Symaptic: os/persistentdata/persistentstorage/sqlite3api/TEST/TclScript/auth.test@bde4ae8d615e (annotated)

sl@0	1	# 2003 April 4
sl@0	2	#
sl@0	3	# The author disclaims copyright to this source code. In place of
sl@0	4	# a legal notice, here is a blessing:
sl@0	5	#
sl@0	6	# May you do good and not evil.
sl@0	7	# May you find forgiveness for yourself and forgive others.
sl@0	8	# May you share freely, never taking more than you give.
sl@0	9	#
sl@0	10	#***********************************************************************
sl@0	11	# This file implements regression tests for SQLite library. The
sl@0	12	# focus of this script is testing the sqlite3_set_authorizer() API
sl@0	13	# and related functionality.
sl@0	14	#
sl@0	15	# $Id: auth.test,v 1.43 2008/07/02 13:13:52 danielk1977 Exp $
sl@0	16	#
sl@0	17
sl@0	18	set testdir [file dirname $argv0]
sl@0	19	source $testdir/tester.tcl
sl@0	20
sl@0	21	# disable this test if the SQLITE_OMIT_AUTHORIZATION macro is
sl@0	22	# defined during compilation.
sl@0	23	if {[catch {db auth {}} msg]} {
sl@0	24	finish_test
sl@0	25	return
sl@0	26	}
sl@0	27
sl@0	28	rename proc proc_real
sl@0	29	proc_real proc {name arguments script} {
sl@0	30	proc_real $name $arguments $script
sl@0	31	if {$name=="auth"} {
sl@0	32	db authorizer ::auth
sl@0	33	}
sl@0	34	}
sl@0	35
sl@0	36	do_test auth-1.1.1 {
sl@0	37	db close
sl@0	38	set ::DB [sqlite3 db test.db]
sl@0	39	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	40	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} {
sl@0	41	return SQLITE_DENY
sl@0	42	}
sl@0	43	return SQLITE_OK
sl@0	44	}
sl@0	45	db authorizer ::auth
sl@0	46	catchsql {CREATE TABLE t1(a,b,c)}
sl@0	47	} {1 {not authorized}}
sl@0	48	do_test auth-1.1.2 {
sl@0	49	db errorcode
sl@0	50	} {23}
sl@0	51	do_test auth-1.1.3 {
sl@0	52	db authorizer
sl@0	53	} {::auth}
sl@0	54	do_test auth-1.1.4 {
sl@0	55	# Ticket #896.
sl@0	56	catchsql {
sl@0	57	SELECT x;
sl@0	58	}
sl@0	59	} {1 {no such column: x}}
sl@0	60	do_test auth-1.2 {
sl@0	61	execsql {SELECT name FROM sqlite_master}
sl@0	62	} {}
sl@0	63	do_test auth-1.3.1 {
sl@0	64	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	65	if {$code=="SQLITE_CREATE_TABLE"} {
sl@0	66	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	67	return SQLITE_DENY
sl@0	68	}
sl@0	69	return SQLITE_OK
sl@0	70	}
sl@0	71	catchsql {CREATE TABLE t1(a,b,c)}
sl@0	72	} {1 {not authorized}}
sl@0	73	do_test auth-1.3.2 {
sl@0	74	db errorcode
sl@0	75	} {23}
sl@0	76	do_test auth-1.3.3 {
sl@0	77	set ::authargs
sl@0	78	} {t1 {} main {}}
sl@0	79	do_test auth-1.4 {
sl@0	80	execsql {SELECT name FROM sqlite_master}
sl@0	81	} {}
sl@0	82
sl@0	83	ifcapable tempdb {
sl@0	84	do_test auth-1.5 {
sl@0	85	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	86	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} {
sl@0	87	return SQLITE_DENY
sl@0	88	}
sl@0	89	return SQLITE_OK
sl@0	90	}
sl@0	91	catchsql {CREATE TEMP TABLE t1(a,b,c)}
sl@0	92	} {1 {not authorized}}
sl@0	93	do_test auth-1.6 {
sl@0	94	execsql {SELECT name FROM sqlite_temp_master}
sl@0	95	} {}
sl@0	96	do_test auth-1.7.1 {
sl@0	97	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	98	if {$code=="SQLITE_CREATE_TEMP_TABLE"} {
sl@0	99	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	100	return SQLITE_DENY
sl@0	101	}
sl@0	102	return SQLITE_OK
sl@0	103	}
sl@0	104	catchsql {CREATE TEMP TABLE t1(a,b,c)}
sl@0	105	} {1 {not authorized}}
sl@0	106	do_test auth-1.7.2 {
sl@0	107	set ::authargs
sl@0	108	} {t1 {} temp {}}
sl@0	109	do_test auth-1.8 {
sl@0	110	execsql {SELECT name FROM sqlite_temp_master}
sl@0	111	} {}
sl@0	112	}
sl@0	113
sl@0	114	do_test auth-1.9 {
sl@0	115	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	116	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} {
sl@0	117	return SQLITE_IGNORE
sl@0	118	}
sl@0	119	return SQLITE_OK
sl@0	120	}
sl@0	121	catchsql {CREATE TABLE t1(a,b,c)}
sl@0	122	} {0 {}}
sl@0	123	do_test auth-1.10 {
sl@0	124	execsql {SELECT name FROM sqlite_master}
sl@0	125	} {}
sl@0	126	do_test auth-1.11 {
sl@0	127	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	128	if {$code=="SQLITE_CREATE_TABLE"} {
sl@0	129	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	130	return SQLITE_IGNORE
sl@0	131	}
sl@0	132	return SQLITE_OK
sl@0	133	}
sl@0	134	catchsql {CREATE TABLE t1(a,b,c)}
sl@0	135	} {0 {}}
sl@0	136	do_test auth-1.12 {
sl@0	137	execsql {SELECT name FROM sqlite_master}
sl@0	138	} {}
sl@0	139
sl@0	140	ifcapable tempdb {
sl@0	141	do_test auth-1.13 {
sl@0	142	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	143	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} {
sl@0	144	return SQLITE_IGNORE
sl@0	145	}
sl@0	146	return SQLITE_OK
sl@0	147	}
sl@0	148	catchsql {CREATE TEMP TABLE t1(a,b,c)}
sl@0	149	} {0 {}}
sl@0	150	do_test auth-1.14 {
sl@0	151	execsql {SELECT name FROM sqlite_temp_master}
sl@0	152	} {}
sl@0	153	do_test auth-1.15 {
sl@0	154	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	155	if {$code=="SQLITE_CREATE_TEMP_TABLE"} {
sl@0	156	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	157	return SQLITE_IGNORE
sl@0	158	}
sl@0	159	return SQLITE_OK
sl@0	160	}
sl@0	161	catchsql {CREATE TEMP TABLE t1(a,b,c)}
sl@0	162	} {0 {}}
sl@0	163	do_test auth-1.16 {
sl@0	164	execsql {SELECT name FROM sqlite_temp_master}
sl@0	165	} {}
sl@0	166
sl@0	167	do_test auth-1.17 {
sl@0	168	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	169	if {$code=="SQLITE_CREATE_TABLE"} {
sl@0	170	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	171	return SQLITE_DENY
sl@0	172	}
sl@0	173	return SQLITE_OK
sl@0	174	}
sl@0	175	catchsql {CREATE TEMP TABLE t1(a,b,c)}
sl@0	176	} {0 {}}
sl@0	177	do_test auth-1.18 {
sl@0	178	execsql {SELECT name FROM sqlite_temp_master}
sl@0	179	} {t1}
sl@0	180	}
sl@0	181
sl@0	182	do_test auth-1.19.1 {
sl@0	183	set ::authargs {}
sl@0	184	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	185	if {$code=="SQLITE_CREATE_TEMP_TABLE"} {
sl@0	186	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	187	return SQLITE_DENY
sl@0	188	}
sl@0	189	return SQLITE_OK
sl@0	190	}
sl@0	191	catchsql {CREATE TABLE t2(a,b,c)}
sl@0	192	} {0 {}}
sl@0	193	do_test auth-1.19.2 {
sl@0	194	set ::authargs
sl@0	195	} {}
sl@0	196	do_test auth-1.20 {
sl@0	197	execsql {SELECT name FROM sqlite_master}
sl@0	198	} {t2}
sl@0	199
sl@0	200	do_test auth-1.21.1 {
sl@0	201	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	202	if {$code=="SQLITE_DROP_TABLE"} {
sl@0	203	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	204	return SQLITE_DENY
sl@0	205	}
sl@0	206	return SQLITE_OK
sl@0	207	}
sl@0	208	catchsql {DROP TABLE t2}
sl@0	209	} {1 {not authorized}}
sl@0	210	do_test auth-1.21.2 {
sl@0	211	set ::authargs
sl@0	212	} {t2 {} main {}}
sl@0	213	do_test auth-1.22 {
sl@0	214	execsql {SELECT name FROM sqlite_master}
sl@0	215	} {t2}
sl@0	216	do_test auth-1.23.1 {
sl@0	217	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	218	if {$code=="SQLITE_DROP_TABLE"} {
sl@0	219	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	220	return SQLITE_IGNORE
sl@0	221	}
sl@0	222	return SQLITE_OK
sl@0	223	}
sl@0	224	catchsql {DROP TABLE t2}
sl@0	225	} {0 {}}
sl@0	226	do_test auth-1.23.2 {
sl@0	227	set ::authargs
sl@0	228	} {t2 {} main {}}
sl@0	229	do_test auth-1.24 {
