1
0
mirror of https://github.com/sqlite/sqlite.git synced 2025-07-30 19:03:16 +03:00

Add the ability for the authorizer callback to disallow recursive

queries.

FossilOrigin-Name: 9efc120a1548c03f3d8aabbadf1050ff2a119c31
This commit is contained in:
drh
2014-01-16 22:40:02 +00:00
parent 727a99f1e3
commit 65a2aaa633
6 changed files with 51 additions and 10 deletions

View File

@ -2080,6 +2080,42 @@ ifcapable {altertable} {
execsql {DROP TABLE t5}
} ;# ifcapable altertable
ifcapable {cte} {
do_test auth-1.310 {
proc auth {code arg1 arg2 arg3 arg4} {
if {$code=="SQLITE_RECURSIVE"} {
return SQLITE_DENY
}
return SQLITE_OK
}
db eval {
DROP TABLE IF EXISTS t1;
CREATE TABLE t1(a,b);
INSERT INTO t1 VALUES(1,2),(3,4),(5,6);
}
} {}
do_catchsql_test auth-1.311 {
WITH
auth1311(x,y) AS (SELECT a+b, b-a FROM t1)
SELECT * FROM auth1311 ORDER BY x;
} {0 {3 1 7 1 11 1}}
do_catchsql_test auth-1.312 {
WITH RECURSIVE
auth1312(x,y) AS (SELECT a+b, b-a FROM t1)
SELECT x, y FROM auth1312 ORDER BY x;
} {0 {3 1 7 1 11 1}}
do_catchsql_test auth-1.313 {
WITH RECURSIVE
auth1313(x) AS (VALUES(1) UNION ALL SELECT x+1 FROM auth1313 WHERE x<5)
SELECT * FROM t1;
} {0 {1 2 3 4 5 6}}
do_catchsql_test auth-1.314 {
WITH RECURSIVE
auth1314(x) AS (VALUES(1) UNION ALL SELECT x+1 FROM auth1314 WHERE x<5)
SELECT * FROM t1 LEFT JOIN auth1314;
} {1 {not authorized}}
} ;# ifcapable cte
do_test auth-2.1 {
proc auth {code arg1 arg2 arg3 arg4} {
if {$code=="SQLITE_READ" && $arg1=="t3" && $arg2=="x"} {