diff --git a/manifest b/manifest index 8884a1328b..baf502f383 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Remove\ssupport\sfor\sthe\snon-standard\sON\sCONFLICT\sclause\son\sCREATE\sINDEX.\nTicket\s#1486.\s\sThe\sON\sCONFLICT\sclause\shas\snever\sworked\son\sCREATE\sINDEX\sso\nremoving\sit\sshould\snot\sbreak\sanything.\s(CVS\s3042) -D 2006-01-30T23:04:51 +C Authorization\scallback\son\sthe\sALTER\sTABLE\sADD\sCOLUMN\scommand.\nTicket\s#1479.\s(CVS\s3043) +D 2006-01-31T14:28:45 F Makefile.in e936c6fc3134838318aa0335a85041e6da31f6ee F Makefile.linux-gcc 74ba0eadf88748a9ce3fd03d2a3ede2e6715baec F README 9c4e2d6706bdcc3efdd773ce752a8cdab4f90028 @@ -30,7 +30,7 @@ F sqlite.pc.in 30552343140c53304c2a658c080fbe810cd09ca2 F sqlite3.1 6be1ad09113570e1fc8dcaff84c9b0b337db5ffc F sqlite3.def f756049b1bf3e8442baf6862db393ca423225262 F sqlite3.pc.in 985b9bf34192a549d7d370e0f0b6b34a4f61369a -F src/alter.c 90b779cf00489535cab6490df6dc050f40e4e874 +F src/alter.c faf98b04050d674d06df21bcf23ded5bbff7b5b7 F src/analyze.c 7d2b7ab9a9c2fd6e55700f69064dfdd3e36d7a8a F src/attach.c d73a3505de3fb9e373d0a158978116c4212031d0 F src/auth.c 9ae84d2d94eb96195e04515715e08e85963e96c2 @@ -110,7 +110,7 @@ F test/attach.test 036315207c477211470168bf121b1c493f781515 F test/attach2.test 0e6a7c54343c85dd877a1e86073a05176043ed40 F test/attach3.test 63013383adc4380af69779f34f4af19bd49f7cbe F test/attachmalloc.test cdb26c42850f04698377ccec05f5fa89d987837c -F test/auth.test 0e8d4fd60bec027adb0abf7874051f8b90d9c6b6 +F test/auth.test 9776ab43de94801f0fa6787b3f3e803686ffa0ff F test/autoinc.test 60005a676e3e4e17dfa9dbd08aa0b76587ff97e3 F test/autovacuum.test 0dd22b0e1fe2013abe03e2ef5000bb3b9c1b6666 F test/autovacuum_crash.test 05a63b8805b20cfba7ace82856ce4ccdda075a31 @@ -349,7 +349,7 @@ F www/tclsqlite.tcl bb0d1357328a42b1993d78573e587c6dcbc964b9 F www/vdbe.tcl 87a31ace769f20d3627a64fa1fade7fed47b90d0 F www/version3.tcl a99cf5f6d8bd4d5537584a2b342f0fb9fa601d8b F www/whentouse.tcl 97e2b5cd296f7d8057e11f44427dea8a4c2db513 -P 34dff874a2bf8331be87310809ba11d813fadb7d -R 84abbe4f77fbc0f3fa4d51788062882f +P 669bcf5ab694359485ab30913d8d9e4926f41789 +R 4b5ade492de8c6b62c2b554228989dab U drh -Z 6f1708d289c33d1a9960e6ad7dfc0be1 +Z 0fb072b4d2cf3aad6fe401cc0c34a782 diff --git a/manifest.uuid b/manifest.uuid index be670e455c..dc9e590d2d 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -669bcf5ab694359485ab30913d8d9e4926f41789 \ No newline at end of file +461f586973431438bb074aa3077f705e9b1b80da \ No newline at end of file diff --git a/src/alter.c b/src/alter.c index b33b0e71ea..c1e09012b3 100644 --- a/src/alter.c +++ b/src/alter.c @@ -12,7 +12,7 @@ ** This file contains C code routines that used to generate VDBE code ** that implements the ALTER TABLE command. ** -** $Id: alter.c,v 