diff --git a/manifest b/manifest index fb090daa17..24a4ae7c02 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Fix\sa\smemory\sleak\sin\sthe\sPRAGMA\sauthorization\scode.\s(CVS\s833) -D 2003-01-14T02:54:08 +C Finish\sout\sthe\stest\ssuite\sfor\sthe\snew\ssqlite_set_authorizer\sAPI.\s(CVS\s834) +D 2003-01-14T13:48:21 F Makefile.in 6606854b1512f185b8e8c779b8d7fc2750463d64 F Makefile.linux-gcc b86a99c493a5bfb402d1d9178dcdc4bd4b32f906 F README f1de682fbbd94899d50aca13d387d1b3fd3be2dd @@ -57,7 +57,7 @@ F src/vdbe.c e103bd5a154b1790dd344662dceb14566a51a879 F src/vdbe.h 754eba497cfe0c3e352b9c101ab2f811f10d0a55 F src/where.c 5bf7f1e1d756ab3d25a18b24bb42106cb8e14d18 F test/all.test 873d30e25a41b3aa48fec5633a7ec1816e107029 -F test/auth.test 30149de6b78099ba06429fb7d6cc4dfcc1f4985c +F test/auth.test 95aeda24f76b6fd028bdb3d6ae1e30b153d942fe F test/bigfile.test 1cd8256d4619c39bea48147d344f348823e78678 F test/bigrow.test 8ab252dba108f12ad64e337b0f2ff31a807ac578 F test/btree.test 10e75aec120ecefc0edc4c912a0980a43db1b6c2 @@ -154,7 +154,7 @@ F www/speed.tcl a20a792738475b68756ea7a19321600f23d1d803 F www/sqlite.tcl ae3dcfb077e53833b59d4fcc94d8a12c50a44098 F www/tclsqlite.tcl 1db15abeb446aad0caf0b95b8b9579720e4ea331 F www/vdbe.tcl 2013852c27a02a091d39a766bc87cff329f21218 -P cc2ae781ac186f9ee1afacdc9117087421955369 -R db8bf1340de486936570528587d9e25c +P ba58979f2ff3ec878a21e7c171fbcd8fa79ace6f +R d196fd62af24b9896e18def719841a67 U drh -Z 5c7f484e4619e69cb548da93eb06003c +Z 0dca7f72990a1e352389dd411ae1fee0 diff --git a/manifest.uuid b/manifest.uuid index c0232fab3d..9d831fc839 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -ba58979f2ff3ec878a21e7c171fbcd8fa79ace6f \ No newline at end of file +701a73918db22fd134a8b959670ba7a4a908c8c5 \ No newline at end of file diff --git a/test/auth.test b/test/auth.test index 8f4e3f5052..4b62b06c62 100644 --- a/test/auth.test +++ b/test/auth.test @@ -11,7 +11,7 @@ # This file implements regression tests for SQLite library. The # focus of this script testing the sqlite_set_authorizer() API. # -# $Id: auth.test,v 1.3 2003/01/14 02:49:28 drh Exp $ +# $Id: auth.test,v 1.4 2003/01/14 13:48:21 drh Exp $ # set testdir [file dirname $argv0] @@ -1509,6 +1509,145 @@ do_test auth-1.239 { execsql2 {SELECT a FROM t2} } {a 11 a 7} +do_test auth-1.240 { + proc auth {code arg1 arg2} { + if {$code=="SQLITE_TRANSACTION"} { + set ::authargs [list $arg1 $arg2] + return SQLITE_DENY + } + return SQLITE_OK + } + catchsql {BEGIN} +} {1 {not authorized}} +do_test auth-1.241 { + set ::authargs +} {BEGIN {}} +do_test auth-1.242 { + proc auth {code arg1 arg2} { + if {$code=="SQLITE_TRANSACTION" && $arg1!