73 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	529	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	530	if {$code=="SQLITE_DELETE" && $arg1=="t2"} {
				531	return SQLITE_IGNORE
				532	}
				533	return SQLITE_OK
				534	}
				535	catchsql {DROP TABLE t2}
				536	} {0 {}}
				537	do_test auth-1.74 {
				538	execsql {SELECT name FROM sqlite_master}
				539	} {t2}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	540
				541	ifcapable tempdb {
				542	do_test auth-1.75 {
				543	proc auth {code arg1 arg2 arg3 arg4} {
				544	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} {
				545	return SQLITE_IGNORE
				546	}
				547	return SQLITE_OK
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	548	}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	549	catchsql {DROP TABLE t1}
				550	} {0 {}}
				551	do_test auth-1.76 {
				552	execsql {SELECT name FROM sqlite_temp_master}
				553	} {t1}
				554	do_test auth-1.77 {
				555	proc auth {code arg1 arg2 arg3 arg4} {
				556	if {$code=="SQLITE_DELETE" && $arg1=="t1"} {
				557	return SQLITE_IGNORE
				558	}
				559	return SQLITE_OK
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	560	}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	561	catchsql {DROP TABLE t1}
				562	} {0 {}}
				563	do_test auth-1.78 {
				564	execsql {SELECT name FROM sqlite_temp_master}
				565	} {t1}
				566	}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	567
danielk1977	81650dc	2004-11-22 11:51:13 +0000	[diff] [blame]	568	# Test cases auth-1.79 to auth-1.124 test creating and dropping views.
danielk1977	0fa8ddb	2004-11-22 08:43:32 +0000	[diff] [blame]	569	# Omit these if the library was compiled with views omitted.
				570	ifcapable view {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	571	do_test auth-1.79 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	572	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	573	if {$code=="SQLITE_CREATE_VIEW"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	574	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	575	return SQLITE_DENY
				576	}
				577	return SQLITE_OK
				578	}
				579	catchsql {CREATE VIEW v1 AS SELECT a+1,b+1 FROM t2}
				580	} {1 {not authorized}}
				581	do_test auth-1.80 {
				582	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	583	} {v1 {} main {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	584	do_test auth-1.81 {
				585	execsql {SELECT name FROM sqlite_master}
				586	} {t2}
				587	do_test auth-1.82 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	588	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	589	if {$code=="SQLITE_CREATE_VIEW"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	590	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	591	return SQLITE_IGNORE
				592	}
				593	return SQLITE_OK
				594	}
				595	catchsql {CREATE VIEW v1 AS SELECT a+1,b+1 FROM t2}
				596	} {0 {}}
				597	do_test auth-1.83 {
				598	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	599	} {v1 {} main {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	600	do_test auth-1.84 {
				601	execsql {SELECT name FROM sqlite_master}
				602	} {t2}
				603
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	604	ifcapable tempdb {
				605	do_test auth-1.85 {
				606	proc auth {code arg1 arg2 arg3 arg4} {
				607	if {$code=="SQLITE_CREATE_TEMP_VIEW"} {
				608	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				609	return SQLITE_DENY
				610	}
				611	return SQLITE_OK
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	612	}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	613	catchsql {CREATE TEMPORARY VIEW v1 AS SELECT a+1,b+1 FROM t2}
				614	} {1 {not authorized}}
				615	do_test auth-1.86 {
				616	set ::authargs
				617	} {v1 {} temp {}}
				618	do_test auth-1.87 {
				619	execsql {SELECT name FROM sqlite_temp_master}
				620	} {t1}
				621	do_test auth-1.88 {
				622	proc auth {code arg1 arg2 arg3 arg4} {
				623	if {$code=="SQLITE_CREATE_TEMP_VIEW"} {
				624	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				625	return SQLITE_IGNORE
				626	}
				627	return SQLITE_OK
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	628	}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	629	catchsql {CREATE TEMPORARY VIEW v1 AS SELECT a+1,b+1 FROM t2}
				630	} {0 {}}
				631	do_test auth-1.89 {
				632	set ::authargs
				633	} {v1 {} temp {}}
				634	do_test auth-1.90 {
				635	execsql {SELECT name FROM sqlite_temp_master}
				636	} {t1}
				637	}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	638
				639	do_test auth-1.91 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	640	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	641	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} {
				642	return SQLITE_DENY
				643	}
				644	return SQLITE_OK
				645	}
				646	catchsql {CREATE VIEW v1 AS SELECT a+1,b+1 FROM t2}
				647	} {1 {not authorized}}
				648	do_test auth-1.92 {
				649	execsql {SELECT name FROM sqlite_master}
				650	} {t2}
				651	do_test auth-1.93 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	652	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	653	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} {
				654	return SQLITE_IGNORE
				655	}
				656	return SQLITE_OK
				657	}
				658	catchsql {CREATE VIEW v1 AS SELECT a+1,b+1 FROM t2}
				659	} {0 {}}
				660	do_test auth-1.94 {
				661	execsql {SELECT name FROM sqlite_master}
				662	} {t2}
				663
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	664	ifcapable tempdb {
				665	do_test auth-1.95 {
				666	proc auth {code arg1 arg2 arg3 arg4} {
				667	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} {
				668	return SQLITE_DENY
				669	}
				670	return SQLITE_OK
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	671	}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	672	catchsql {CREATE TEMPORARY VIEW v1 AS SELECT a+1,b+1 FROM t2}
				673	} {1 {not authorized}}
				674	do_test auth-1.96 {
				675	execsql {SELECT name FROM sqlite_temp_master}
				676	} {t1}
				677	do_test auth-1.97 {
				678	proc auth {code arg1 arg2 arg3 arg4} {
				679	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} {
				680	return SQLITE_IGNORE
				681	}
				682	return SQLITE_OK
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	683	}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	684	catchsql {CREATE TEMPORARY VIEW v1 AS SELECT a+1,b+1 FROM t2}
				685	} {0 {}}
				686	do_test auth-1.98 {
				687	execsql {SELECT name FROM sqlite_temp_master}
				688	} {t1}
				689	}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	690
				691	do_test auth-1.99 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	692	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	693	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} {
				694	return SQLITE_DENY
				695	}
				696	return SQLITE_OK
				697	}
				698	catchsql {
				699	CREATE VIEW v2 AS SELECT a+1,b+1 FROM t2;
				700	DROP VIEW v2
				701	}
				702	} {1 {not authorized}}
				703	do_test auth-1.100 {
				704	execsql {SELECT name FROM sqlite_master}
				705	} {t2 v2}
				706	do_test auth-1.101 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	707	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	708	if {$code=="SQLITE_DROP_VIEW"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	709	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	710	return SQLITE_DENY
				711	}
				712	return SQLITE_OK
				713	}
				714	catchsql {DROP VIEW v2}
				715	} {1 {not authorized}}
				716	do_test auth-1.102 {
				717	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	718	} {v2 {} main {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	719	do_test auth-1.103 {
				720	execsql {SELECT name FROM sqlite_master}
				721	} {t2 v2}
				722	do_test auth-1.104 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	723	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	724	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} {
				725	return SQLITE_IGNORE
				726	}
				727	return SQLITE_OK
				728	}
				729	catchsql {DROP VIEW v2}
				730	} {0 {}}
				731	do_test auth-1.105 {
				732	execsql {SELECT name FROM sqlite_master}
				733	} {t2 v2}
				734	do_test auth-1.106 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	735	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	736	if {$code=="SQLITE_DROP_VIEW"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	737	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	738	return SQLITE_IGNORE
				739	}
				740	return SQLITE_OK
				741	}
				742	catchsql {DROP VIEW v2}
				743	} {0 {}}
				744	do_test auth-1.107 {
				745	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	746	} {v2 {} main {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	747	do_test auth-1.108 {
				748	execsql {SELECT name FROM sqlite_master}
				749	} {t2 v2}
				750	do_test auth-1.109 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	751	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	752	if {$code=="SQLITE_DROP_VIEW"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	753	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	754	return SQLITE_OK
				755	}
				756	return SQLITE_OK
				757	}
				758	catchsql {DROP VIEW v2}
				759	} {0 {}}
				760	do_test auth-1.110 {
				761	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	762	} {v2 {} main {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	763	do_test auth-1.111 {
				764	execsql {SELECT name FROM sqlite_master}
				765	} {t2}
				766
				767
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	768	ifcapable tempdb {
				769	do_test auth-1.112 {
				770	proc auth {code arg1 arg2 arg3 arg4} {
				771	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} {
				772	return SQLITE_DENY
				773	}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	774	return SQLITE_OK
				775	}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	776	catchsql {
				777	CREATE TEMP VIEW v1 AS SELECT a+1,b+1 FROM t1;
				778	DROP VIEW v1
				779	}
				780	} {1 {not authorized}}
				781	do_test auth-1.113 {
				782	execsql {SELECT name FROM sqlite_temp_master}
				783	} {t1 v1}
				784	do_test auth-1.114 {
				785	proc auth {code arg1 arg2 arg3 arg4} {
				786	if {$code=="SQLITE_DROP_TEMP_VIEW"} {
				787	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				788	return SQLITE_DENY
				789	}
				790	return SQLITE_OK
				791	}
				792	catchsql {DROP VIEW v1}
				793	} {1 {not authorized}}
				794	do_test auth-1.115 {
				795	set ::authargs
				796	} {v1 {} temp {}}
				797	do_test auth-1.116 {
				798	execsql {SELECT name FROM sqlite_temp_master}
				799	} {t1 v1}
				800	do_test auth-1.117 {
				801	proc auth {code arg1 arg2 arg3 arg4} {
				802	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} {
				803	return SQLITE_IGNORE
				804	}
				805	return SQLITE_OK
				806	}
				807	catchsql {DROP VIEW v1}
				808	} {0 {}}
				809	do_test auth-1.118 {
				810	execsql {SELECT name FROM sqlite_temp_master}
				811	} {t1 v1}
				812	do_test auth-1.119 {
				813	proc auth {code arg1 arg2 arg3 arg4} {
				814	if {$code=="SQLITE_DROP_TEMP_VIEW"} {
				815	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				816	return SQLITE_IGNORE
				817	}
				818	return SQLITE_OK
				819	}
				820	catchsql {DROP VIEW v1}
				821	} {0 {}}
				822	do_test auth-1.120 {
				823	set ::authargs
				824	} {v1 {} temp {}}
				825	do_test auth-1.121 {
				826	execsql {SELECT name FROM sqlite_temp_master}
				827	} {t1 v1}
				828	do_test auth-1.122 {
				829	proc auth {code arg1 arg2 arg3 arg4} {
				830	if {$code=="SQLITE_DROP_TEMP_VIEW"} {
				831	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				832	return SQLITE_OK
				833	}
				834	return SQLITE_OK
				835	}
				836	catchsql {DROP VIEW v1}
				837	} {0 {}}
				838	do_test auth-1.123 {
				839	set ::authargs
				840	} {v1 {} temp {}}
				841	do_test auth-1.124 {
				842	execsql {SELECT name FROM sqlite_temp_master}
				843	} {t1}
				844	}
danielk1977	0fa8ddb	2004-11-22 08:43:32 +0000	[diff] [blame]	845	} ;# ifcapable view
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	846
danielk1977	81650dc	2004-11-22 11:51:13 +0000	[diff] [blame]	847	# Test cases auth-1.125 to auth-1.176 test creating and dropping triggers.