1.18 2006/01/18 16:51:35 danielk1977 Exp $ +** $Id: alter.c,v 1.19 2006/01/31 14:28:45 drh Exp $ */ #include "sqliteInt.h" #include @@ -407,6 +407,13 @@ void sqlite3AlterFinishAddColumn(Parse *pParse, Token *pColDef){ pTab = sqlite3FindTable(pParse->db, zTab, zDb); assert( pTab ); +#ifndef SQLITE_OMIT_AUTHORIZATION + /* Invoke the authorization callback. */ + if( sqlite3AuthCheck(pParse, SQLITE_ALTER_TABLE, zDb, pTab->zName, 0) ){ + return; + } +#endif + /* If the default value for the new column was specified with a ** literal NULL, then set pDflt to 0. This simplifies checking ** for an SQL NULL default below. diff --git a/test/auth.test b/test/auth.test index cffc04db66..b09086ab92 100644 --- a/test/auth.test +++ b/test/auth.test @@ -12,7 +12,7 @@ # focus of this script is testing the ATTACH and DETACH commands # and related functionality. # -# $Id: auth.test,v 1.33 2006/01/17 09:35:02 danielk1977 Exp $ +# $Id: auth.test,v 1.34 2006/01/31 14:28:46 drh Exp $ # set testdir [file dirname $argv0] @@ -1995,6 +1995,73 @@ ifcapable analyze { } 2 } ;# ifcapable analyze + +# Authorization for ALTER TABLE ADD COLUMN. +# These tests are omitted if the library +# was built without ALTER TABLE support. +ifcapable {altertable} { + do_test auth-1.300 { + execsql {CREATE TABLE t5(x)} + proc auth {code arg1 arg2 arg3 arg4} { + if {$code=="SQLITE_ALTER_TABLE"} { + set ::authargs [list $arg1 $arg2 $arg3 $arg4] + return SQLITE_OK + } + return SQLITE_OK + } + catchsql { + ALTER TABLE t5 ADD COLUMN new_col_1; + } + } {0 {}} + do_test auth-1.301 { + set x [execsql {SELECT sql FROM sqlite_master WHERE name='t5'}] + regexp new_col_1 $x + } {1} + do_test auth-1.302 { + set authargs + } {main t5 {} {}} + do_test auth-1.303 { + proc auth {code arg1 arg2 arg3 arg4} { + if {$code=="SQLITE_ALTER_TABLE"} { + set ::authargs [list $arg1 $arg2 $arg3 $arg4] + return SQLITE_IGNORE + } + return SQLITE_OK + } + catchsql { + ALTER TABLE t5 ADD COLUMN new_col_2; + } + } {0 {}} + do_test auth-1.304 { + set x [execsql {SELECT sql FROM sqlite_master WHERE name='t5'}] + regexp new_col_2 $x + } {0} + do_test auth-1.305 { + set authargs + } {main t5 {} {}} + do_test auth-1.306 { + proc auth {code arg1 arg2 arg3 arg4} { + if {$code=="SQLITE_ALTER_TABLE"} { + set ::authargs [list $arg1 $arg2 $arg3 $arg4] + return SQLITE_DENY + } + return SQLITE_OK + } + catchsql { + ALTER TABLE t5 ADD COLUMN new_col_3 + } + } {1 {not authorized}} + do_test auth-1.307 { + set x [execsql {SELECT sql FROM sqlite_temp_master WHERE type='t5'}] + regexp new_col_3 $x + } {0} + + do_test auth-1.308 { + set authargs + } {main t5 {} {}} + execsql {DROP TABLE t5} +} ;# ifcapable altertable + do_test auth-2.1 { proc auth {code arg1 arg2 arg3 arg4} { if {$code=="SQLITE_READ" && $arg1=="t3" && $arg2=="x"} {