15169bbc6Sdrh# 2006 Aug 24 25169bbc6Sdrh# 35169bbc6Sdrh# The author disclaims copyright to this source code. In place of 45169bbc6Sdrh# a legal notice, here is a blessing: 55169bbc6Sdrh# 65169bbc6Sdrh# May you do good and not evil. 75169bbc6Sdrh# May you find forgiveness for yourself and forgive others. 85169bbc6Sdrh# May you share freely, never taking more than you give. 95169bbc6Sdrh# 105169bbc6Sdrh#*********************************************************************** 115169bbc6Sdrh# This file implements regression tests for SQLite library. The 125169bbc6Sdrh# focus of this script is testing the sqlite3_set_authorizer() API 135169bbc6Sdrh# and related functionality. 145169bbc6Sdrh# 15524cc21eSdanielk1977# $Id: auth2.test,v 1.3 2008/07/02 13:13:53 danielk1977 Exp $ 165169bbc6Sdrh# 175169bbc6Sdrh 185169bbc6Sdrhset testdir [file dirname $argv0] 195169bbc6Sdrhsource $testdir/tester.tcl 205169bbc6Sdrh 215169bbc6Sdrh# disable this test if the SQLITE_OMIT_AUTHORIZATION macro is 225169bbc6Sdrh# defined during compilation. 235169bbc6Sdrhif {[catch {db auth {}} msg]} { 245169bbc6Sdrh finish_test 255169bbc6Sdrh return 265169bbc6Sdrh} 275169bbc6Sdrh 285169bbc6Sdrhdo_test auth2-1.1 { 295169bbc6Sdrh execsql { 305169bbc6Sdrh CREATE TABLE t1(a,b,c); 315169bbc6Sdrh INSERT INTO t1 VALUES(1,2,3); 325169bbc6Sdrh } 335169bbc6Sdrh set ::flist {} 34*32c6a48bSdrh proc auth {code arg1 arg2 arg3 arg4 args} { 355169bbc6Sdrh if {$code=="SQLITE_FUNCTION"} { 365169bbc6Sdrh lappend ::flist $arg2 375169bbc6Sdrh if {$arg2=="max"} { 385169bbc6Sdrh return SQLITE_DENY 395169bbc6Sdrh } elseif {$arg2=="min"} { 405169bbc6Sdrh return SQLITE_IGNORE 415169bbc6Sdrh } else { 425169bbc6Sdrh return SQLITE_OK 435169bbc6Sdrh } 445169bbc6Sdrh } 455169bbc6Sdrh return SQLITE_OK 465169bbc6Sdrh } 475169bbc6Sdrh db authorizer ::auth 485169bbc6Sdrh catchsql {SELECT max(a,b,c) FROM t1} 495169bbc6Sdrh} {1 {not authorized to use function: max}} 505169bbc6Sdrhdo_test auth2-1.2 { 515169bbc6Sdrh set ::flist 525169bbc6Sdrh} max 535169bbc6Sdrhdo_test auth2-1.3 { 545169bbc6Sdrh set ::flist {} 555169bbc6Sdrh catchsql {SELECT min(a,b,c) FROM t1} 565169bbc6Sdrh} {0 {{}}} 575169bbc6Sdrhdo_test auth2-1.4 { 585169bbc6Sdrh set ::flist 595169bbc6Sdrh} min 605169bbc6Sdrhdo_test auth2-1.5 { 615169bbc6Sdrh set ::flist {} 625169bbc6Sdrh catchsql {SELECT coalesce(min(a,b,c),999) FROM t1} 635169bbc6Sdrh} {0 999} 645169bbc6Sdrhdo_test auth2-1.6 { 655169bbc6Sdrh set ::flist 665169bbc6Sdrh} {coalesce min} 675169bbc6Sdrhdo_test auth2-1.7 { 685169bbc6Sdrh set ::flist {} 695169bbc6Sdrh catchsql {SELECT coalesce(a,b,c) FROM t1} 705169bbc6Sdrh} {0 1} 715169bbc6Sdrhdo_test auth2-1.8 { 725169bbc6Sdrh set ::flist 735169bbc6Sdrh} coalesce 745169bbc6Sdrh 75a6d0ffc3Sdrh# Make sure the authorizer is not called when parsing the schema 76a6d0ffc3Sdrh# and when computing the result set of a view. 77a6d0ffc3Sdrh# 78a6d0ffc3Sdrhdb close 79a6d0ffc3Sdrhsqlite3 db test.db 80a6d0ffc3Sdrhsqlite3 db2 test.db 81a6d0ffc3Sdrhproc auth {args} { 82a6d0ffc3Sdrh