sl@0	230	execsql {SELECT name FROM sqlite_master}
sl@0	231	} {t2}
sl@0	232
sl@0	233	ifcapable tempdb {
sl@0	234	do_test auth-1.25 {
sl@0	235	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	236	if {$code=="SQLITE_DROP_TEMP_TABLE"} {
sl@0	237	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	238	return SQLITE_DENY
sl@0	239	}
sl@0	240	return SQLITE_OK
sl@0	241	}
sl@0	242	catchsql {DROP TABLE t1}
sl@0	243	} {1 {not authorized}}
sl@0	244	do_test auth-1.26 {
sl@0	245	execsql {SELECT name FROM sqlite_temp_master}
sl@0	246	} {t1}
sl@0	247	do_test auth-1.27 {
sl@0	248	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	249	if {$code=="SQLITE_DROP_TEMP_TABLE"} {
sl@0	250	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	251	return SQLITE_IGNORE
sl@0	252	}
sl@0	253	return SQLITE_OK
sl@0	254	}
sl@0	255	catchsql {DROP TABLE t1}
sl@0	256	} {0 {}}
sl@0	257	do_test auth-1.28 {
sl@0	258	execsql {SELECT name FROM sqlite_temp_master}
sl@0	259	} {t1}
sl@0	260	}
sl@0	261
sl@0	262	do_test auth-1.29 {
sl@0	263	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	264	if {$code=="SQLITE_INSERT" && $arg1=="t2"} {
sl@0	265	return SQLITE_DENY
sl@0	266	}
sl@0	267	return SQLITE_OK
sl@0	268	}
sl@0	269	catchsql {INSERT INTO t2 VALUES(1,2,3)}
sl@0	270	} {1 {not authorized}}
sl@0	271	do_test auth-1.30 {
sl@0	272	execsql {SELECT * FROM t2}
sl@0	273	} {}
sl@0	274	do_test auth-1.31 {
sl@0	275	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	276	if {$code=="SQLITE_INSERT" && $arg1=="t2"} {
sl@0	277	return SQLITE_IGNORE
sl@0	278	}
sl@0	279	return SQLITE_OK
sl@0	280	}
sl@0	281	catchsql {INSERT INTO t2 VALUES(1,2,3)}
sl@0	282	} {0 {}}
sl@0	283	do_test auth-1.32 {
sl@0	284	execsql {SELECT * FROM t2}
sl@0	285	} {}
sl@0	286	do_test auth-1.33 {
sl@0	287	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	288	if {$code=="SQLITE_INSERT" && $arg1=="t1"} {
sl@0	289	return SQLITE_IGNORE
sl@0	290	}
sl@0	291	return SQLITE_OK
sl@0	292	}
sl@0	293	catchsql {INSERT INTO t2 VALUES(1,2,3)}
sl@0	294	} {0 {}}
sl@0	295	do_test auth-1.34 {
sl@0	296	execsql {SELECT * FROM t2}
sl@0	297	} {1 2 3}
sl@0	298
sl@0	299	do_test auth-1.35.1 {
sl@0	300	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	301	if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="b"} {
sl@0	302	return SQLITE_DENY
sl@0	303	}
sl@0	304	return SQLITE_OK
sl@0	305	}
sl@0	306	catchsql {SELECT * FROM t2}
sl@0	307	} {1 {access to t2.b is prohibited}}
sl@0	308	ifcapable attach {
sl@0	309	do_test auth-1.35.2 {
sl@0	310	execsql {ATTACH DATABASE 'test.db' AS two}
sl@0	311	catchsql {SELECT * FROM two.t2}
sl@0	312	} {1 {access to two.t2.b is prohibited}}
sl@0	313	execsql {DETACH DATABASE two}
sl@0	314	}
sl@0	315	do_test auth-1.36 {
sl@0	316	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	317	if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="b"} {
sl@0	318	return SQLITE_IGNORE
sl@0	319	}
sl@0	320	return SQLITE_OK
sl@0	321	}
sl@0	322	catchsql {SELECT * FROM t2}
sl@0	323	} {0 {1 {} 3}}
sl@0	324	do_test auth-1.37 {
sl@0	325	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	326	if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="b"} {
sl@0	327	return SQLITE_IGNORE
sl@0	328	}
sl@0	329	return SQLITE_OK
sl@0	330	}
sl@0	331	catchsql {SELECT * FROM t2 WHERE b=2}
sl@0	332	} {0 {}}
sl@0	333	do_test auth-1.38 {
sl@0	334	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	335	if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="a"} {
sl@0	336	return SQLITE_IGNORE
sl@0	337	}
sl@0	338	return SQLITE_OK
sl@0	339	}
sl@0	340	catchsql {SELECT * FROM t2 WHERE b=2}
sl@0	341	} {0 {{} 2 3}}
sl@0	342	do_test auth-1.39 {
sl@0	343	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	344	if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="b"} {
sl@0	345	return SQLITE_IGNORE
sl@0	346	}
sl@0	347	return SQLITE_OK
sl@0	348	}
sl@0	349	catchsql {SELECT * FROM t2 WHERE b IS NULL}
sl@0	350	} {0 {1 {} 3}}
sl@0	351	do_test auth-1.40 {
sl@0	352	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	353	if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="b"} {
sl@0	354	return SQLITE_DENY
sl@0	355	}
sl@0	356	return SQLITE_OK
sl@0	357	}
sl@0	358	catchsql {SELECT a,c FROM t2 WHERE b IS NULL}
sl@0	359	} {1 {access to t2.b is prohibited}}
sl@0	360
sl@0	361	do_test auth-1.41 {
sl@0	362	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	363	if {$code=="SQLITE_UPDATE" && $arg1=="t2" && $arg2=="b"} {
sl@0	364	return SQLITE_DENY
sl@0	365	}
sl@0	366	return SQLITE_OK
sl@0	367	}
sl@0	368	catchsql {UPDATE t2 SET a=11}
sl@0	369	} {0 {}}
sl@0	370	do_test auth-1.42 {
sl@0	371	execsql {SELECT * FROM t2}
sl@0	372	} {11 2 3}
sl@0	373	do_test auth-1.43 {
sl@0	374	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	375	if {$code=="SQLITE_UPDATE" && $arg1=="t2" && $arg2=="b"} {
sl@0	376	return SQLITE_DENY
sl@0	377	}
sl@0	378	return SQLITE_OK
sl@0	379	}
sl@0	380	catchsql {UPDATE t2 SET b=22, c=33}
sl@0	381	} {1 {not authorized}}
sl@0	382	do_test auth-1.44 {
sl@0	383	execsql {SELECT * FROM t2}
sl@0	384	} {11 2 3}
sl@0	385	do_test auth-1.45 {
sl@0	386	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	387	if {$code=="SQLITE_UPDATE" && $arg1=="t2" && $arg2=="b"} {
sl@0	388	return SQLITE_IGNORE
sl@0	389	}
sl@0	390	return SQLITE_OK
sl@0	391	}
sl@0	392	catchsql {UPDATE t2 SET b=22, c=33}
sl@0	393	} {0 {}}
sl@0	394	do_test auth-1.46 {
sl@0	395	execsql {SELECT * FROM t2}
sl@0	396	} {11 2 33}
sl@0	397
sl@0	398	do_test auth-1.47 {
sl@0	399	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	400	if {$code=="SQLITE_DELETE" && $arg1=="t2"} {
sl@0	401	return SQLITE_DENY
sl@0	402	}
sl@0	403	return SQLITE_OK
sl@0	404	}
sl@0	405	catchsql {DELETE FROM t2 WHERE a=11}
sl@0	406	} {1 {not authorized}}
sl@0	407	do_test auth-1.48 {
sl@0	408	execsql {SELECT * FROM t2}
sl@0	409	} {11 2 33}
sl@0	410	do_test auth-1.49 {
sl@0	411	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	412	if {$code=="SQLITE_DELETE" && $arg1=="t2"} {
sl@0	413	return SQLITE_IGNORE
sl@0	414	}
sl@0	415	return SQLITE_OK
sl@0	416	}
sl@0	417	catchsql {DELETE FROM t2 WHERE a=11}
sl@0	418	} {0 {}}
sl@0	419	do_test auth-1.50 {
sl@0	420	execsql {SELECT * FROM t2}
sl@0	421	} {11 2 33}
sl@0	422
sl@0	423	do_test auth-1.51 {
sl@0	424	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	425	if {$code=="SQLITE_SELECT"} {
sl@0	426	return SQLITE_DENY
sl@0	427	}
sl@0	428	return SQLITE_OK
sl@0	429	}
sl@0	430	catchsql {SELECT * FROM t2}
sl@0	431	} {1 {not authorized}}
sl@0	432	do_test auth-1.52 {
sl@0	433	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	434	if {$code=="SQLITE_SELECT"} {
sl@0	435	return SQLITE_IGNORE
sl@0	436	}
sl@0	437	return SQLITE_OK
sl@0	438	}
sl@0	439	catchsql {SELECT * FROM t2}
sl@0	440	} {0 {}}
sl@0	441	do_test auth-1.53 {
sl@0	442	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	443	if {$code=="SQLITE_SELECT"} {
sl@0	444	return SQLITE_OK
sl@0	445	}
sl@0	446	return SQLITE_OK
sl@0	447	}
sl@0	448	catchsql {SELECT * FROM t2}
sl@0	449	} {0 {11 2 33}}
sl@0	450
sl@0	451	# Update for version 3: There used to be a handful of test here that
sl@0	452	# tested the authorisation callback with the COPY command. The following
sl@0	453	# test makes the same database modifications as they used to.