				848	# Omit these if the library was compiled with triggers omitted.
				849	#
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	850	ifcapable trigger&&tempdb {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	851	do_test auth-1.125 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	852	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	853	if {$code=="SQLITE_CREATE_TRIGGER"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	854	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	855	return SQLITE_DENY
				856	}
				857	return SQLITE_OK
				858	}
				859	catchsql {
				860	CREATE TRIGGER r2 DELETE on t2 BEGIN
				861	SELECT NULL;
				862	END;
				863	}
				864	} {1 {not authorized}}
				865	do_test auth-1.126 {
				866	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	867	} {r2 t2 main {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	868	do_test auth-1.127 {
				869	execsql {SELECT name FROM sqlite_master}
				870	} {t2}
				871	do_test auth-1.128 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	872	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	873	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} {
				874	return SQLITE_DENY
				875	}
				876	return SQLITE_OK
				877	}
				878	catchsql {
				879	CREATE TRIGGER r2 DELETE on t2 BEGIN
				880	SELECT NULL;
				881	END;
				882	}
				883	} {1 {not authorized}}
				884	do_test auth-1.129 {
				885	execsql {SELECT name FROM sqlite_master}
				886	} {t2}
				887	do_test auth-1.130 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	888	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	889	if {$code=="SQLITE_CREATE_TRIGGER"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	890	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	891	return SQLITE_IGNORE
				892	}
				893	return SQLITE_OK
				894	}
				895	catchsql {
				896	CREATE TRIGGER r2 DELETE on t2 BEGIN
				897	SELECT NULL;
				898	END;
				899	}
				900	} {0 {}}
				901	do_test auth-1.131 {
				902	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	903	} {r2 t2 main {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	904	do_test auth-1.132 {
				905	execsql {SELECT name FROM sqlite_master}
				906	} {t2}
				907	do_test auth-1.133 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	908	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	909	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} {
				910	return SQLITE_IGNORE
				911	}
				912	return SQLITE_OK
				913	}
				914	catchsql {
				915	CREATE TRIGGER r2 DELETE on t2 BEGIN
				916	SELECT NULL;
				917	END;
				918	}
				919	} {0 {}}
				920	do_test auth-1.134 {
				921	execsql {SELECT name FROM sqlite_master}
				922	} {t2}
				923	do_test auth-1.135 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	924	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	925	if {$code=="SQLITE_CREATE_TRIGGER"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	926	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	927	return SQLITE_OK
				928	}
				929	return SQLITE_OK
				930	}
				931	catchsql {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	932	CREATE TABLE tx(id);
				933	CREATE TRIGGER r2 AFTER INSERT ON t2 BEGIN
				934	INSERT INTO tx VALUES(NEW.rowid);
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	935	END;
				936	}
				937	} {0 {}}
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	938	do_test auth-1.136.1 {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	939	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	940	} {r2 t2 main {}}
				941	do_test auth-1.136.2 {
				942	execsql {
				943	SELECT name FROM sqlite_master WHERE type='trigger'
				944	}
				945	} {r2}
				946	do_test auth-1.136.3 {
				947	proc auth {code arg1 arg2 arg3 arg4} {
				948	lappend ::authargs $code $arg1 $arg2 $arg3 $arg4
				949	return SQLITE_OK
				950	}
				951	set ::authargs {}
				952	execsql {
				953	INSERT INTO t2 VALUES(1,2,3);
				954	}
				955	set ::authargs
				956	} {SQLITE_INSERT t2 {} main {} SQLITE_INSERT tx {} main r2 SQLITE_READ t2 ROWID main r2}
				957	do_test auth-1.136.4 {
				958	execsql {
				959	SELECT * FROM tx;
				960	}
				961	} {3}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	962	do_test auth-1.137 {
				963	execsql {SELECT name FROM sqlite_master}
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	964	} {t2 tx r2}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	965	do_test auth-1.138 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	966	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	967	if {$code=="SQLITE_CREATE_TEMP_TRIGGER"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	968	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	969	return SQLITE_DENY
				970	}
				971	return SQLITE_OK
				972	}
				973	catchsql {
				974	CREATE TRIGGER r1 DELETE on t1 BEGIN
				975	SELECT NULL;
				976	END;
				977	}
				978	} {1 {not authorized}}
				979	do_test auth-1.139 {
				980	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	981	} {r1 t1 temp {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	982	do_test auth-1.140 {
				983	execsql {SELECT name FROM sqlite_temp_master}
				984	} {t1}
				985	do_test auth-1.141 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	986	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	987	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} {
				988	return SQLITE_DENY
				989	}
				990	return SQLITE_OK
				991	}
				992	catchsql {
				993	CREATE TRIGGER r1 DELETE on t1 BEGIN
				994	SELECT NULL;
				995	END;
				996	}
				997	} {1 {not authorized}}
				998	do_test auth-1.142 {
				999	execsql {SELECT name FROM sqlite_temp_master}
				1000	} {t1}
				1001	do_test auth-1.143 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1002	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1003	if {$code=="SQLITE_CREATE_TEMP_TRIGGER"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1004	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1005	return SQLITE_IGNORE
				1006	}
				1007	return SQLITE_OK
				1008	}
				1009	catchsql {
				1010	CREATE TRIGGER r1 DELETE on t1 BEGIN
				1011	SELECT NULL;
				1012	END;
				1013	}
				1014	} {0 {}}
				1015	do_test auth-1.144 {
				1016	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1017	} {r1 t1 temp {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1018	do_test auth-1.145 {
				1019	execsql {SELECT name FROM sqlite_temp_master}
				1020	} {t1}
				1021	do_test auth-1.146 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1022	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1023	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} {
				1024	return SQLITE_IGNORE
				1025	}
				1026	return SQLITE_OK
				1027	}
				1028	catchsql {
				1029	CREATE TRIGGER r1 DELETE on t1 BEGIN
				1030	SELECT NULL;
				1031	END;
				1032	}
				1033	} {0 {}}
				1034	do_test auth-1.147 {
				1035	execsql {SELECT name FROM sqlite_temp_master}
				1036	} {t1}
				1037	do_test auth-1.148 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1038	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1039	if {$code=="SQLITE_CREATE_TEMP_TRIGGER"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1040	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1041	return SQLITE_OK
				1042	}
				1043	return SQLITE_OK
				1044	}
				1045	catchsql {
				1046	CREATE TRIGGER r1 DELETE on t1 BEGIN
				1047	SELECT NULL;
				1048	END;
				1049	}
				1050	} {0 {}}
				1051	do_test auth-1.149 {
				1052	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1053	} {r1 t1 temp {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1054	do_test auth-1.150 {
				1055	execsql {SELECT name FROM sqlite_temp_master}
				1056	} {t1 r1}
				1057
				1058	do_test auth-1.151 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1059	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1060	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} {
				1061	return SQLITE_DENY
				1062	}
				1063	return SQLITE_OK
				1064	}
				1065	catchsql {DROP TRIGGER r2}
				1066	} {1 {not authorized}}
				1067	do_test auth-1.152 {
				1068	execsql {SELECT name FROM sqlite_master}
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1069	} {t2 tx r2}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1070	do_test auth-1.153 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1071	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1072	if {$code=="SQLITE_DROP_TRIGGER"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1073	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1074	return SQLITE_DENY
				1075	}
				1076	return SQLITE_OK
				1077	}
				1078	catchsql {DROP TRIGGER r2}
				1079	} {1 {not authorized}}
				1080	do_test auth-1.154 {
				1081	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1082	} {r2 t2 main {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1083	do_test auth-1.155 {
				1084	execsql {SELECT name FROM sqlite_master}
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1085	} {t2 tx r2}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1086	do_test auth-1.156 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1087	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1088	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} {
				1089	return SQLITE_IGNORE
				1090	}
				1091	return SQLITE_OK
				1092	}
				1093	catchsql {DROP TRIGGER r2}
				1094	} {0 {}}
				1095	do_test auth-1.157 {
				1096	execsql {SELECT name FROM sqlite_master}
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1097	} {t2 tx r2}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1098	do_test auth-1.158 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1099	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1100	if {$code=="SQLITE_DROP_TRIGGER"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1101	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1102	return SQLITE_IGNORE
				1103	}
				1104	return SQLITE_OK
				1105	}
				1106	catchsql {DROP TRIGGER r2}
				1107	} {0 {}}
				1108	do_test auth-1.159 {
				1109	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1110	} {r2 t2 main {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1111	do_test auth-1.160 {