global authargs 83*32c6a48bSdrh append authargs [lrange $args 0 4]\n 84a6d0ffc3Sdrh return SQLITE_OK 85a6d0ffc3Sdrh} 86a6d0ffc3Sdrhdb auth auth 87a6d0ffc3Sdrhdo_test auth2-2.1 { 88a6d0ffc3Sdrh set ::authargs {} 89a6d0ffc3Sdrh db eval { 90a6d0ffc3Sdrh CREATE TABLE t2(x,y,z); 91a6d0ffc3Sdrh } 92a6d0ffc3Sdrh set ::authargs 93a6d0ffc3Sdrh} {SQLITE_INSERT sqlite_master {} main {} 94a6d0ffc3SdrhSQLITE_CREATE_TABLE t2 {} main {} 95a6d0ffc3SdrhSQLITE_UPDATE sqlite_master type main {} 96a6d0ffc3SdrhSQLITE_UPDATE sqlite_master name main {} 97a6d0ffc3SdrhSQLITE_UPDATE sqlite_master tbl_name main {} 98a6d0ffc3SdrhSQLITE_UPDATE sqlite_master rootpage main {} 99a6d0ffc3SdrhSQLITE_UPDATE sqlite_master sql main {} 100a6d0ffc3SdrhSQLITE_READ sqlite_master ROWID main {} 101a6d0ffc3Sdrh} 102a6d0ffc3Sdrhdo_test auth2-2.2 { 103a6d0ffc3Sdrh set ::authargs {} 104a6d0ffc3Sdrh db eval { 105a6d0ffc3Sdrh CREATE VIEW v2 AS SELECT x+y AS a, y+z AS b from t2; 106a6d0ffc3Sdrh } 107a6d0ffc3Sdrh set ::authargs 108a6d0ffc3Sdrh} {SQLITE_INSERT sqlite_master {} main {} 109a6d0ffc3SdrhSQLITE_CREATE_VIEW v2 {} main {} 110a6d0ffc3SdrhSQLITE_UPDATE sqlite_master type main {} 111a6d0ffc3SdrhSQLITE_UPDATE sqlite_master name main {} 112a6d0ffc3SdrhSQLITE_UPDATE sqlite_master tbl_name main {} 113a6d0ffc3SdrhSQLITE_UPDATE sqlite_master rootpage main {} 114a6d0ffc3SdrhSQLITE_UPDATE sqlite_master sql main {} 115a6d0ffc3SdrhSQLITE_READ sqlite_master ROWID main {} 116a6d0ffc3Sdrh} 117a6d0ffc3Sdrhdo_test auth2-2.3 { 118a6d0ffc3Sdrh set ::authargs {} 119a6d0ffc3Sdrh db eval { 120a6d0ffc3Sdrh SELECT a, b FROM v2; 121a6d0ffc3Sdrh } 122a6d0ffc3Sdrh set ::authargs 123a6d0ffc3Sdrh} {SQLITE_SELECT {} {} {} {} 124a6d0ffc3SdrhSQLITE_READ t2 x main v2 125a6d0ffc3SdrhSQLITE_READ t2 y main v2 126a6d0ffc3SdrhSQLITE_READ t2 y main v2 127a6d0ffc3SdrhSQLITE_READ t2 z main v2 12892689d28SdrhSQLITE_READ v2 a main {} 12992689d28SdrhSQLITE_READ v2 b main {} 130524cc21eSdanielk1977SQLITE_SELECT {} {} {} v2 131a6d0ffc3Sdrh} 132a6d0ffc3Sdrhdo_test auth2-2.4 { 133a6d0ffc3Sdrh db2 eval { 134a6d0ffc3Sdrh CREATE TABLE t3(p,q,r); 135a6d0ffc3Sdrh } 136a6d0ffc3Sdrh set ::authargs {} 137a6d0ffc3Sdrh db eval { 138a6d0ffc3Sdrh SELECT b, a FROM v2; 139a6d0ffc3Sdrh } 140a6d0ffc3Sdrh set ::authargs 141a6d0ffc3Sdrh} {SQLITE_SELECT {} {} {} {} 142a6d0ffc3SdrhSQLITE_READ t2 x main v2 143a6d0ffc3SdrhSQLITE_READ t2 y main v2 144a6d0ffc3SdrhSQLITE_READ t2 y main v2 145a6d0ffc3SdrhSQLITE_READ t2 z main v2 14692689d28SdrhSQLITE_READ v2 b main {} 14792689d28SdrhSQLITE_READ v2 a main {} 148524cc21eSdanielk1977SQLITE_SELECT {} {} {} v2 149a6d0ffc3SdrhSQLITE_SELECT {} {} {} {} 150a6d0ffc3SdrhSQLITE_READ t2 x main v2 151a6d0ffc3SdrhSQLITE_READ t2 y main v2 152a6d0ffc3SdrhSQLITE_READ t2 y main v2 153a6d0ffc3SdrhSQLITE_READ t2 z main v2 15492689d28SdrhSQLITE_READ v2 b main {} 15592689d28SdrhSQLITE_READ v2 a main {} 156524cc21eSdanielk1977SQLITE_SELECT {} {} {} v2 157a6d0ffc3Sdrh} 158a6d0ffc3Sdrhdb2 close 159a6d0ffc3Sdrh 1605169bbc6Sdrhfinish_test 161