sl@0	454	do_test auth-1.54 {
sl@0	455	execsql {INSERT INTO t2 VALUES(7, 8, 9);}
sl@0	456	} {}
sl@0	457	do_test auth-1.55 {
sl@0	458	execsql {SELECT * FROM t2}
sl@0	459	} {11 2 33 7 8 9}
sl@0	460
sl@0	461	do_test auth-1.63 {
sl@0	462	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	463	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} {
sl@0	464	return SQLITE_DENY
sl@0	465	}
sl@0	466	return SQLITE_OK
sl@0	467	}
sl@0	468	catchsql {DROP TABLE t2}
sl@0	469	} {1 {not authorized}}
sl@0	470	do_test auth-1.64 {
sl@0	471	execsql {SELECT name FROM sqlite_master}
sl@0	472	} {t2}
sl@0	473	do_test auth-1.65 {
sl@0	474	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	475	if {$code=="SQLITE_DELETE" && $arg1=="t2"} {
sl@0	476	return SQLITE_DENY
sl@0	477	}
sl@0	478	return SQLITE_OK
sl@0	479	}
sl@0	480	catchsql {DROP TABLE t2}
sl@0	481	} {1 {not authorized}}
sl@0	482	do_test auth-1.66 {
sl@0	483	execsql {SELECT name FROM sqlite_master}
sl@0	484	} {t2}
sl@0	485
sl@0	486	ifcapable tempdb {
sl@0	487	do_test auth-1.67 {
sl@0	488	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	489	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} {
sl@0	490	return SQLITE_DENY
sl@0	491	}
sl@0	492	return SQLITE_OK
sl@0	493	}
sl@0	494	catchsql {DROP TABLE t1}
sl@0	495	} {1 {not authorized}}
sl@0	496	do_test auth-1.68 {
sl@0	497	execsql {SELECT name FROM sqlite_temp_master}
sl@0	498	} {t1}
sl@0	499	do_test auth-1.69 {
sl@0	500	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	501	if {$code=="SQLITE_DELETE" && $arg1=="t1"} {
sl@0	502	return SQLITE_DENY
sl@0	503	}
sl@0	504	return SQLITE_OK
sl@0	505	}
sl@0	506	catchsql {DROP TABLE t1}
sl@0	507	} {1 {not authorized}}
sl@0	508	do_test auth-1.70 {
sl@0	509	execsql {SELECT name FROM sqlite_temp_master}
sl@0	510	} {t1}
sl@0	511	}
sl@0	512
sl@0	513	do_test auth-1.71 {
sl@0	514	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	515	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} {
sl@0	516	return SQLITE_IGNORE
sl@0	517	}
sl@0	518	return SQLITE_OK
sl@0	519	}
sl@0	520	catchsql {DROP TABLE t2}
sl@0	521	} {0 {}}
sl@0	522	do_test auth-1.72 {
sl@0	523	execsql {SELECT name FROM sqlite_master}
sl@0	524	} {t2}
sl@0	525	do_test auth-1.73 {
sl@0	526	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	527	if {$code=="SQLITE_DELETE" && $arg1=="t2"} {
sl@0	528	return SQLITE_IGNORE
sl@0	529	}
sl@0	530	return SQLITE_OK
sl@0	531	}
sl@0	532	catchsql {DROP TABLE t2}
sl@0	533	} {0 {}}
sl@0	534	do_test auth-1.74 {
sl@0	535	execsql {SELECT name FROM sqlite_master}
sl@0	536	} {t2}
sl@0	537
sl@0	538	ifcapable tempdb {
sl@0	539	do_test auth-1.75 {
sl@0	540	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	541	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} {
sl@0	542	return SQLITE_IGNORE
sl@0	543	}
sl@0	544	return SQLITE_OK
sl@0	545	}
sl@0	546	catchsql {DROP TABLE t1}
sl@0	547	} {0 {}}
sl@0	548	do_test auth-1.76 {
sl@0	549	execsql {SELECT name FROM sqlite_temp_master}
sl@0	550	} {t1}
sl@0	551	do_test auth-1.77 {
sl@0	552	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	553	if {$code=="SQLITE_DELETE" && $arg1=="t1"} {
sl@0	554	return SQLITE_IGNORE
sl@0	555	}
sl@0	556	return SQLITE_OK
sl@0	557	}
sl@0	558	catchsql {DROP TABLE t1}
sl@0	559	} {0 {}}
sl@0	560	do_test auth-1.78 {
sl@0	561	execsql {SELECT name FROM sqlite_temp_master}
sl@0	562	} {t1}
sl@0	563	}
sl@0	564
sl@0	565	# Test cases auth-1.79 to auth-1.124 test creating and dropping views.
sl@0	566	# Omit these if the library was compiled with views omitted.