				1112	execsql {SELECT name FROM sqlite_master}
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1113	} {t2 tx r2}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1114	do_test auth-1.161 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1115	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1116	if {$code=="SQLITE_DROP_TRIGGER"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1117	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1118	return SQLITE_OK
				1119	}
				1120	return SQLITE_OK
				1121	}
				1122	catchsql {DROP TRIGGER r2}
				1123	} {0 {}}
				1124	do_test auth-1.162 {
				1125	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1126	} {r2 t2 main {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1127	do_test auth-1.163 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1128	execsql {
				1129	DROP TABLE tx;
				1130	DELETE FROM t2 WHERE a=1 AND b=2 AND c=3;
				1131	SELECT name FROM sqlite_master;
				1132	}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1133	} {t2}
				1134
				1135	do_test auth-1.164 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1136	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1137	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} {
				1138	return SQLITE_DENY
				1139	}
				1140	return SQLITE_OK
				1141	}
				1142	catchsql {DROP TRIGGER r1}
				1143	} {1 {not authorized}}
				1144	do_test auth-1.165 {
				1145	execsql {SELECT name FROM sqlite_temp_master}
				1146	} {t1 r1}
				1147	do_test auth-1.166 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1148	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1149	if {$code=="SQLITE_DROP_TEMP_TRIGGER"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1150	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1151	return SQLITE_DENY
				1152	}
				1153	return SQLITE_OK
				1154	}
				1155	catchsql {DROP TRIGGER r1}
				1156	} {1 {not authorized}}
				1157	do_test auth-1.167 {
				1158	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1159	} {r1 t1 temp {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1160	do_test auth-1.168 {
				1161	execsql {SELECT name FROM sqlite_temp_master}
				1162	} {t1 r1}
				1163	do_test auth-1.169 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1164	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1165	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} {
				1166	return SQLITE_IGNORE
				1167	}
				1168	return SQLITE_OK
				1169	}
				1170	catchsql {DROP TRIGGER r1}
				1171	} {0 {}}
				1172	do_test auth-1.170 {
				1173	execsql {SELECT name FROM sqlite_temp_master}
				1174	} {t1 r1}
				1175	do_test auth-1.171 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1176	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1177	if {$code=="SQLITE_DROP_TEMP_TRIGGER"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1178	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1179	return SQLITE_IGNORE
				1180	}
				1181	return SQLITE_OK
				1182	}
				1183	catchsql {DROP TRIGGER r1}
				1184	} {0 {}}
				1185	do_test auth-1.172 {
				1186	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1187	} {r1 t1 temp {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1188	do_test auth-1.173 {
				1189	execsql {SELECT name FROM sqlite_temp_master}
				1190	} {t1 r1}
				1191	do_test auth-1.174 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1192	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1193	if {$code=="SQLITE_DROP_TEMP_TRIGGER"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1194	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1195	return SQLITE_OK
				1196	}
				1197	return SQLITE_OK
				1198	}
				1199	catchsql {DROP TRIGGER r1}
				1200	} {0 {}}
				1201	do_test auth-1.175 {
				1202	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1203	} {r1 t1 temp {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1204	do_test auth-1.176 {
				1205	execsql {SELECT name FROM sqlite_temp_master}
				1206	} {t1}
danielk1977	81650dc	2004-11-22 11:51:13 +0000	[diff] [blame]	1207	} ;# ifcapable trigger
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1208
				1209	do_test auth-1.177 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1210	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1211	if {$code=="SQLITE_CREATE_INDEX"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1212	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1213	return SQLITE_DENY
				1214	}
				1215	return SQLITE_OK
				1216	}
				1217	catchsql {CREATE INDEX i2 ON t2(a)}
				1218	} {1 {not authorized}}
				1219	do_test auth-1.178 {
				1220	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1221	} {i2 t2 main {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1222	do_test auth-1.179 {
				1223	execsql {SELECT name FROM sqlite_master}
				1224	} {t2}
				1225	do_test auth-1.180 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1226	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1227	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} {
				1228	return SQLITE_DENY
				1229	}
				1230	return SQLITE_OK
				1231	}
				1232	catchsql {CREATE INDEX i2 ON t2(a)}
				1233	} {1 {not authorized}}
				1234	do_test auth-1.181 {
				1235	execsql {SELECT name FROM sqlite_master}
				1236	} {t2}
				1237	do_test auth-1.182 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1238	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1239	if {$code=="SQLITE_CREATE_INDEX"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1240	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1241	return SQLITE_IGNORE
				1242	}
				1243	return SQLITE_OK
				1244	}
				1245	catchsql {CREATE INDEX i2 ON t2(b)}
				1246	} {0 {}}
				1247	do_test auth-1.183 {
				1248	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1249	} {i2 t2 main {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1250	do_test auth-1.184 {
				1251	execsql {SELECT name FROM sqlite_master}
				1252	} {t2}
				1253	do_test auth-1.185 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1254	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1255	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} {
				1256	return SQLITE_IGNORE
				1257	}
				1258	return SQLITE_OK
				1259	}
				1260	catchsql {CREATE INDEX i2 ON t2(b)}
				1261	} {0 {}}
				1262	do_test auth-1.186 {
				1263	execsql {SELECT name FROM sqlite_master}
				1264	} {t2}
				1265	do_test auth-1.187 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1266	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1267	if {$code=="SQLITE_CREATE_INDEX"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1268	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1269	return SQLITE_OK
				1270	}
				1271	return SQLITE_OK
				1272	}
				1273	catchsql {CREATE INDEX i2 ON t2(a)}
				1274	} {0 {}}
				1275	do_test auth-1.188 {
				1276	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1277	} {i2 t2 main {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1278	do_test auth-1.189 {
				1279	execsql {SELECT name FROM sqlite_master}
				1280	} {t2 i2}
				1281
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	1282	ifcapable tempdb {
				1283	do_test auth-1.190 {
				1284	proc auth {code arg1 arg2 arg3 arg4} {
				1285	if {$code=="SQLITE_CREATE_TEMP_INDEX"} {
				1286	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				1287	return SQLITE_DENY
				1288	}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1289	return SQLITE_OK
				1290	}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	1291	catchsql {CREATE INDEX i1 ON t1(a)}
				1292	} {1 {not authorized}}
				1293	do_test auth-1.191 {
				1294	set ::authargs
				1295	} {i1 t1 temp {}}
				1296	do_test auth-1.192 {
				1297	execsql {SELECT name FROM sqlite_temp_master}
				1298	} {t1}
				1299	do_test auth-1.193 {
				1300	proc auth {code arg1 arg2 arg3 arg4} {
				1301	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} {
				1302	return SQLITE_DENY
				1303	}
				1304	return SQLITE_OK
				1305	}
				1306	catchsql {CREATE INDEX i1 ON t1(b)}
				1307	} {1 {not authorized}}
				1308	do_test auth-1.194 {
				1309	execsql {SELECT name FROM sqlite_temp_master}
				1310	} {t1}
				1311	do_test auth-1.195 {
				1312	proc auth {code arg1 arg2 arg3 arg4} {
				1313	if {$code=="SQLITE_CREATE_TEMP_INDEX"} {
				1314	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				1315	return SQLITE_IGNORE
				1316	}
				1317	return SQLITE_OK
				1318	}
				1319	catchsql {CREATE INDEX i1 ON t1(b)}
				1320	} {0 {}}
				1321	do_test auth-1.196 {
				1322	set ::authargs
				1323	} {i1 t1 temp {}}
				1324	do_test auth-1.197 {
				1325	execsql {SELECT name FROM sqlite_temp_master}
				1326	} {t1}
				1327	do_test auth-1.198 {
				1328	proc auth {code arg1 arg2 arg3 arg4} {
				1329	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} {
				1330	return SQLITE_IGNORE
				1331	}
				1332	return SQLITE_OK
				1333	}
				1334	catchsql {CREATE INDEX i1 ON t1(c)}
				1335	} {0 {}}
				1336	do_test auth-1.199 {
				1337	execsql {SELECT name FROM sqlite_temp_master}
				1338	} {t1}
				1339	do_test auth-1.200 {
				1340	proc auth {code arg1 arg2 arg3 arg4} {
				1341	if {$code=="SQLITE_CREATE_TEMP_INDEX"} {
				1342	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				1343	return SQLITE_OK
				1344	}
				1345	return SQLITE_OK
				1346	}
				1347	catchsql {CREATE INDEX i1 ON t1(a)}
				1348	} {0 {}}
				1349	do_test auth-1.201 {
				1350	set ::authargs
				1351	} {i1 t1 temp {}}
				1352	do_test auth-1.202 {
				1353	execsql {SELECT name FROM sqlite_temp_master}
				1354	} {t1 i1}
				1355	}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1356
				1357	do_test auth-1.203 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1358	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1359	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} {
				1360	return SQLITE_DENY
				1361	}
				1362	return SQLITE_OK
				1363	}
				1364	catchsql {DROP INDEX i2}
				1365	} {1 {not authorized}}
				1366	do_test auth-1.204 {
				1367	execsql {SELECT name FROM sqlite_master}
				1368	} {t2 i2}
