If an SQLITE_DELETE authorization callback returns SQLITE_IGNORE, proceed with the delete operation but disable the truncate optimization. (CVS 5845)

FossilOrigin-Name: 65a2e131732399f0f14f982eb0689482fdb87b6c
2025-08-01 06:27:03 +03:00 · 2008-10-27 15:34:32 +00:00
parent c7af484b4b
commit 52bd7912af
5 changed files with 131 additions and 13 deletions
--- a/test/auth3.test
+++ b/test/auth3.test
@ -0,0 +1,111 @@
+# 2008 October 27
+#
+# The author disclaims copyright to this source code.  In place of
+# a legal notice, here is a blessing:
+#
+#    May you do good and not evil.
+#    May you find forgiveness for yourself and forgive others.
+#    May you share freely, never taking more than you give.
+#
+#***********************************************************************
+#
+# Test that the truncate optimization is disabled if the SQLITE_DELETE
+# authorization callback returns SQLITE_IGNORE.
+#
+# $Id: auth3.test,v 1.1 2008/10/27 15:34:33 danielk1977 Exp $
+#
+
+set testdir [file dirname $argv0]
+source $testdir/tester.tcl
+
+# disable this test if the SQLITE_OMIT_AUTHORIZATION macro is
+# defined during compilation.
+if {[catch {db auth {}} msg]} {
+  finish_test
+  return
+}
+
+# Disable the statement cache for these tests.
+# 
+db cache size 0
+
+db authorizer ::auth
+proc auth {code arg1 arg2 arg3 arg4} {
+  if {$code=="SQLITE_DELETE"} {
+    return $::authcode
+  }
+  return SQLITE_OK
+}
+
+#--------------------------------------------------------------------------
+# The following tests - auth3-1.* - test that return values of SQLITE_DENY,
+# SQLITE_IGNORE, SQLITE_OK and <invalid> are correctly handled when returned
+# by an SQLITE_DELETE authorization callback triggered by a 
+# "DELETE FROM <table-name>" statement.
+#
+do_test auth3-1.1 {
+  execsql {
+    CREATE TABLE t1(a,b,c);
+    INSERT INTO t1 VALUES(1, 2, 3);
+    INSERT INTO t1 VALUES(4, 5, 6);
+  }
+} {}
+do_test auth3.1.2 {
+  set ::authcode SQLITE_DENY
+  catchsql { DELETE FROM t1 }
+} {1 {not authorized}}
+do_test auth3.1.3 {
+  set ::authcode SQLITE_INVALID
+  catchsql { DELETE FROM t1 }
+} {1 {illegal return value (1) from the authorization function - should be SQLITE_OK, SQLITE_IGNORE, or SQLITE_DENY}}
+do_test auth3.1.4 {
+  execsql { SELECT * FROM t1 }
+} {1 2 3 4 5 6}
+do_test auth3-1.5 {
+  set ::authcode SQLITE_IGNORE
+  execsql { 
+    DELETE FROM t1;
+    SELECT * FROM t1;
+  }
+} {}
+do_test auth3-1.6 {
+  set ::authcode SQLITE_OK
+  execsql {
+    INSERT INTO t1 VALUES(1, 2, 3);
+    INSERT INTO t1 VALUES(4, 5, 6);
+    DELETE FROM t1;
+    SELECT * FROM t1;
+  }
+} {}
+
+#--------------------------------------------------------------------------
+# These tests - auth3-2.* - test that returning SQLITE_IGNORE really does
+# disable the truncate optimization.
+#
+do_test auth3-2.1 {
+  set ::authcode SQLITE_OK
+  execsql {
+    INSERT INTO t1 VALUES(1, 2, 3);
+    INSERT INTO t1 VALUES(4, 5, 6);
+  }
+  set sqlite_search_count 0
+  execsql {
+    DELETE FROM t1;
+  }
+  set sqlite_search_count
+} {0}
+
+do_test auth3-2.2 {
+  set ::authcode SQLITE_IGNORE
+  execsql {
+    INSERT INTO t1 VALUES(1, 2, 3);
+    INSERT INTO t1 VALUES(4, 5, 6);
+  }
+  set sqlite_search_count 0
+  execsql {
+    DELETE FROM t1;
+  }
+  set sqlite_search_count
+} {1}
+
+finish_test