sl@0	567	ifcapable view {
sl@0	568	do_test auth-1.79 {
sl@0	569	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	570	if {$code=="SQLITE_CREATE_VIEW"} {
sl@0	571	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	572	return SQLITE_DENY
sl@0	573	}
sl@0	574	return SQLITE_OK
sl@0	575	}
sl@0	576	catchsql {CREATE VIEW v1 AS SELECT a+1,b+1 FROM t2}
sl@0	577	} {1 {not authorized}}
sl@0	578	do_test auth-1.80 {
sl@0	579	set ::authargs
sl@0	580	} {v1 {} main {}}
sl@0	581	do_test auth-1.81 {
sl@0	582	execsql {SELECT name FROM sqlite_master}
sl@0	583	} {t2}
sl@0	584	do_test auth-1.82 {
sl@0	585	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	586	if {$code=="SQLITE_CREATE_VIEW"} {
sl@0	587	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	588	return SQLITE_IGNORE
sl@0	589	}
sl@0	590	return SQLITE_OK
sl@0	591	}
sl@0	592	catchsql {CREATE VIEW v1 AS SELECT a+1,b+1 FROM t2}
sl@0	593	} {0 {}}
sl@0	594	do_test auth-1.83 {
sl@0	595	set ::authargs
sl@0	596	} {v1 {} main {}}
sl@0	597	do_test auth-1.84 {
sl@0	598	execsql {SELECT name FROM sqlite_master}
sl@0	599	} {t2}
sl@0	600
sl@0	601	ifcapable tempdb {
sl@0	602	do_test auth-1.85 {
sl@0	603	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	604	if {$code=="SQLITE_CREATE_TEMP_VIEW"} {
sl@0	605	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	606	return SQLITE_DENY
sl@0	607	}
sl@0	608	return SQLITE_OK
sl@0	609	}
sl@0	610	catchsql {CREATE TEMPORARY VIEW v1 AS SELECT a+1,b+1 FROM t2}
sl@0	611	} {1 {not authorized}}
sl@0	612	do_test auth-1.86 {
sl@0	613	set ::authargs
sl@0	614	} {v1 {} temp {}}
sl@0	615	do_test auth-1.87 {
sl@0	616	execsql {SELECT name FROM sqlite_temp_master}
sl@0	617	} {t1}
sl@0	618	do_test auth-1.88 {
sl@0	619	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	620	if {$code=="SQLITE_CREATE_TEMP_VIEW"} {
sl@0	621	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	622	return SQLITE_IGNORE
sl@0	623	}
sl@0	624	return SQLITE_OK
sl@0	625	}
sl@0	626	catchsql {CREATE TEMPORARY VIEW v1 AS SELECT a+1,b+1 FROM t2}
sl@0	627	} {0 {}}
sl@0	628	do_test auth-1.89 {
sl@0	629	set ::authargs
sl@0	630	} {v1 {} temp {}}
sl@0	631	do_test auth-1.90 {
sl@0	632	execsql {SELECT name FROM sqlite_temp_master}
sl@0	633	} {t1}
sl@0	634	}
sl@0	635
sl@0	636	do_test auth-1.91 {
sl@0	637	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	638	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} {
sl@0	639	return SQLITE_DENY
sl@0	640	}
sl@0	641	return SQLITE_OK
sl@0	642	}
sl@0	643	catchsql {CREATE VIEW v1 AS SELECT a+1,b+1 FROM t2}
sl@0	644	} {1 {not authorized}}
sl@0	645	do_test auth-1.92 {
sl@0	646	execsql {SELECT name FROM sqlite_master}
sl@0	647	} {t2}
sl@0	648	do_test auth-1.93 {
sl@0	649	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	650	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} {
sl@0	651	return SQLITE_IGNORE
sl@0	652	}
sl@0	653	return SQLITE_OK
sl@0	654	}
sl@0	655	catchsql {CREATE VIEW v1 AS SELECT a+1,b+1 FROM t2}
sl@0	656	} {0 {}}
sl@0	657	do_test auth-1.94 {
sl@0	658	execsql {SELECT name FROM sqlite_master}
sl@0	659	} {t2}
sl@0	660
sl@0	661	ifcapable tempdb {
sl@0	662	do_test auth-1.95 {
sl@0	663	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	664	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} {
sl@0	665	return SQLITE_DENY
sl@0	666	}
sl@0	667	return SQLITE_OK
sl@0	668	}
sl@0	669	catchsql {CREATE TEMPORARY VIEW v1 AS SELECT a+1,b+1 FROM t2}
sl@0	670	} {1 {not authorized}}
sl@0	671	do_test auth-1.96 {
sl@0	672	execsql {SELECT name FROM sqlite_temp_master}
sl@0	673	} {t1}
sl@0	674	do_test auth-1.97 {
sl@0	675	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	676	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} {
sl@0	677	return SQLITE_IGNORE
sl@0	678	}
sl@0	679	return SQLITE_OK
sl@0	680	}
sl@0	681	catchsql {CREATE TEMPORARY VIEW v1 AS SELECT a+1,b+1 FROM t2}
sl@0	682	} {0 {}}
sl@0	683	do_test auth-1.98 {
sl@0	684	execsql {SELECT name FROM sqlite_temp_master}
sl@0	685	} {t1}
sl@0	686	}
sl@0	687
sl@0	688	do_test auth-1.99 {
sl@0	689	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	690	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} {
sl@0	691	return SQLITE_DENY
sl@0	692	}
sl@0	693	return SQLITE_OK
sl@0	694	}
sl@0	695	catchsql {
sl@0	696	CREATE VIEW v2 AS SELECT a+1,b+1 FROM t2;
sl@0	697	DROP VIEW v2
sl@0	698	}
sl@0	699	} {1 {not authorized}}
sl@0	700	do_test auth-1.100 {
sl@0	701	execsql {SELECT name FROM sqlite_master}
sl@0	702	} {t2 v2}
sl@0	703	do_test auth-1.101 {
sl@0	704	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	705	if {$code=="SQLITE_DROP_VIEW"} {
sl@0	706	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	707	return SQLITE_DENY
sl@0	708	}
sl@0	709	return SQLITE_OK
sl@0	710	}
sl@0	711	catchsql {DROP VIEW v2}
sl@0	712	} {1 {not authorized}}
sl@0	713	do_test auth-1.102 {
sl@0	714	set ::authargs
sl@0	715	} {v2 {} main {}}
sl@0	716	do_test auth-1.103 {
sl@0	717	execsql {SELECT name FROM sqlite_master}
sl@0	718	} {t2 v2}
sl@0	719	do_test auth-1.104 {
sl@0	720	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	721	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} {
sl@0	722	return SQLITE_IGNORE
sl@0	723	}
sl@0	724	return SQLITE_OK
sl@0	725	}
sl@0	726	catchsql {DROP VIEW v2}
sl@0	727	} {0 {}}
sl@0	728	do_test auth-1.105 {
sl@0	729	execsql {SELECT name FROM sqlite_master}
sl@0	730	} {t2 v2}
sl@0	731	do_test auth-1.106 {
sl@0	732	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	733	if {$code=="SQLITE_DROP_VIEW"} {
sl@0	734	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	735	return SQLITE_IGNORE
sl@0	736	}
sl@0	737	return SQLITE_OK
sl@0	738	}
sl@0	739	catchsql {DROP VIEW v2}
sl@0	740	} {0 {}}
sl@0	741	do_test auth-1.107 {
sl@0	742	set ::authargs
sl@0	743	} {v2 {} main {}}
sl@0	744	do_test auth-1.108 {
sl@0	745	execsql {SELECT name FROM sqlite_master}
sl@0	746	} {t2 v2}
sl@0	747	do_test auth-1.109 {
sl@0	748	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	749	if {$code=="SQLITE_DROP_VIEW"} {
sl@0	750	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	751	return SQLITE_OK
sl@0	752	}
sl@0	753	return SQLITE_OK
sl@0	754	}
sl@0	755	catchsql {DROP VIEW v2}
sl@0	756	} {0 {}}
sl@0	757	do_test auth-1.110 {
sl@0	758	set ::authargs
sl@0	759	} {v2 {} main {}}
sl@0	760	do_test auth-1.111 {
sl@0	761	execsql {SELECT name FROM sqlite_master}
sl@0	762	} {t2}
sl@0	763
sl@0	764
sl@0	765	ifcapable tempdb {
sl@0	766	do_test auth-1.112 {
sl@0	767	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	768	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} {
sl@0	769	return SQLITE_DENY
sl@0	770	}
sl@0	771	return SQLITE_OK
sl@0	772	}
sl@0	773	catchsql {
sl@0	774	CREATE TEMP VIEW v1 AS SELECT a+1,b+1 FROM t1;
sl@0	775	DROP VIEW v1
sl@0	776	}
sl@0	777	} {1 {not authorized}}
sl@0	778	do_test auth-1.113 {
sl@0	779	execsql {SELECT name FROM sqlite_temp_master}
sl@0	780	} {t1 v1}
sl@0	781	do_test auth-1.114 {
sl@0	782	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	783	if {$code=="SQLITE_DROP_TEMP_VIEW"} {
sl@0	784	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	785	return SQLITE_DENY
sl@0	786	}
sl@0	787	return SQLITE_OK
sl@0	788	}
sl@0	789	catchsql {DROP VIEW v1}
sl@0	790	} {1 {not authorized}}
sl@0	791	do_test auth-1.115 {
sl@0	792	set ::authargs
sl@0	793	} {v1 {} temp {}}
sl@0	794	do_test auth-1.116 {
sl@0	795	execsql {SELECT name FROM sqlite_temp_master}
sl@0	796	} {t1 v1}
sl@0	797	do_test auth-1.117 {
sl@0	798	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	799	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} {
sl@0	800	return SQLITE_IGNORE
sl@0	801	}
sl@0	802	return SQLITE_OK
sl@0	803	}
sl@0	804	catchsql {DROP VIEW v1}
sl@0	805	} {0 {}}
sl@0	806	do_test auth-1.118 {
sl@0	807	execsql {SELECT name FROM sqlite_temp_master}
sl@0	808	} {t1 v1}
sl@0	809	do_test auth-1.119 {
sl@0	810	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	811	if {$code=="SQLITE_DROP_TEMP_VIEW"} {
sl@0	812	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	813	return SQLITE_IGNORE
sl@0	814	}
sl@0	815	return SQLITE_OK
sl@0	816	}
sl@0	817	catchsql {DROP VIEW v1}
sl@0	818	} {0 {}}
sl@0	819	do_test auth-1.120 {
sl@0	820	set ::authargs
sl@0	821	} {v1 {} temp {}}
sl@0	822	do_test auth-1.121 {
sl@0	823	execsql {SELECT name FROM sqlite_temp_master}
sl@0	824	} {t1 v1}
sl@0	825	do_test auth-1.122 {
sl@0	826	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	827	if {$code=="SQLITE_DROP_TEMP_VIEW"} {
sl@0	828	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	829	return SQLITE_OK
sl@0	830	}
sl@0	831	return SQLITE_OK
sl@0	832	}
sl@0	833	catchsql {DROP VIEW v1}
sl@0	834	} {0 {}}
sl@0	835	do_test auth-1.123 {
sl@0	836	set ::authargs
sl@0	837	} {v1 {} temp {}}
sl@0	838	do_test auth-1.124 {
sl@0	839	execsql {SELECT name FROM sqlite_temp_master}
sl@0	840	} {t1}
sl@0	841	}
sl@0	842	} ;# ifcapable view
sl@0	843
sl@0	844	# Test cases auth-1.125 to auth-1.176 test creating and dropping triggers.