				1369	do_test auth-1.205 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1370	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1371	if {$code=="SQLITE_DROP_INDEX"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1372	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1373	return SQLITE_DENY
				1374	}
				1375	return SQLITE_OK
				1376	}
				1377	catchsql {DROP INDEX i2}
				1378	} {1 {not authorized}}
				1379	do_test auth-1.206 {
				1380	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1381	} {i2 t2 main {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1382	do_test auth-1.207 {
				1383	execsql {SELECT name FROM sqlite_master}
				1384	} {t2 i2}
				1385	do_test auth-1.208 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1386	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1387	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} {
				1388	return SQLITE_IGNORE
				1389	}
				1390	return SQLITE_OK
				1391	}
				1392	catchsql {DROP INDEX i2}
				1393	} {0 {}}
				1394	do_test auth-1.209 {
				1395	execsql {SELECT name FROM sqlite_master}
				1396	} {t2 i2}
				1397	do_test auth-1.210 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1398	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1399	if {$code=="SQLITE_DROP_INDEX"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1400	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1401	return SQLITE_IGNORE
				1402	}
				1403	return SQLITE_OK
				1404	}
				1405	catchsql {DROP INDEX i2}
				1406	} {0 {}}
				1407	do_test auth-1.211 {
				1408	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1409	} {i2 t2 main {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1410	do_test auth-1.212 {
				1411	execsql {SELECT name FROM sqlite_master}
				1412	} {t2 i2}
				1413	do_test auth-1.213 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1414	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1415	if {$code=="SQLITE_DROP_INDEX"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1416	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1417	return SQLITE_OK
				1418	}
				1419	return SQLITE_OK
				1420	}
				1421	catchsql {DROP INDEX i2}
				1422	} {0 {}}
				1423	do_test auth-1.214 {
				1424	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1425	} {i2 t2 main {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1426	do_test auth-1.215 {
				1427	execsql {SELECT name FROM sqlite_master}
				1428	} {t2}
				1429
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	1430	ifcapable tempdb {
				1431	do_test auth-1.216 {
				1432	proc auth {code arg1 arg2 arg3 arg4} {
				1433	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} {
				1434	return SQLITE_DENY
				1435	}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1436	return SQLITE_OK
				1437	}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	1438	catchsql {DROP INDEX i1}
				1439	} {1 {not authorized}}
				1440	do_test auth-1.217 {
				1441	execsql {SELECT name FROM sqlite_temp_master}
				1442	} {t1 i1}
				1443	do_test auth-1.218 {
				1444	proc auth {code arg1 arg2 arg3 arg4} {
				1445	if {$code=="SQLITE_DROP_TEMP_INDEX"} {
				1446	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				1447	return SQLITE_DENY
				1448	}
				1449	return SQLITE_OK
				1450	}
				1451	catchsql {DROP INDEX i1}
				1452	} {1 {not authorized}}
				1453	do_test auth-1.219 {
				1454	set ::authargs
				1455	} {i1 t1 temp {}}
				1456	do_test auth-1.220 {
				1457	execsql {SELECT name FROM sqlite_temp_master}
				1458	} {t1 i1}
				1459	do_test auth-1.221 {
				1460	proc auth {code arg1 arg2 arg3 arg4} {
				1461	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} {
				1462	return SQLITE_IGNORE
				1463	}
				1464	return SQLITE_OK
				1465	}
				1466	catchsql {DROP INDEX i1}
				1467	} {0 {}}
				1468	do_test auth-1.222 {
				1469	execsql {SELECT name FROM sqlite_temp_master}
				1470	} {t1 i1}
				1471	do_test auth-1.223 {
				1472	proc auth {code arg1 arg2 arg3 arg4} {
				1473	if {$code=="SQLITE_DROP_TEMP_INDEX"} {
				1474	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				1475	return SQLITE_IGNORE
				1476	}
				1477	return SQLITE_OK
				1478	}
				1479	catchsql {DROP INDEX i1}
				1480	} {0 {}}
				1481	do_test auth-1.224 {
				1482	set ::authargs
				1483	} {i1 t1 temp {}}
				1484	do_test auth-1.225 {
				1485	execsql {SELECT name FROM sqlite_temp_master}
				1486	} {t1 i1}
				1487	do_test auth-1.226 {
				1488	proc auth {code arg1 arg2 arg3 arg4} {
				1489	if {$code=="SQLITE_DROP_TEMP_INDEX"} {
				1490	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				1491	return SQLITE_OK
				1492	}
				1493	return SQLITE_OK
				1494	}
				1495	catchsql {DROP INDEX i1}
				1496	} {0 {}}
				1497	do_test auth-1.227 {
				1498	set ::authargs
				1499	} {i1 t1 temp {}}
				1500	do_test auth-1.228 {
				1501	execsql {SELECT name FROM sqlite_temp_master}
				1502	} {t1}
				1503	}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1504
				1505	do_test auth-1.229 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1506	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1507	if {$code=="SQLITE_PRAGMA"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1508	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1509	return SQLITE_DENY
				1510	}
				1511	return SQLITE_OK
				1512	}
				1513	catchsql {PRAGMA full_column_names=on}
				1514	} {1 {not authorized}}
				1515	do_test auth-1.230 {
				1516	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1517	} {full_column_names on {} {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1518	do_test auth-1.231 {
				1519	execsql2 {SELECT a FROM t2}
				1520	} {a 11 a 7}
				1521	do_test auth-1.232 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1522	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1523	if {$code=="SQLITE_PRAGMA"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1524	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1525	return SQLITE_IGNORE
				1526	}
				1527	return SQLITE_OK
				1528	}
				1529	catchsql {PRAGMA full_column_names=on}
				1530	} {0 {}}
				1531	do_test auth-1.233 {
				1532	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1533	} {full_column_names on {} {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1534	do_test auth-1.234 {
				1535	execsql2 {SELECT a FROM t2}
				1536	} {a 11 a 7}
				1537	do_test auth-1.235 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1538	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1539	if {$code=="SQLITE_PRAGMA"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1540	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1541	return SQLITE_OK
				1542	}
				1543	return SQLITE_OK
				1544	}
				1545	catchsql {PRAGMA full_column_names=on}
				1546	} {0 {}}
				1547	do_test auth-1.236 {
				1548	execsql2 {SELECT a FROM t2}
				1549	} {t2.a 11 t2.a 7}
				1550	do_test auth-1.237 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1551	proc auth {code arg1 arg2 arg3 arg4} {
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1552	if {$code=="SQLITE_PRAGMA"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1553	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1554	return SQLITE_OK
				1555	}
				1556	return SQLITE_OK
				1557	}
				1558	catchsql {PRAGMA full_column_names=OFF}
				1559	} {0 {}}
				1560	do_test auth-1.238 {
				1561	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1562	} {full_column_names OFF {} {}}
drh	77ad4e4	2003-01-14 02:49:27 +0000	[diff] [blame]	1563	do_test auth-1.239 {
				1564	execsql2 {SELECT a FROM t2}
				1565	} {a 11 a 7}
drh	e5f9c64	2003-01-13 23:27:31 +0000	[diff] [blame]	1566
drh	2c3831c	2003-01-14 13:48:20 +0000	[diff] [blame]	1567	do_test auth-1.240 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1568	proc auth {code arg1 arg2 arg3 arg4} {
drh	2c3831c	2003-01-14 13:48:20 +0000	[diff] [blame]	1569	if {$code=="SQLITE_TRANSACTION"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1570	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	2c3831c	2003-01-14 13:48:20 +0000	[diff] [blame]	1571	return SQLITE_DENY
				1572	}
				1573	return SQLITE_OK
				1574	}
				1575	catchsql {BEGIN}
				1576	} {1 {not authorized}}
				1577	do_test auth-1.241 {
				1578	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1579	} {BEGIN {} {} {}}
drh	2c3831c	2003-01-14 13:48:20 +0000	[diff] [blame]	1580	do_test auth-1.242 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1581	proc auth {code arg1 arg2 arg3 arg4} {
drh	2c3831c	2003-01-14 13:48:20 +0000	[diff] [blame]	1582	if {$code=="SQLITE_TRANSACTION" && $arg1!="BEGIN"} {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1583	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
drh	2c3831c	2003-01-14 13:48:20 +0000	[diff] [blame]	1584	return SQLITE_DENY
				1585	}
				1586	return SQLITE_OK
				1587	}
				1588	catchsql {BEGIN; INSERT INTO t2 VALUES(44,55,66); COMMIT}
				1589	} {1 {not authorized}}
				1590	do_test auth-1.243 {
				1591	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1592	} {COMMIT {} {} {}}
drh	2c3831c	2003-01-14 13:48:20 +0000	[diff] [blame]	1593	do_test auth-1.244 {
				1594	execsql {SELECT * FROM t2}
				1595	} {11 2 33 7 8 9 44 55 66}
				1596	do_test auth-1.245 {
				1597	catchsql {ROLLBACK}
				1598	} {1 {not authorized}}
				1599	do_test auth-1.246 {
				1600	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1601	} {ROLLBACK {} {} {}}
drh	2c3831c	2003-01-14 13:48:20 +0000	[diff] [blame]	1602	do_test auth-1.247 {
				1603	catchsql {END TRANSACTION}
				1604	} {1 {not authorized}}
				1605	do_test auth-1.248 {
				1606	set ::authargs
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1607	} {COMMIT {} {} {}}
drh	2c3831c	2003-01-14 13:48:20 +0000	[diff] [blame]	1608	do_test auth-1.249 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	1609	db authorizer {}
drh	2c3831c	2003-01-14 13:48:20 +0000	[diff] [blame]	1610	catchsql {ROLLBACK}
				1611	} {0 {}}
				1612	do_test auth-1.250 {
				1613	execsql {SELECT * FROM t2}
				1614	} {11 2 33 7 8 9}
				1615
drh	81e293b	2003-06-06 19:00:42 +0000	[diff] [blame]	1616	# ticket #340 - authorization for ATTACH and DETACH.