="BEGIN"} { + set ::authargs [list $arg1 $arg2] + return SQLITE_DENY + } + return SQLITE_OK + } + catchsql {BEGIN; INSERT INTO t2 VALUES(44,55,66); COMMIT} +} {1 {not authorized}} +do_test auth-1.243 { + set ::authargs +} {COMMIT {}} +do_test auth-1.244 { + execsql {SELECT * FROM t2} +} {11 2 33 7 8 9 44 55 66} +do_test auth-1.245 { + catchsql {ROLLBACK} +} {1 {not authorized}} +do_test auth-1.246 { + set ::authargs +} {ROLLBACK {}} +do_test auth-1.247 { + catchsql {END TRANSACTION} +} {1 {not authorized}} +do_test auth-1.248 { + set ::authargs +} {COMMIT {}} +do_test auth-1.249 { + sqlite_set_authorizer $::DB {} + catchsql {ROLLBACK} +} {0 {}} +do_test auth-1.250 { + execsql {SELECT * FROM t2} +} {11 2 33 7 8 9} + +do_test auth-2.1 { + proc auth {code arg1 arg2} { + if {$code=="SQLITE_READ" && $arg1=="t3" && $arg2=="x"} { + return SQLITE_DENY + } + return SQLITE_OK + } + sqlite_set_authorizer $::DB ::auth + execsql {CREATE TABLE t3(x INTEGER PRIMARY KEY, y, z)} + catchsql {SELECT * FROM t3} +} {1 {access to t3.x is prohibited}} +do_test auth-2.1 { + catchsql {SELECT y,z FROM t3} +} {0 {}} +do_test auth-2.2 { + catchsql {SELECT ROWID,y,z FROM t3} +} {1 {access to t3.x is prohibited}} +do_test auth-2.3 { + catchsql {SELECT OID,y,z FROM t3} +} {1 {access to t3.x is prohibited}} +do_test auth-2.4 { + proc auth {code arg1 arg2} { + if {$code=="SQLITE_READ" && $arg1=="t3" && $arg2=="x"} { + return SQLITE_IGNORE + } + return SQLITE_OK + } + execsql {INSERT INTO t3 VALUES(44,55,66)} + catchsql {SELECT * FROM t3} +} {0 {{} 55 66}} +do_test auth-2.5 { + catchsql {SELECT rowid,y,z FROM t3} +} {0 {{} 55 66}} +do_test auth-2.6 { + proc auth {code arg1 arg2} { + if {$code=="SQLITE_READ" && $arg1=="t3" && $arg2=="ROWID"} { + return SQLITE_IGNORE + } + return SQLITE_OK + } + catchsql {SELECT * FROM t3} +} {0 {44 55 66}} +do_test auth-2.7 { + catchsql {SELECT ROWID,y,z FROM t3} +} {0 {44 55 66}} +do_test auth-2.8 { + proc auth {code arg1 arg2} { + if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="ROWID"} { + return SQLITE_IGNORE + } + return SQLITE_OK + } + catchsql {SELECT ROWID,b,c FROM t2} +} {0 {{} 2 33 {} 8 9}} +do_test auth-2.9 { + proc auth {code arg1 arg2} { + if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="ROWID"} { + return bogus + } + return SQLITE_OK + } + catchsql {SELECT ROWID,b,c FROM t2} +} {1 {illegal return value (999) from the authorization function - should be SQLITE_OK, SQLITE_IGNORE, or SQLITE_DENY}} +do_test auth-2.10 { + proc auth {code arg1 arg2} { + if {$code=="SQLITE_SELECT"} { + return bogus + } + return SQLITE_OK + } + catchsql {SELECT ROWID,b,c FROM t2} +} {1 {illegal return value (1) from the authorization function - should be SQLITE_OK, SQLITE_IGNORE, or SQLITE_DENY}} +do_test auth-2.11 { + proc auth {code arg1 arg2} { + if {$code=="SQLITE_READ" && $arg2=="a"} { + return SQLITE_IGNORE + } + return SQLITE_OK + } + catchsql {SELECT * FROM t2, t3} +} {0 {{} 2 33 44 55 66 {} 8 9 44 55 66}} +do_test auth-2.11 { + proc auth {code arg1 arg2} { + if {$code=="SQLITE_READ" && $arg2=="x"} { + return SQLITE_IGNORE + } + return SQLITE_OK + } + catchsql {SELECT * FROM t2, t3} +} {0 {11 2 33 {} 55 66 7 8 9 {} 55 66}} } ;# End of the "if( db command exists )"