sl@0	845	# Omit these if the library was compiled with triggers omitted.
sl@0	846	#
sl@0	847	ifcapable trigger&&tempdb {
sl@0	848	do_test auth-1.125 {
sl@0	849	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	850	if {$code=="SQLITE_CREATE_TRIGGER"} {
sl@0	851	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	852	return SQLITE_DENY
sl@0	853	}
sl@0	854	return SQLITE_OK
sl@0	855	}
sl@0	856	catchsql {
sl@0	857	CREATE TRIGGER r2 DELETE on t2 BEGIN
sl@0	858	SELECT NULL;
sl@0	859	END;
sl@0	860	}
sl@0	861	} {1 {not authorized}}
sl@0	862	do_test auth-1.126 {
sl@0	863	set ::authargs
sl@0	864	} {r2 t2 main {}}
sl@0	865	do_test auth-1.127 {
sl@0	866	execsql {SELECT name FROM sqlite_master}
sl@0	867	} {t2}
sl@0	868	do_test auth-1.128 {
sl@0	869	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	870	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} {
sl@0	871	return SQLITE_DENY
sl@0	872	}
sl@0	873	return SQLITE_OK
sl@0	874	}
sl@0	875	catchsql {
sl@0	876	CREATE TRIGGER r2 DELETE on t2 BEGIN
sl@0	877	SELECT NULL;
sl@0	878	END;
sl@0	879	}
sl@0	880	} {1 {not authorized}}
sl@0	881	do_test auth-1.129 {
sl@0	882	execsql {SELECT name FROM sqlite_master}
sl@0	883	} {t2}
sl@0	884	do_test auth-1.130 {
sl@0	885	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	886	if {$code=="SQLITE_CREATE_TRIGGER"} {
sl@0	887	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	888	return SQLITE_IGNORE
sl@0	889	}
sl@0	890	return SQLITE_OK
sl@0	891	}
sl@0	892	catchsql {
sl@0	893	CREATE TRIGGER r2 DELETE on t2 BEGIN
sl@0	894	SELECT NULL;
sl@0	895	END;
sl@0	896	}
sl@0	897	} {0 {}}
sl@0	898	do_test auth-1.131 {
sl@0	899	set ::authargs
sl@0	900	} {r2 t2 main {}}
sl@0	901	do_test auth-1.132 {
sl@0	902	execsql {SELECT name FROM sqlite_master}
sl@0	903	} {t2}
sl@0	904	do_test auth-1.133 {
sl@0	905	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	906	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} {
sl@0	907	return SQLITE_IGNORE
sl@0	908	}
sl@0	909	return SQLITE_OK
sl@0	910	}
sl@0	911	catchsql {
sl@0	912	CREATE TRIGGER r2 DELETE on t2 BEGIN
sl@0	913	SELECT NULL;
sl@0	914	END;
sl@0	915	}
sl@0	916	} {0 {}}
sl@0	917	do_test auth-1.134 {
sl@0	918	execsql {SELECT name FROM sqlite_master}
sl@0	919	} {t2}
sl@0	920	do_test auth-1.135 {
sl@0	921	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	922	if {$code=="SQLITE_CREATE_TRIGGER"} {
sl@0	923	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	924	return SQLITE_OK
sl@0	925	}
sl@0	926	return SQLITE_OK
sl@0	927	}
sl@0	928	catchsql {
sl@0	929	CREATE TABLE tx(id);
sl@0	930	CREATE TRIGGER r2 AFTER INSERT ON t2 BEGIN
sl@0	931	INSERT INTO tx VALUES(NEW.rowid);
sl@0	932	END;
sl@0	933	}
sl@0	934	} {0 {}}
sl@0	935	do_test auth-1.136.1 {
sl@0	936	set ::authargs
sl@0	937	} {r2 t2 main {}}
sl@0	938	do_test auth-1.136.2 {
sl@0	939	execsql {
sl@0	940	SELECT name FROM sqlite_master WHERE type='trigger'
sl@0	941	}
sl@0	942	} {r2}
sl@0	943	do_test auth-1.136.3 {
sl@0	944	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	945	lappend ::authargs $code $arg1 $arg2 $arg3 $arg4
sl@0	946	return SQLITE_OK
sl@0	947	}
sl@0	948	set ::authargs {}
sl@0	949	execsql {
sl@0	950	INSERT INTO t2 VALUES(1,2,3);
sl@0	951	}
sl@0	952	set ::authargs
sl@0	953	} {SQLITE_INSERT t2 {} main {} SQLITE_INSERT tx {} main r2 SQLITE_READ t2 ROWID main r2}
sl@0	954	do_test auth-1.136.4 {
sl@0	955	execsql {
sl@0	956	SELECT * FROM tx;
sl@0	957	}
sl@0	958	} {3}
sl@0	959	do_test auth-1.137 {
sl@0	960	execsql {SELECT name FROM sqlite_master}
sl@0	961	} {t2 tx r2}
sl@0	962	do_test auth-1.138 {
sl@0	963	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	964	if {$code=="SQLITE_CREATE_TEMP_TRIGGER"} {
sl@0	965	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	966	return SQLITE_DENY
sl@0	967	}
sl@0	968	return SQLITE_OK
sl@0	969	}
sl@0	970	catchsql {
sl@0	971	CREATE TRIGGER r1 DELETE on t1 BEGIN
sl@0	972	SELECT NULL;
sl@0	973	END;
sl@0	974	}
sl@0	975	} {1 {not authorized}}
sl@0	976	do_test auth-1.139 {
sl@0	977	set ::authargs
sl@0	978	} {r1 t1 temp {}}
sl@0	979	do_test auth-1.140 {
sl@0	980	execsql {SELECT name FROM sqlite_temp_master}
sl@0	981	} {t1}
sl@0	982	do_test auth-1.141 {
sl@0	983	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	984	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} {
sl@0	985	return SQLITE_DENY
sl@0	986	}
sl@0	987	return SQLITE_OK
sl@0	988	}
sl@0	989	catchsql {
sl@0	990	CREATE TRIGGER r1 DELETE on t1 BEGIN
sl@0	991	SELECT NULL;
sl@0	992	END;
sl@0	993	}
sl@0	994	} {1 {not authorized}}
sl@0	995	do_test auth-1.142 {
sl@0	996	execsql {SELECT name FROM sqlite_temp_master}
sl@0	997	} {t1}
sl@0	998	do_test auth-1.143 {
sl@0	999	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1000	if {$code=="SQLITE_CREATE_TEMP_TRIGGER"} {
sl@0	1001	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1002	return SQLITE_IGNORE
sl@0	1003	}
sl@0	1004	return SQLITE_OK
sl@0	1005	}
sl@0	1006	catchsql {
sl@0	1007	CREATE TRIGGER r1 DELETE on t1 BEGIN
sl@0	1008	SELECT NULL;
sl@0	1009	END;
sl@0	1010	}
sl@0	1011	} {0 {}}
sl@0	1012	do_test auth-1.144 {
sl@0	1013	set ::authargs
sl@0	1014	} {r1 t1 temp {}}
sl@0	1015	do_test auth-1.145 {
sl@0	1016	execsql {SELECT name FROM sqlite_temp_master}
sl@0	1017	} {t1}
sl@0	1018	do_test auth-1.146 {
sl@0	1019	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1020	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} {
sl@0	1021	return SQLITE_IGNORE
sl@0	1022	}
sl@0	1023	return SQLITE_OK
sl@0	1024	}
sl@0	1025	catchsql {
sl@0	1026	CREATE TRIGGER r1 DELETE on t1 BEGIN
sl@0	1027	SELECT NULL;
sl@0	1028	END;
sl@0	1029	}
sl@0	1030	} {0 {}}
sl@0	1031	do_test auth-1.147 {
sl@0	1032	execsql {SELECT name FROM sqlite_temp_master}
sl@0	1033	} {t1}
sl@0	1034	do_test auth-1.148 {
sl@0	1035	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1036	if {$code=="SQLITE_CREATE_TEMP_TRIGGER"} {
sl@0	1037	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1038	return SQLITE_OK
sl@0	1039	}
sl@0	1040	return SQLITE_OK