				1617	#
danielk1977	5a8f937	2007-10-09 08:29:32 +0000	[diff] [blame]	1618	ifcapable attach {
				1619	do_test auth-1.251 {
				1620	db authorizer ::auth
				1621	proc auth {code arg1 arg2 arg3 arg4} {
				1622	if {$code=="SQLITE_ATTACH"} {
				1623	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				1624	}
drh	81e293b	2003-06-06 19:00:42 +0000	[diff] [blame]	1625	return SQLITE_OK
				1626	}
danielk1977	5a8f937	2007-10-09 08:29:32 +0000	[diff] [blame]	1627	catchsql {
				1628	ATTACH DATABASE ':memory:' AS test1
drh	81e293b	2003-06-06 19:00:42 +0000	[diff] [blame]	1629	}
danielk1977	5a8f937	2007-10-09 08:29:32 +0000	[diff] [blame]	1630	} {0 {}}
drh	0097eb3	2011-02-04 00:51:16 +0000	[diff] [blame]	1631	do_test auth-1.252a {
danielk1977	5a8f937	2007-10-09 08:29:32 +0000	[diff] [blame]	1632	set ::authargs
				1633	} {:memory: {} {} {}}
drh	0097eb3	2011-02-04 00:51:16 +0000	[diff] [blame]	1634	do_test auth-1.252b {
				1635	db eval {DETACH test1}
				1636	set ::attachfilename :memory:
				1637	db eval {ATTACH $::attachfilename AS test1}
				1638	set ::authargs
				1639	} {{} {} {} {}}
				1640	do_test auth-1.252c {
				1641	db eval {DETACH test1}
				1642	db eval {ATTACH ':mem' \|\| 'ory:' AS test1}
				1643	set ::authargs
				1644	} {{} {} {} {}}
danielk1977	5a8f937	2007-10-09 08:29:32 +0000	[diff] [blame]	1645	do_test auth-1.253 {
				1646	catchsql {DETACH DATABASE test1}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	1647	proc auth {code arg1 arg2 arg3 arg4} {
danielk1977	5a8f937	2007-10-09 08:29:32 +0000	[diff] [blame]	1648	if {$code=="SQLITE_ATTACH"} {
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	1649	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				1650	return SQLITE_DENY
				1651	}
danielk1977	1c8c23c	2004-11-12 15:53:37 +0000	[diff] [blame]	1652	return SQLITE_OK
				1653	}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	1654	catchsql {
danielk1977	5a8f937	2007-10-09 08:29:32 +0000	[diff] [blame]	1655	ATTACH DATABASE ':memory:' AS test1;
danielk1977	1c8c23c	2004-11-12 15:53:37 +0000	[diff] [blame]	1656	}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	1657	} {1 {not authorized}}
danielk1977	5a8f937	2007-10-09 08:29:32 +0000	[diff] [blame]	1658	do_test auth-1.254 {
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	1659	lindex [execsql {PRAGMA database_list}] 7
danielk1977	5a8f937	2007-10-09 08:29:32 +0000	[diff] [blame]	1660	} {}
				1661	do_test auth-1.255 {
				1662	catchsql {DETACH DATABASE test1}
				1663	proc auth {code arg1 arg2 arg3 arg4} {
				1664	if {$code=="SQLITE_ATTACH"} {
				1665	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				1666	return SQLITE_IGNORE
				1667	}
				1668	return SQLITE_OK
				1669	}
				1670	catchsql {
				1671	ATTACH DATABASE ':memory:' AS test1;
				1672	}
				1673	} {0 {}}
				1674	do_test auth-1.256 {
				1675	lindex [execsql {PRAGMA database_list}] 7
				1676	} {}
				1677	do_test auth-1.257 {
				1678	proc auth {code arg1 arg2 arg3 arg4} {
				1679	if {$code=="SQLITE_DETACH"} {
				1680	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	1681	return SQLITE_OK
				1682	}
danielk1977	5a8f937	2007-10-09 08:29:32 +0000	[diff] [blame]	1683	return SQLITE_OK
				1684	}
				1685	execsql {ATTACH DATABASE ':memory:' AS test1}
				1686	catchsql {
				1687	DETACH DATABASE test1;
				1688	}
				1689	} {0 {}}
				1690	do_test auth-1.258 {
				1691	lindex [execsql {PRAGMA database_list}] 7
				1692	} {}
				1693	do_test auth-1.259 {
				1694	execsql {ATTACH DATABASE ':memory:' AS test1}
				1695	proc auth {code arg1 arg2 arg3 arg4} {
				1696	if {$code=="SQLITE_DETACH"} {
				1697	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				1698	return SQLITE_IGNORE
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	1699	}
danielk1977	5a8f937	2007-10-09 08:29:32 +0000	[diff] [blame]	1700	return SQLITE_OK
				1701	}
				1702	catchsql {
				1703	DETACH DATABASE test1;
				1704	}
				1705	} {0 {}}
				1706	ifcapable tempdb {
				1707	ifcapable schema_pragmas {
				1708	do_test auth-1.260 {
				1709	lindex [execsql {PRAGMA database_list}] 7
				1710	} {test1}
				1711	} ;# ifcapable schema_pragmas
				1712	do_test auth-1.261 {
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	1713	proc auth {code arg1 arg2 arg3 arg4} {
danielk1977	5a8f937	2007-10-09 08:29:32 +0000	[diff] [blame]	1714	if {$code=="SQLITE_DETACH"} {
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	1715	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				1716	return SQLITE_DENY
				1717	}
				1718	return SQLITE_OK
				1719	}
				1720	catchsql {
danielk1977	5a8f937	2007-10-09 08:29:32 +0000	[diff] [blame]	1721	DETACH DATABASE test1;
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	1722	}
				1723	} {1 {not authorized}}
danielk1977	5a8f937	2007-10-09 08:29:32 +0000	[diff] [blame]	1724	ifcapable schema_pragmas {
				1725	do_test auth-1.262 {
				1726	lindex [execsql {PRAGMA database_list}] 7
				1727	} {test1}
				1728	} ;# ifcapable schema_pragmas
				1729	db authorizer {}
				1730	execsql {DETACH DATABASE test1}
				1731	db authorizer ::auth
				1732
				1733	# Authorization for ALTER TABLE. These tests are omitted if the library
				1734	# was built without ALTER TABLE support.
				1735	ifcapable altertable {
				1736
				1737	do_test auth-1.263 {
				1738	proc auth {code arg1 arg2 arg3 arg4} {
				1739	if {$code=="SQLITE_ALTER_TABLE"} {
				1740	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				1741	return SQLITE_OK
				1742	}
				1743	return SQLITE_OK
				1744	}
				1745	catchsql {
				1746	ALTER TABLE t1 RENAME TO t1x
				1747	}
				1748	} {0 {}}
				1749	do_test auth-1.264 {
				1750	execsql {SELECT name FROM sqlite_temp_master WHERE type='table'}
				1751	} {t1x}
				1752	do_test auth-1.265 {
				1753	set authargs
				1754	} {temp t1 {} {}}
				1755	do_test auth-1.266 {
				1756	proc auth {code arg1 arg2 arg3 arg4} {
				1757	if {$code=="SQLITE_ALTER_TABLE"} {
				1758	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				1759	return SQLITE_IGNORE
				1760	}
				1761	return SQLITE_OK
				1762	}
				1763	catchsql {
				1764	ALTER TABLE t1x RENAME TO t1
				1765	}
				1766	} {0 {}}
				1767	do_test auth-1.267 {
				1768	execsql {SELECT name FROM sqlite_temp_master WHERE type='table'}
				1769	} {t1x}
				1770	do_test auth-1.268 {
				1771	set authargs
				1772	} {temp t1x {} {}}
				1773	do_test auth-1.269 {
				1774	proc auth {code arg1 arg2 arg3 arg4} {
				1775	if {$code=="SQLITE_ALTER_TABLE"} {
				1776	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				1777	return SQLITE_DENY
				1778	}
				1779	return SQLITE_OK
				1780	}
				1781	catchsql {
				1782	ALTER TABLE t1x RENAME TO t1
				1783	}
				1784	} {1 {not authorized}}
				1785	do_test auth-1.270 {
				1786	execsql {SELECT name FROM sqlite_temp_master WHERE type='table'}
				1787	} {t1x}
				1788
				1789	do_test auth-1.271 {
				1790	set authargs
				1791	} {temp t1x {} {}}
				1792	} ;# ifcapable altertable
				1793
				1794	} else {
				1795	db authorizer {}
				1796	db eval {
				1797	DETACH DATABASE test1;
				1798	}
danielk1977	1c8c23c	2004-11-12 15:53:37 +0000	[diff] [blame]	1799	}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	1800	}
				1801
				1802	ifcapable altertable {
danielk1977	1c8c23c	2004-11-12 15:53:37 +0000	[diff] [blame]	1803	db authorizer {}
				1804	catchsql {ALTER TABLE t1x RENAME TO t1}
				1805	db authorizer ::auth
				1806	do_test auth-1.272 {
				1807	proc auth {code arg1 arg2 arg3 arg4} {
				1808	if {$code=="SQLITE_ALTER_TABLE"} {
				1809	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				1810	return SQLITE_OK
				1811	}
				1812	return SQLITE_OK
				1813	}
				1814	catchsql {
				1815	ALTER TABLE t2 RENAME TO t2x
				1816	}
				1817	} {0 {}}
				1818	do_test auth-1.273 {
				1819	execsql {SELECT name FROM sqlite_master WHERE type='table'}
				1820	} {t2x}
				1821	do_test auth-1.274 {
				1822	set authargs
				1823	} {main t2 {} {}}
				1824	do_test auth-1.275 {
				1825	proc auth {code arg1 arg2 arg3 arg4} {
				1826	if {$code=="SQLITE_ALTER_TABLE"} {
				1827	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				1828	return SQLITE_IGNORE
				1829	}
				1830	return SQLITE_OK
				1831	}
				1832	catchsql {
				1833	ALTER TABLE t2x RENAME TO t2
				1834	}
				1835	} {0 {}}
				1836	do_test auth-1.276 {
				1837	execsql {SELECT name FROM sqlite_master WHERE type='table'}
				1838	} {t2x}
				1839	do_test auth-1.277 {
				1840	set authargs
				1841	} {main t2x {} {}}
				1842	do_test auth-1.278 {
				1843	proc auth {code arg1 arg2 arg3 arg4} {
				1844	if {$code=="SQLITE_ALTER_TABLE"} {
				1845	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				1846	return SQLITE_DENY
				1847	}
				1848	return SQLITE_OK
				1849	}
				1850	catchsql {
				1851	ALTER TABLE t2x RENAME TO t2
				1852	}
				1853	} {1 {not authorized}}
				1854	do_test auth-1.279 {
				1855	execsql {SELECT name FROM sqlite_master WHERE type='table'}
				1856	} {t2x}
				1857	do_test auth-1.280 {
				1858	set authargs
				1859	} {main t2x {} {}}
				1860	db authorizer {}
				1861	catchsql {ALTER TABLE t2x RENAME TO t2}
drh	81e293b	2003-06-06 19:00:42 +0000	[diff] [blame]	1862
danielk1977	215e64d	2004-11-22 03:34:21 +0000	[diff] [blame]	1863	} ;# ifcapable altertable
				1864
danielk1977	1d54df8	2004-11-23 15:41:16 +0000	[diff] [blame]	1865	# Test the authorization callbacks for the REINDEX command.
				1866	ifcapable reindex {
				1867
				1868	proc auth {code args} {
				1869	if {$code=="SQLITE_REINDEX"} {
				1870	set ::authargs [concat $::authargs $args]
				1871	}
				1872	return SQLITE_OK
				1873	}
				1874	db authorizer auth
				1875	do_test auth-1.281 {
				1876	execsql {
				1877	CREATE TABLE t3(a PRIMARY KEY, b, c);
				1878	CREATE INDEX t3_idx1 ON t3(c COLLATE BINARY);
				1879	CREATE INDEX t3_idx2 ON t3(b COLLATE NOCASE);
				1880	}
				1881	} {}
				1882	do_test auth-1.282 {
				1883	set ::authargs {}
				1884	execsql {
				1885	REINDEX t3_idx1;
				1886	}
				1887	set ::authargs
				1888	} {t3_idx1 {} main {}}
				1889	do_test auth-1.283 {
				1890	set ::authargs {}
				1891	execsql {
				1892	REINDEX BINARY;
				1893	}
				1894	set ::authargs
				1895	} {t3_idx1 {} main {} sqlite_autoindex_t3_1 {} main {}}
				1896	do_test auth-1.284 {
				1897	set ::authargs {}
				1898	execsql {
				1899	REINDEX NOCASE;
				1900	}
				1901	set ::authargs
				1902	} {t3_idx2 {} main {}}
				1903	do_test auth-1.285 {
				1904	set ::authargs {}
				1905	execsql {
				1906	REINDEX t3;
				1907	}
				1908	set ::authargs
				1909	} {t3_idx2 {} main {} t3_idx1 {} main {} sqlite_autoindex_t3_1 {} main {}}
				1910	do_test auth-1.286 {
				1911	execsql {
				1912	DROP TABLE t3;
				1913	}
				1914	} {}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	1915	ifcapable tempdb {
				1916	do_test auth-1.287 {
				1917	execsql {
				1918	CREATE TEMP TABLE t3(a PRIMARY KEY, b, c);
				1919	CREATE INDEX t3_idx1 ON t3(c COLLATE BINARY);
				1920	CREATE INDEX t3_idx2 ON t3(b COLLATE NOCASE);
				1921	}
				1922	} {}
				1923	do_test auth-1.288 {
				1924	set ::authargs {}
				1925	execsql {
				1926	REINDEX temp.t3_idx1;
				1927	}
				1928	set ::authargs
				1929	} {t3_idx1 {} temp {}}
				1930	do_test auth-1.289 {
				1931	set ::authargs {}
				1932	execsql {
				1933	REINDEX BINARY;
				1934	}
				1935	set ::authargs
				1936	} {t3_idx1 {} temp {} sqlite_autoindex_t3_1 {} temp {}}
				1937	do_test auth-1.290 {
				1938	set ::authargs {}
				1939	execsql {
				1940	REINDEX NOCASE;
				1941	}
				1942	set ::authargs
				1943	} {t3_idx2 {} temp {}}
				1944	do_test auth-1.291 {
				1945	set ::authargs {}
				1946	execsql {
				1947	REINDEX temp.t3;
				1948	}
				1949	set ::authargs
				1950	} {t3_idx2 {} temp {} t3_idx1 {} temp {} sqlite_autoindex_t3_1 {} temp {}}
				1951	proc auth {code args} {
				1952	if {$code=="SQLITE_REINDEX"} {
				1953	set ::authargs [concat $::authargs $args]
				1954	return SQLITE_DENY
				1955	}
				1956	return SQLITE_OK
danielk1977	1d54df8	2004-11-23 15:41:16 +0000	[diff] [blame]	1957	}
danielk1977	53c0f74	2005-03-29 03:10:59 +0000	[diff] [blame]	1958	do_test auth-1.292 {
				1959	set ::authargs {}
				1960	catchsql {
				1961	REINDEX temp.t3;
				1962	}
				1963	} {1 {not authorized}}
				1964	do_test auth-1.293 {
				1965	execsql {
				1966	DROP TABLE t3;
				1967	}
				1968	} {}
danielk1977	1d54df8	2004-11-23 15:41:16 +0000	[diff] [blame]	1969	}
danielk1977	1d54df8	2004-11-23 15:41:16 +0000	[diff] [blame]	1970
				1971	} ;# ifcapable reindex
				1972
drh	e6e0496	2005-07-23 02:17:03 +0000	[diff] [blame]	1973	ifcapable analyze {
				1974	proc auth {code args} {
				1975	if {$code=="SQLITE_ANALYZE"} {
				1976	set ::authargs [concat $::authargs $args]
				1977	}
				1978	return SQLITE_OK
				1979	}
				1980	do_test auth-1.294 {
				1981	set ::authargs {}
				1982	execsql {
				1983	CREATE TABLE t4(a,b,c);
				1984	CREATE INDEX t4i1 ON t4(a);
				1985	CREATE INDEX t4i2 ON t4(b,a,c);
				1986	INSERT INTO t4 VALUES(1,2,3);
				1987	ANALYZE;
				1988	}
				1989	set ::authargs
drh	1556405	2010-09-25 22:32:56 +0000	[diff] [blame]	1990	} {t4 {} main {} t2 {} main {}}
drh	e6e0496	2005-07-23 02:17:03 +0000	[diff] [blame]	1991	do_test auth-1.295 {
				1992	execsql {
				1993	SELECT count(*) FROM sqlite_stat1;
				1994	}
drh	1556405	2010-09-25 22:32:56 +0000	[diff] [blame]	1995	} 3
drh	e6e0496	2005-07-23 02:17:03 +0000	[diff] [blame]	1996	proc auth {code args} {
				1997	if {$code=="SQLITE_ANALYZE"} {
				1998	set ::authargs [concat $::authargs $args]
				1999	return SQLITE_DENY
				2000	}
				2001	return SQLITE_OK
				2002	}
				2003	do_test auth-1.296 {
				2004	set ::authargs {}
				2005	catchsql {
				2006	ANALYZE;
				2007	}
				2008	} {1 {not authorized}}
				2009	do_test auth-1.297 {
				2010	execsql {
				2011	SELECT count(*) FROM sqlite_stat1;
				2012	}
drh	1556405	2010-09-25 22:32:56 +0000	[diff] [blame]	2013	} 3
drh	e6e0496	2005-07-23 02:17:03 +0000	[diff] [blame]	2014	} ;# ifcapable analyze
				2015
drh	81f2ccd	2006-01-31 14:28:44 +0000	[diff] [blame]	2016
				2017	# Authorization for ALTER TABLE ADD COLUMN.
				2018	# These tests are omitted if the library
				2019	# was built without ALTER TABLE support.