sl@0	1041	}
sl@0	1042	catchsql {
sl@0	1043	CREATE TRIGGER r1 DELETE on t1 BEGIN
sl@0	1044	SELECT NULL;
sl@0	1045	END;
sl@0	1046	}
sl@0	1047	} {0 {}}
sl@0	1048	do_test auth-1.149 {
sl@0	1049	set ::authargs
sl@0	1050	} {r1 t1 temp {}}
sl@0	1051	do_test auth-1.150 {
sl@0	1052	execsql {SELECT name FROM sqlite_temp_master}
sl@0	1053	} {t1 r1}
sl@0	1054
sl@0	1055	do_test auth-1.151 {
sl@0	1056	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1057	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} {
sl@0	1058	return SQLITE_DENY
sl@0	1059	}
sl@0	1060	return SQLITE_OK
sl@0	1061	}
sl@0	1062	catchsql {DROP TRIGGER r2}
sl@0	1063	} {1 {not authorized}}
sl@0	1064	do_test auth-1.152 {
sl@0	1065	execsql {SELECT name FROM sqlite_master}
sl@0	1066	} {t2 tx r2}
sl@0	1067	do_test auth-1.153 {
sl@0	1068	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1069	if {$code=="SQLITE_DROP_TRIGGER"} {
sl@0	1070	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1071	return SQLITE_DENY
sl@0	1072	}
sl@0	1073	return SQLITE_OK
sl@0	1074	}
sl@0	1075	catchsql {DROP TRIGGER r2}
sl@0	1076	} {1 {not authorized}}
sl@0	1077	do_test auth-1.154 {
sl@0	1078	set ::authargs
sl@0	1079	} {r2 t2 main {}}
sl@0	1080	do_test auth-1.155 {
sl@0	1081	execsql {SELECT name FROM sqlite_master}
sl@0	1082	} {t2 tx r2}
sl@0	1083	do_test auth-1.156 {
sl@0	1084	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1085	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} {
sl@0	1086	return SQLITE_IGNORE
sl@0	1087	}
sl@0	1088	return SQLITE_OK
sl@0	1089	}
sl@0	1090	catchsql {DROP TRIGGER r2}
sl@0	1091	} {0 {}}
sl@0	1092	do_test auth-1.157 {
sl@0	1093	execsql {SELECT name FROM sqlite_master}
sl@0	1094	} {t2 tx r2}
sl@0	1095	do_test auth-1.158 {
sl@0	1096	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1097	if {$code=="SQLITE_DROP_TRIGGER"} {
sl@0	1098	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1099	return SQLITE_IGNORE
sl@0	1100	}
sl@0	1101	return SQLITE_OK
sl@0	1102	}
sl@0	1103	catchsql {DROP TRIGGER r2}
sl@0	1104	} {0 {}}
sl@0	1105	do_test auth-1.159 {
sl@0	1106	set ::authargs
sl@0	1107	} {r2 t2 main {}}
sl@0	1108	do_test auth-1.160 {
sl@0	1109	execsql {SELECT name FROM sqlite_master}
sl@0	1110	} {t2 tx r2}
sl@0	1111	do_test auth-1.161 {
sl@0	1112	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1113	if {$code=="SQLITE_DROP_TRIGGER"} {
sl@0	1114	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1115	return SQLITE_OK
sl@0	1116	}
sl@0	1117	return SQLITE_OK
sl@0	1118	}
sl@0	1119	catchsql {DROP TRIGGER r2}
sl@0	1120	} {0 {}}
sl@0	1121	do_test auth-1.162 {
sl@0	1122	set ::authargs
sl@0	1123	} {r2 t2 main {}}
sl@0	1124	do_test auth-1.163 {
sl@0	1125	execsql {
sl@0	1126	DROP TABLE tx;
sl@0	1127	DELETE FROM t2 WHERE a=1 AND b=2 AND c=3;
sl@0	1128	SELECT name FROM sqlite_master;
sl@0	1129	}
sl@0	1130	} {t2}
sl@0	1131
sl@0	1132	do_test auth-1.164 {
sl@0	1133	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1134	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} {
sl@0	1135	return SQLITE_DENY
sl@0	1136	}
sl@0	1137	return SQLITE_OK
sl@0	1138	}
sl@0	1139	catchsql {DROP TRIGGER r1}
sl@0	1140	} {1 {not authorized}}
sl@0	1141	do_test auth-1.165 {
sl@0	1142	execsql {SELECT name FROM sqlite_temp_master}
sl@0	1143	} {t1 r1}
sl@0	1144	do_test auth-1.166 {
sl@0	1145	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1146	if {$code=="SQLITE_DROP_TEMP_TRIGGER"} {
sl@0	1147	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1148	return SQLITE_DENY
sl@0	1149	}
sl@0	1150	return SQLITE_OK
sl@0	1151	}
sl@0	1152	catchsql {DROP TRIGGER r1}
sl@0	1153	} {1 {not authorized}}
sl@0	1154	do_test auth-1.167 {
sl@0	1155	set ::authargs
sl@0	1156	} {r1 t1 temp {}}
sl@0	1157	do_test auth-1.168 {
sl@0	1158	execsql {SELECT name FROM sqlite_temp_master}
sl@0	1159	} {t1 r1}
sl@0	1160	do_test auth-1.169 {
sl@0	1161	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1162	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} {
sl@0	1163	return SQLITE_IGNORE
sl@0	1164	}
sl@0	1165	return SQLITE_OK
sl@0	1166	}
sl@0	1167	catchsql {DROP TRIGGER r1}
sl@0	1168	} {0 {}}
sl@0	1169	do_test auth-1.170 {
sl@0	1170	execsql {SELECT name FROM sqlite_temp_master}
sl@0	1171	} {t1 r1}
sl@0	1172	do_test auth-1.171 {
sl@0	1173	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1174	if {$code=="SQLITE_DROP_TEMP_TRIGGER"} {
sl@0	1175	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1176	return SQLITE_IGNORE
sl@0	1177	}
sl@0	1178	return SQLITE_OK
sl@0	1179	}
sl@0	1180	catchsql {DROP TRIGGER r1}
sl@0	1181	} {0 {}}
sl@0	1182	do_test auth-1.172 {
sl@0	1183	set ::authargs
sl@0	1184	} {r1 t1 temp {}}
sl@0	1185	do_test auth-1.173 {
sl@0	1186	execsql {SELECT name FROM sqlite_temp_master}
sl@0	1187	} {t1 r1}
sl@0	1188	do_test auth-1.174 {
sl@0	1189	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1190	if {$code=="SQLITE_DROP_TEMP_TRIGGER"} {
sl@0	1191	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1192	return SQLITE_OK
sl@0	1193	}
sl@0	1194	return SQLITE_OK
sl@0	1195	}
sl@0	1196	catchsql {DROP TRIGGER r1}
sl@0	1197	} {0 {}}
sl@0	1198	do_test auth-1.175 {
sl@0	1199	set ::authargs
sl@0	1200	} {r1 t1 temp {}}
sl@0	1201	do_test auth-1.176 {
sl@0	1202	execsql {SELECT name FROM sqlite_temp_master}
sl@0	1203	} {t1}
sl@0	1204	} ;# ifcapable trigger
sl@0	1205
sl@0	1206	do_test auth-1.177 {
sl@0	1207	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1208	if {$code=="SQLITE_CREATE_INDEX"} {
sl@0	1209	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1210	return SQLITE_DENY
sl@0	1211	}
sl@0	1212	return SQLITE_OK
sl@0	1213	}
sl@0	1214	catchsql {CREATE INDEX i2 ON t2(a)}
sl@0	1215	} {1 {not authorized}}
sl@0	1216	do_test auth-1.178 {
sl@0	1217	set ::authargs
sl@0	1218	} {i2 t2 main {}}
sl@0	1219	do_test auth-1.179 {
sl@0	1220	execsql {SELECT name FROM sqlite_master}
sl@0	1221	} {t2}
sl@0	1222	do_test auth-1.180 {
sl@0	1223	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1224	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} {
sl@0	1225	return SQLITE_DENY
sl@0	1226	}
sl@0	1227	return SQLITE_OK
sl@0	1228	}
sl@0	1229	catchsql {CREATE INDEX i2 ON t2(a)}
sl@0	1230	} {1 {not authorized}}
sl@0	1231	do_test auth-1.181 {
sl@0	1232	execsql {SELECT name FROM sqlite_master}
sl@0	1233	} {t2}
sl@0	1234	do_test auth-1.182 {
sl@0	1235	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1236	if {$code=="SQLITE_CREATE_INDEX"} {
sl@0	1237	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1238	return SQLITE_IGNORE
sl@0	1239	}
sl@0	1240	return SQLITE_OK
sl@0	1241	}
sl@0	1242	catchsql {CREATE INDEX i2 ON t2(b)}
sl@0	1243	} {0 {}}
sl@0	1244	do_test auth-1.183 {
sl@0	1245	set ::authargs
sl@0	1246	} {i2 t2 main {}}
sl@0	1247	do_test auth-1.184 {
sl@0	1248	execsql {SELECT name FROM sqlite_master}
sl@0	1249	} {t2}
sl@0	1250	do_test auth-1.185 {
sl@0	1251	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1252	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_master"} {
sl@0	1253	return SQLITE_IGNORE
sl@0	1254	}
sl@0	1255	return SQLITE_OK
sl@0	1256	}
sl@0	1257	catchsql {CREATE INDEX i2 ON t2(b)}
sl@0	1258	} {0 {}}
sl@0	1259	do_test auth-1.186 {
sl@0	1260	execsql {SELECT name FROM sqlite_master}
sl@0	1261	} {t2}
sl@0	1262	do_test auth-1.187 {
sl@0	1263	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1264	if {$code=="SQLITE_CREATE_INDEX"} {
sl@0	1265	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1266	return SQLITE_OK
sl@0	1267	}
sl@0	1268	return SQLITE_OK
sl@0	1269	}
sl@0	1270	catchsql {CREATE INDEX i2 ON t2(a)}
sl@0	1271	} {0 {}}
sl@0	1272	do_test auth-1.188 {
sl@0	1273	set ::authargs
sl@0	1274	} {i2 t2 main {}}
sl@0	1275	do_test auth-1.189 {
sl@0	1276	execsql {SELECT name FROM sqlite_master}
sl@0	1277	} {t2 i2}
sl@0	1278
sl@0	1279	ifcapable tempdb {
sl@0	1280	do_test auth-1.190 {
sl@0	1281	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1282	if {$code=="SQLITE_CREATE_TEMP_INDEX"} {
sl@0	1283	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1284	return SQLITE_DENY
sl@0	1285	}
sl@0	1286	return SQLITE_OK
sl@0	1287	}
sl@0	1288	catchsql {CREATE INDEX i1 ON t1(a)}
sl@0	1289	} {1 {not authorized}}
sl@0	1290	do_test auth-1.191 {
sl@0	1291	set ::authargs
sl@0	1292	} {i1 t1 temp {}}
sl@0	1293	do_test auth-1.192 {
sl@0	1294	execsql {SELECT name FROM sqlite_temp_master}
sl@0	1295	} {t1}
sl@0	1296	do_test auth-1.193 {
sl@0	1297	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1298	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} {
sl@0	1299	return SQLITE_DENY
sl@0	1300	}
sl@0	1301	return SQLITE_OK
sl@0	1302	}
sl@0	1303	catchsql {CREATE INDEX i1 ON t1(b)}
sl@0	1304	} {1 {not authorized}}
sl@0	1305	do_test auth-1.194 {
sl@0	1306	execsql {SELECT name FROM sqlite_temp_master}
sl@0	1307	} {t1}
sl@0	1308	do_test auth-1.195 {
sl@0	1309	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1310	if {$code=="SQLITE_CREATE_TEMP_INDEX"} {
sl@0	1311	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1312	return SQLITE_IGNORE
sl@0	1313	}
sl@0	1314	return SQLITE_OK
sl@0	1315	}
sl@0	1316	catchsql {CREATE INDEX i1 ON t1(b)}
sl@0	1317	} {0 {}}
sl@0	1318	do_test auth-1.196 {
sl@0	1319	set ::authargs
sl@0	1320	} {i1 t1 temp {}}
sl@0	1321	do_test auth-1.197 {
sl@0	1322	execsql {SELECT name FROM sqlite_temp_master}
sl@0	1323	} {t1}
sl@0	1324	do_test auth-1.198 {
sl@0	1325	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1326	if {$code=="SQLITE_INSERT" && $arg1=="sqlite_temp_master"} {
sl@0	1327	return SQLITE_IGNORE
sl@0	1328	}
sl@0	1329	return SQLITE_OK
sl@0	1330	}
sl@0	1331	catchsql {CREATE INDEX i1 ON t1(c)}
sl@0	1332	} {0 {}}
sl@0	1333	do_test auth-1.199 {
sl@0	1334	execsql {SELECT name FROM sqlite_temp_master}
sl@0	1335	} {t1}
sl@0	1336	do_test auth-1.200 {
sl@0	1337	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1338	if {$code=="SQLITE_CREATE_TEMP_INDEX"} {
sl@0	1339	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1340	return SQLITE_OK
sl@0	1341	}
sl@0	1342	return SQLITE_OK
sl@0	1343	}
sl@0	1344	catchsql {CREATE INDEX i1 ON t1(a)}
sl@0	1345	} {0 {}}
sl@0	1346	do_test auth-1.201 {
sl@0	1347	set ::authargs
sl@0	1348	} {i1 t1 temp {}}
sl@0	1349	do_test auth-1.202 {
sl@0	1350	execsql {SELECT name FROM sqlite_temp_master}
sl@0	1351	} {t1 i1}
sl@0	1352	}
sl@0	1353
sl@0	1354	do_test auth-1.203 {
sl@0	1355	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1356	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} {
sl@0	1357	return SQLITE_DENY
sl@0	1358	}
sl@0	1359	return SQLITE_OK
sl@0	1360	}
sl@0	1361	catchsql {DROP INDEX i2}
sl@0	1362	} {1 {not authorized}}
sl@0	1363	do_test auth-1.204 {
sl@0	1364	execsql {SELECT name FROM sqlite_master}
sl@0	1365	} {t2 i2}
sl@0	1366	do_test auth-1.205 {
sl@0	1367	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1368	if {$code=="SQLITE_DROP_INDEX"} {
sl@0	1369	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1370	return SQLITE_DENY
sl@0	1371	}
sl@0	1372	return SQLITE_OK
sl@0	1373	}
sl@0	1374	catchsql {DROP INDEX i2}
sl@0	1375	} {1 {not authorized}}
sl@0	1376	do_test auth-1.206 {
sl@0	1377	set ::authargs
sl@0	1378	} {i2 t2 main {}}
sl@0	1379	do_test auth-1.207 {
sl@0	1380	execsql {SELECT name FROM sqlite_master}
sl@0	1381	} {t2 i2}
sl@0	1382	do_test auth-1.208 {
sl@0	1383	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1384	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_master"} {
sl@0	1385	return SQLITE_IGNORE
sl@0	1386	}
sl@0	1387	return SQLITE_OK
sl@0	1388	}
sl@0	1389	catchsql {DROP INDEX i2}
sl@0	1390	} {0 {}}
sl@0	1391	do_test auth-1.209 {
sl@0	1392	execsql {SELECT name FROM sqlite_master}
sl@0	1393	} {t2 i2}
sl@0	1394	do_test auth-1.210 {
sl@0	1395	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1396	if {$code=="SQLITE_DROP_INDEX"} {
sl@0	1397	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1398	return SQLITE_IGNORE
sl@0	1399	}
sl@0	1400	return SQLITE_OK
sl@0	1401	}
sl@0	1402	catchsql {DROP INDEX i2}
sl@0	1403	} {0 {}}