				2020	ifcapable {altertable} {
				2021	do_test auth-1.300 {
				2022	execsql {CREATE TABLE t5(x)}
				2023	proc auth {code arg1 arg2 arg3 arg4} {
				2024	if {$code=="SQLITE_ALTER_TABLE"} {
				2025	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				2026	return SQLITE_OK
				2027	}
				2028	return SQLITE_OK
				2029	}
				2030	catchsql {
				2031	ALTER TABLE t5 ADD COLUMN new_col_1;
				2032	}
				2033	} {0 {}}
				2034	do_test auth-1.301 {
				2035	set x [execsql {SELECT sql FROM sqlite_master WHERE name='t5'}]
				2036	regexp new_col_1 $x
				2037	} {1}
				2038	do_test auth-1.302 {
				2039	set authargs
				2040	} {main t5 {} {}}
				2041	do_test auth-1.303 {
				2042	proc auth {code arg1 arg2 arg3 arg4} {
				2043	if {$code=="SQLITE_ALTER_TABLE"} {
				2044	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				2045	return SQLITE_IGNORE
				2046	}
				2047	return SQLITE_OK
				2048	}
				2049	catchsql {
				2050	ALTER TABLE t5 ADD COLUMN new_col_2;
				2051	}
				2052	} {0 {}}
				2053	do_test auth-1.304 {
				2054	set x [execsql {SELECT sql FROM sqlite_master WHERE name='t5'}]
				2055	regexp new_col_2 $x
				2056	} {0}
				2057	do_test auth-1.305 {
				2058	set authargs
				2059	} {main t5 {} {}}
				2060	do_test auth-1.306 {
				2061	proc auth {code arg1 arg2 arg3 arg4} {
				2062	if {$code=="SQLITE_ALTER_TABLE"} {
				2063	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
				2064	return SQLITE_DENY
				2065	}
				2066	return SQLITE_OK
				2067	}
				2068	catchsql {
				2069	ALTER TABLE t5 ADD COLUMN new_col_3
				2070	}
				2071	} {1 {not authorized}}
				2072	do_test auth-1.307 {
				2073	set x [execsql {SELECT sql FROM sqlite_temp_master WHERE type='t5'}]
				2074	regexp new_col_3 $x
				2075	} {0}
				2076
				2077	do_test auth-1.308 {
				2078	set authargs
				2079	} {main t5 {} {}}
				2080	execsql {DROP TABLE t5}
				2081	} ;# ifcapable altertable
				2082
drh	2c3831c	2003-01-14 13:48:20 +0000	[diff] [blame]	2083	do_test auth-2.1 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	2084	proc auth {code arg1 arg2 arg3 arg4} {
drh	2c3831c	2003-01-14 13:48:20 +0000	[diff] [blame]	2085	if {$code=="SQLITE_READ" && $arg1=="t3" && $arg2=="x"} {
				2086	return SQLITE_DENY
				2087	}
				2088	return SQLITE_OK
				2089	}
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	2090	db authorizer ::auth
drh	2c3831c	2003-01-14 13:48:20 +0000	[diff] [blame]	2091	execsql {CREATE TABLE t3(x INTEGER PRIMARY KEY, y, z)}
				2092	catchsql {SELECT * FROM t3}
				2093	} {1 {access to t3.x is prohibited}}
				2094	do_test auth-2.1 {
				2095	catchsql {SELECT y,z FROM t3}
				2096	} {0 {}}
				2097	do_test auth-2.2 {
				2098	catchsql {SELECT ROWID,y,z FROM t3}
				2099	} {1 {access to t3.x is prohibited}}
				2100	do_test auth-2.3 {
				2101	catchsql {SELECT OID,y,z FROM t3}
				2102	} {1 {access to t3.x is prohibited}}
				2103	do_test auth-2.4 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	2104	proc auth {code arg1 arg2 arg3 arg4} {
drh	2c3831c	2003-01-14 13:48:20 +0000	[diff] [blame]	2105	if {$code=="SQLITE_READ" && $arg1=="t3" && $arg2=="x"} {
				2106	return SQLITE_IGNORE
				2107	}
				2108	return SQLITE_OK
				2109	}
				2110	execsql {INSERT INTO t3 VALUES(44,55,66)}
				2111	catchsql {SELECT * FROM t3}
				2112	} {0 {{} 55 66}}
				2113	do_test auth-2.5 {
				2114	catchsql {SELECT rowid,y,z FROM t3}
				2115	} {0 {{} 55 66}}
				2116	do_test auth-2.6 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	2117	proc auth {code arg1 arg2 arg3 arg4} {
drh	2c3831c	2003-01-14 13:48:20 +0000	[diff] [blame]	2118	if {$code=="SQLITE_READ" && $arg1=="t3" && $arg2=="ROWID"} {
				2119	return SQLITE_IGNORE
				2120	}
				2121	return SQLITE_OK
				2122	}
				2123	catchsql {SELECT * FROM t3}
				2124	} {0 {44 55 66}}
				2125	do_test auth-2.7 {
				2126	catchsql {SELECT ROWID,y,z FROM t3}
				2127	} {0 {44 55 66}}
				2128	do_test auth-2.8 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	2129	proc auth {code arg1 arg2 arg3 arg4} {
drh	2c3831c	2003-01-14 13:48:20 +0000	[diff] [blame]	2130	if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="ROWID"} {
				2131	return SQLITE_IGNORE
				2132	}
				2133	return SQLITE_OK
				2134	}
				2135	catchsql {SELECT ROWID,b,c FROM t2}
				2136	} {0 {{} 2 33 {} 8 9}}
drh	dcd997e	2003-01-31 17:21:49 +0000	[diff] [blame]	2137	do_test auth-2.9.1 {
danielk1977	8e55652	2007-11-13 10:30:24 +0000	[diff] [blame]	2138	# We have to flush the cache here in case the Tcl interface tries to
				2139	# reuse a statement compiled with sqlite3_prepare_v2(). In this case,
				2140	# the first error encountered is an SQLITE_SCHEMA error. Then, when
				2141	# trying to recompile the statement, the authorization error is encountered.
				2142	# If we do not flush the cache, the correct error message is returned, but
				2143	# the error code is SQLITE_SCHEMA, not SQLITE_ERROR as required by the test
				2144	# case after this one.
				2145	#
				2146	db cache flush
				2147
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	2148	proc auth {code arg1 arg2 arg3 arg4} {
drh	2c3831c	2003-01-14 13:48:20 +0000	[diff] [blame]	2149	if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="ROWID"} {
				2150	return bogus
				2151	}
				2152	return SQLITE_OK
				2153	}
				2154	catchsql {SELECT ROWID,b,c FROM t2}
drh	ce9b015	2009-05-04 01:58:31 +0000	[diff] [blame]	2155	} {1 {authorizer malfunction}}
drh	dcd997e	2003-01-31 17:21:49 +0000	[diff] [blame]	2156	do_test auth-2.9.2 {
				2157	db errorcode
drh	c60d044	2004-09-30 13:43:13 +0000	[diff] [blame]	2158	} {1}
drh	2c3831c	2003-01-14 13:48:20 +0000	[diff] [blame]	2159	do_test auth-2.10 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	2160	proc auth {code arg1 arg2 arg3 arg4} {
drh	2c3831c	2003-01-14 13:48:20 +0000	[diff] [blame]	2161	if {$code=="SQLITE_SELECT"} {
				2162	return bogus
				2163	}
				2164	return SQLITE_OK
				2165	}
				2166	catchsql {SELECT ROWID,b,c FROM t2}
drh	ce9b015	2009-05-04 01:58:31 +0000	[diff] [blame]	2167	} {1 {authorizer malfunction}}
drh	6f8c91c	2003-12-07 00:24:35 +0000	[diff] [blame]	2168	do_test auth-2.11.1 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	2169	proc auth {code arg1 arg2 arg3 arg4} {
drh	2c3831c	2003-01-14 13:48:20 +0000	[diff] [blame]	2170	if {$code=="SQLITE_READ" && $arg2=="a"} {
				2171	return SQLITE_IGNORE
				2172	}
				2173	return SQLITE_OK
				2174	}
				2175	catchsql {SELECT * FROM t2, t3}
				2176	} {0 {{} 2 33 44 55 66 {} 8 9 44 55 66}}
drh	6f8c91c	2003-12-07 00:24:35 +0000	[diff] [blame]	2177	do_test auth-2.11.2 {
drh	e22a334	2003-04-22 20:30:37 +0000	[diff] [blame]	2178	proc auth {code arg1 arg2 arg3 arg4} {
drh	2c3831c	2003-01-14 13:48:20 +0000	[diff] [blame]	2179	if {$code=="SQLITE_READ" && $arg2=="x"} {
				2180	return SQLITE_IGNORE
				2181	}
				2182	return SQLITE_OK
				2183	}
				2184	catchsql {SELECT * FROM t2, t3}
				2185	} {0 {11 2 33 {} 55 66 7 8 9 {} 55 66}}
drh	e5f9c64	2003-01-13 23:27:31 +0000	[diff] [blame]	2186
drh	027850b	2003-04-16 20:24:52 +0000	[diff] [blame]	2187	# Make sure the OLD and NEW pseudo-tables of a trigger get authorized.
				2188	#
danielk1977	81650dc	2004-11-22 11:51:13 +0000	[diff] [blame]	2189	ifcapable trigger {
danielk1977	3bdca9c	2006-01-17 09:35:01 +0000	[diff] [blame]	2190	do_test auth-3.1 {
				2191	proc auth {code arg1 arg2 arg3 arg4} {
				2192	return SQLITE_OK
drh	027850b	2003-04-16 20:24:52 +0000	[diff] [blame]	2193	}
danielk1977	3bdca9c	2006-01-17 09:35:01 +0000	[diff] [blame]	2194	execsql {
				2195	CREATE TABLE tx(a1,a2,b1,b2,c1,c2);
				2196	CREATE TRIGGER r1 AFTER UPDATE ON t2 FOR EACH ROW BEGIN
				2197	INSERT INTO tx VALUES(OLD.a,NEW.a,OLD.b,NEW.b,OLD.c,NEW.c);
				2198	END;
				2199	UPDATE t2 SET a=a+1;
				2200	SELECT * FROM tx;
				2201	}
				2202	} {11 12 2 2 33 33 7 8 8 8 9 9}
				2203	do_test auth-3.2 {
				2204	proc auth {code arg1 arg2 arg3 arg4} {
				2205	if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="c"} {
				2206	return SQLITE_IGNORE
				2207	}
				2208	return SQLITE_OK
				2209	}
				2210	execsql {
				2211	DELETE FROM tx;
				2212	UPDATE t2 SET a=a+100;
				2213	SELECT * FROM tx;
				2214	}
				2215	} {12 112 2 2 {} {} 8 108 8 8 {} {}}
danielk1977	81650dc	2004-11-22 11:51:13 +0000	[diff] [blame]	2216	} ;# ifcapable trigger
drh	027850b	2003-04-16 20:24:52 +0000	[diff] [blame]	2217
drh	85e2096	2003-04-25 17:52:11 +0000	[diff] [blame]	2218	# Make sure the names of views and triggers are passed on on arg4.
				2219	#
danielk1977	81650dc	2004-11-22 11:51:13 +0000	[diff] [blame]	2220	ifcapable trigger {
drh	85e2096	2003-04-25 17:52:11 +0000	[diff] [blame]	2221	do_test auth-4.1 {
				2222	proc auth {code arg1 arg2 arg3 arg4} {
				2223	lappend ::authargs $code $arg1 $arg2 $arg3 $arg4
				2224	return SQLITE_OK
				2225	}
				2226	set authargs {}
				2227	execsql {
				2228	UPDATE t2 SET a=a+1;
				2229	}
				2230	set authargs
				2231	} [list \
				2232	SQLITE_READ t2 a main {} \
				2233	SQLITE_UPDATE t2 a main {} \
				2234	SQLITE_INSERT tx {} main r1 \
				2235	SQLITE_READ t2 a main r1 \
				2236	SQLITE_READ t2 a main r1 \
				2237	SQLITE_READ t2 b main r1 \
				2238	SQLITE_READ t2 b main r1 \
				2239	SQLITE_READ t2 c main r1 \
				2240	SQLITE_READ t2 c main r1]
danielk1977	81650dc	2004-11-22 11:51:13 +0000	[diff] [blame]	2241	}
danielk1977	0fa8ddb	2004-11-22 08:43:32 +0000	[diff] [blame]	2242
danielk1977	81650dc	2004-11-22 11:51:13 +0000	[diff] [blame]	2243	ifcapable {view && trigger} {
drh	85e2096	2003-04-25 17:52:11 +0000	[diff] [blame]	2244	do_test auth-4.2 {
				2245	execsql {
				2246	CREATE VIEW v1 AS SELECT a+b AS x FROM t2;
				2247	CREATE TABLE v1chng(x1,x2);
				2248	CREATE TRIGGER r2 INSTEAD OF UPDATE ON v1 BEGIN
				2249	INSERT INTO v1chng VALUES(OLD.x,NEW.x);
				2250	END;
				2251	SELECT * FROM v1;
				2252	}
				2253	} {115 117}
				2254	do_test auth-4.3 {
				2255	set authargs {}
				2256	execsql {
				2257	UPDATE v1 SET x=1 WHERE x=117
				2258	}
				2259	set authargs
				2260	} [list \
				2261	SQLITE_UPDATE v1 x main {} \
drh	f93d999	2008-04-15 14:36:42 +0000	[diff] [blame]	2262	SQLITE_SELECT {} {} {} v1 \
danielk1977	8f2c54e	2008-01-01 19:02:09 +0000	[diff] [blame]	2263	SQLITE_READ t2 a main v1 \
				2264	SQLITE_READ t2 b main v1 \
dan	6d235cb	2013-03-09 14:40:24 +0000	[diff] [blame]	2265	SQLITE_READ v1 x main v1 \
				2266	SQLITE_READ v1 x main v1 \
				2267	SQLITE_SELECT {} {} {} v1 \
drh	0f35a6b	2008-02-12 16:52:14 +0000	[diff] [blame]	2268	SQLITE_READ v1 x main v1 \
dan	1da40a3	2009-09-19 17:00:31 +0000	[diff] [blame]	2269	SQLITE_INSERT v1chng {} main r2 \
				2270	SQLITE_READ v1 x main r2 \
				2271	SQLITE_READ v1 x main r2 \
drh	0f35a6b	2008-02-12 16:52:14 +0000	[diff] [blame]	2272	]
dan	1da40a3	2009-09-19 17:00:31 +0000	[diff] [blame]	2273
drh	85e2096	2003-04-25 17:52:11 +0000	[diff] [blame]	2274	do_test auth-4.4 {
				2275	execsql {
				2276	CREATE TRIGGER r3 INSTEAD OF DELETE ON v1 BEGIN
				2277	INSERT INTO v1chng VALUES(OLD.x,NULL);
				2278	END;
				2279	SELECT * FROM v1;
				2280	}
				2281	} {115 117}
				2282	do_test auth-4.5 {
				2283	set authargs {}
				2284	execsql {
				2285	DELETE FROM v1 WHERE x=117
				2286	}
				2287	set authargs
				2288	} [list \
				2289	SQLITE_DELETE v1 {} main {} \
drh	f93d999	2008-04-15 14:36:42 +0000	[diff] [blame]	2290	SQLITE_SELECT {} {} {} v1 \
drh	85e2096	2003-04-25 17:52:11 +0000	[diff] [blame]	2291	SQLITE_READ t2 a main v1 \
				2292	SQLITE_READ t2 b main v1 \
dan	6d235cb	2013-03-09 14:40:24 +0000	[diff] [blame]	2293	SQLITE_READ v1 x main v1 \
				2294	SQLITE_READ v1 x main v1 \
				2295	SQLITE_SELECT {} {} {} v1 \
drh	0f35a6b	2008-02-12 16:52:14 +0000	[diff] [blame]	2296	SQLITE_READ v1 x main v1 \
dan	2bd9351	2009-08-31 08:22:46 +0000	[diff] [blame]	2297	SQLITE_INSERT v1chng {} main r3 \
				2298	SQLITE_READ v1 x main r3 \
drh	0f35a6b	2008-02-12 16:52:14 +0000	[diff] [blame]	2299	]
drh	1962bda	2003-01-12 19:33:52 +0000	[diff] [blame]	2300
danielk1977	81650dc	2004-11-22 11:51:13 +0000	[diff] [blame]	2301	} ;# ifcapable view && trigger
danielk1977	0fa8ddb	2004-11-22 08:43:32 +0000	[diff] [blame]	2302
drh	2ce99ec	2005-07-29 15:36:14 +0000	[diff] [blame]	2303	# Ticket #1338: Make sure authentication works in the presence of an AS
				2304	# clause.
				2305	#
				2306	do_test auth-5.1 {
				2307	proc auth {code arg1 arg2 arg3 arg4} {
				2308	return SQLITE_OK
				2309	}
				2310	execsql {
				2311	SELECT count(a) AS cnt FROM t4 ORDER BY cnt
				2312	}
				2313	} {1}
				2314
drh	a3e4d96	2006-01-13 13:55:44 +0000	[diff] [blame]	2315	# Ticket #1607
				2316	#
danielk1977	3bdca9c	2006-01-17 09:35:01 +0000	[diff] [blame]	2317	ifcapable compound&&subquery {
				2318	ifcapable trigger {
				2319	execsql {
				2320	DROP TABLE tx;
				2321	}
				2322	ifcapable view {
				2323	execsql {
				2324	DROP TABLE v1chng;
				2325	}
				2326	}
				2327	}
dan	f52bb8d	2013-08-03 20:24:58 +0000	[diff] [blame]	2328	ifcapable stat4 {
				2329	set stat4 "sqlite_stat4 "
dan	69188d9	2009-08-19 08:18:32 +0000	[diff] [blame]	2330	} else {
dan	8ad169a	2013-08-12 20:14:04 +0000	[diff] [blame]	2331	ifcapable stat3 {
				2332	set stat4 "sqlite_stat3 "
				2333	} else {
				2334	set stat4 ""
				2335	}
dan	69188d9	2009-08-19 08:18:32 +0000	[diff] [blame]	2336	}
danielk1977	ff89079	2006-01-16 16:24:25 +0000	[diff] [blame]	2337	do_test auth-5.2 {
				2338	execsql {
				2339	SELECT name FROM (
				2340	SELECT * FROM sqlite_master UNION ALL SELECT * FROM sqlite_temp_master)
				2341	WHERE type='table'
				2342	ORDER BY name
				2343	}
dan	f52bb8d	2013-08-03 20:24:58 +0000	[diff] [blame]	2344	} "sqlite_stat1 ${stat4}t1 t2 t3 t4"
danielk1977	ff89079	2006-01-16 16:24:25 +0000	[diff] [blame]	2345	}
drh	a3e4d96	2006-01-13 13:55:44 +0000	[diff] [blame]	2346
danielk1977	34acdc9	2009-07-02 18:40:34 +0000	[diff] [blame]	2347	# Ticket #3944
				2348	#
				2349	ifcapable trigger {
				2350	do_test auth-5.3.1 {
				2351	execsql {
				2352	CREATE TABLE t5 ( x );
				2353	CREATE TRIGGER t5_tr1 AFTER INSERT ON t5 BEGIN
				2354	UPDATE t5 SET x = 1 WHERE NEW.x = 0;
				2355	END;
				2356	}
				2357	} {}
				2358	set ::authargs [list]
				2359	proc auth {args} {
				2360	eval lappend ::authargs $args
				2361	return SQLITE_OK
				2362	}
				2363	do_test auth-5.3.2 {
				2364	execsql { INSERT INTO t5 (x) values(0) }
				2365	set ::authargs
				2366	} [list SQLITE_INSERT t5 {} main {} \
				2367	SQLITE_UPDATE t5 x main t5_tr1 \
				2368	SQLITE_READ t5 x main t5_tr1 \
				2369	]
				2370	do_test auth-5.3.2 {
				2371	execsql { SELECT * FROM t5 }
				2372	} {1}
				2373	}
				2374
drh	2722898	2013-05-06 13:22:50 +0000	[diff] [blame]	2375	# Ticket [0eb70d77cb05bb22720]: Invalid pointer passsed to the authorizer
				2376	# callback when updating a ROWID.
				2377	#
				2378	do_test auth-6.1 {
				2379	execsql {
				2380	CREATE TABLE t6(a,b,c,d,e,f,g,h);
				2381	INSERT INTO t6 VALUES(1,2,3,4,5,6,7,8);
				2382	}
				2383	} {}
				2384	set ::authargs [list]
				2385	proc auth {args} {
				2386	eval lappend ::authargs $args
				2387	return SQLITE_OK
				2388	}
				2389	do_test auth-6.2 {
				2390	execsql {UPDATE t6 SET rowID=rowID+100}
				2391	set ::authargs
				2392	} [list SQLITE_READ t6 ROWID main {} \
				2393	SQLITE_UPDATE t6 ROWID main {} \
				2394	]
				2395	do_test auth-6.3 {
				2396	execsql {SELECT rowid, * FROM t6}
				2397	} {101 1 2 3 4 5 6 7 8}
drh	2ce99ec	2005-07-29 15:36:14 +0000	[diff] [blame]	2398
danielk1977	a21c6b6	2005-01-24 10:25:59 +0000	[diff] [blame]	2399	rename proc {}
				2400	rename proc_real proc
				2401
drh	2ce99ec	2005-07-29 15:36:14 +0000	[diff] [blame]	2402
drh	1962bda	2003-01-12 19:33:52 +0000	[diff] [blame]	2403	finish_test