sl@0	1404	do_test auth-1.211 {
sl@0	1405	set ::authargs
sl@0	1406	} {i2 t2 main {}}
sl@0	1407	do_test auth-1.212 {
sl@0	1408	execsql {SELECT name FROM sqlite_master}
sl@0	1409	} {t2 i2}
sl@0	1410	do_test auth-1.213 {
sl@0	1411	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1412	if {$code=="SQLITE_DROP_INDEX"} {
sl@0	1413	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1414	return SQLITE_OK
sl@0	1415	}
sl@0	1416	return SQLITE_OK
sl@0	1417	}
sl@0	1418	catchsql {DROP INDEX i2}
sl@0	1419	} {0 {}}
sl@0	1420	do_test auth-1.214 {
sl@0	1421	set ::authargs
sl@0	1422	} {i2 t2 main {}}
sl@0	1423	do_test auth-1.215 {
sl@0	1424	execsql {SELECT name FROM sqlite_master}
sl@0	1425	} {t2}
sl@0	1426
sl@0	1427	ifcapable tempdb {
sl@0	1428	do_test auth-1.216 {
sl@0	1429	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1430	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} {
sl@0	1431	return SQLITE_DENY
sl@0	1432	}
sl@0	1433	return SQLITE_OK
sl@0	1434	}
sl@0	1435	catchsql {DROP INDEX i1}
sl@0	1436	} {1 {not authorized}}
sl@0	1437	do_test auth-1.217 {
sl@0	1438	execsql {SELECT name FROM sqlite_temp_master}
sl@0	1439	} {t1 i1}
sl@0	1440	do_test auth-1.218 {
sl@0	1441	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1442	if {$code=="SQLITE_DROP_TEMP_INDEX"} {
sl@0	1443	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1444	return SQLITE_DENY
sl@0	1445	}
sl@0	1446	return SQLITE_OK
sl@0	1447	}
sl@0	1448	catchsql {DROP INDEX i1}
sl@0	1449	} {1 {not authorized}}
sl@0	1450	do_test auth-1.219 {
sl@0	1451	set ::authargs
sl@0	1452	} {i1 t1 temp {}}
sl@0	1453	do_test auth-1.220 {
sl@0	1454	execsql {SELECT name FROM sqlite_temp_master}
sl@0	1455	} {t1 i1}
sl@0	1456	do_test auth-1.221 {
sl@0	1457	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1458	if {$code=="SQLITE_DELETE" && $arg1=="sqlite_temp_master"} {
sl@0	1459	return SQLITE_IGNORE
sl@0	1460	}
sl@0	1461	return SQLITE_OK
sl@0	1462	}
sl@0	1463	catchsql {DROP INDEX i1}
sl@0	1464	} {0 {}}
sl@0	1465	do_test auth-1.222 {
sl@0	1466	execsql {SELECT name FROM sqlite_temp_master}
sl@0	1467	} {t1 i1}
sl@0	1468	do_test auth-1.223 {
sl@0	1469	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1470	if {$code=="SQLITE_DROP_TEMP_INDEX"} {
sl@0	1471	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1472	return SQLITE_IGNORE
sl@0	1473	}
sl@0	1474	return SQLITE_OK
sl@0	1475	}
sl@0	1476	catchsql {DROP INDEX i1}
sl@0	1477	} {0 {}}
sl@0	1478	do_test auth-1.224 {
sl@0	1479	set ::authargs
sl@0	1480	} {i1 t1 temp {}}
sl@0	1481	do_test auth-1.225 {
sl@0	1482	execsql {SELECT name FROM sqlite_temp_master}
sl@0	1483	} {t1 i1}
sl@0	1484	do_test auth-1.226 {
sl@0	1485	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1486	if {$code=="SQLITE_DROP_TEMP_INDEX"} {
sl@0	1487	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1488	return SQLITE_OK
sl@0	1489	}
sl@0	1490	return SQLITE_OK
sl@0	1491	}
sl@0	1492	catchsql {DROP INDEX i1}
sl@0	1493	} {0 {}}
sl@0	1494	do_test auth-1.227 {
sl@0	1495	set ::authargs
sl@0	1496	} {i1 t1 temp {}}
sl@0	1497	do_test auth-1.228 {
sl@0	1498	execsql {SELECT name FROM sqlite_temp_master}
sl@0	1499	} {t1}
sl@0	1500	}
sl@0	1501
sl@0	1502	do_test auth-1.229 {
sl@0	1503	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1504	if {$code=="SQLITE_PRAGMA"} {
sl@0	1505	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1506	return SQLITE_DENY
sl@0	1507	}
sl@0	1508	return SQLITE_OK
sl@0	1509	}
sl@0	1510	catchsql {PRAGMA full_column_names=on}
sl@0	1511	} {1 {not authorized}}
sl@0	1512	do_test auth-1.230 {
sl@0	1513	set ::authargs
sl@0	1514	} {full_column_names on {} {}}
sl@0	1515	do_test auth-1.231 {
sl@0	1516	execsql2 {SELECT a FROM t2}
sl@0	1517	} {a 11 a 7}
sl@0	1518	do_test auth-1.232 {
sl@0	1519	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1520	if {$code=="SQLITE_PRAGMA"} {
sl@0	1521	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1522	return SQLITE_IGNORE
sl@0	1523	}
sl@0	1524	return SQLITE_OK
sl@0	1525	}
sl@0	1526	catchsql {PRAGMA full_column_names=on}
sl@0	1527	} {0 {}}
sl@0	1528	do_test auth-1.233 {
sl@0	1529	set ::authargs
sl@0	1530	} {full_column_names on {} {}}
sl@0	1531	do_test auth-1.234 {
sl@0	1532	execsql2 {SELECT a FROM t2}
sl@0	1533	} {a 11 a 7}
sl@0	1534	do_test auth-1.235 {
sl@0	1535	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1536	if {$code=="SQLITE_PRAGMA"} {
sl@0	1537	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1538	return SQLITE_OK
sl@0	1539	}
sl@0	1540	return SQLITE_OK
sl@0	1541	}
sl@0	1542	catchsql {PRAGMA full_column_names=on}
sl@0	1543	} {0 {}}
sl@0	1544	do_test auth-1.236 {
sl@0	1545	execsql2 {SELECT a FROM t2}
sl@0	1546	} {t2.a 11 t2.a 7}
sl@0	1547	do_test auth-1.237 {
sl@0	1548	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1549	if {$code=="SQLITE_PRAGMA"} {
sl@0	1550	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1551	return SQLITE_OK
sl@0	1552	}
sl@0	1553	return SQLITE_OK
sl@0	1554	}
sl@0	1555	catchsql {PRAGMA full_column_names=OFF}
sl@0	1556	} {0 {}}
sl@0	1557	do_test auth-1.238 {
sl@0	1558	set ::authargs
sl@0	1559	} {full_column_names OFF {} {}}
sl@0	1560	do_test auth-1.239 {
sl@0	1561	execsql2 {SELECT a FROM t2}
sl@0	1562	} {a 11 a 7}
sl@0	1563
sl@0	1564	do_test auth-1.240 {
sl@0	1565	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1566	if {$code=="SQLITE_TRANSACTION"} {
sl@0	1567	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1568	return SQLITE_DENY
sl@0	1569	}
sl@0	1570	return SQLITE_OK
sl@0	1571	}
sl@0	1572	catchsql {BEGIN}
sl@0	1573	} {1 {not authorized}}
sl@0	1574	do_test auth-1.241 {
sl@0	1575	set ::authargs
sl@0	1576	} {BEGIN {} {} {}}
sl@0	1577	do_test auth-1.242 {
sl@0	1578	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1579	if {$code=="SQLITE_TRANSACTION" && $arg1!="BEGIN"} {
sl@0	1580	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1581	return SQLITE_DENY
sl@0	1582	}
sl@0	1583	return SQLITE_OK
sl@0	1584	}
sl@0	1585	catchsql {BEGIN; INSERT INTO t2 VALUES(44,55,66); COMMIT}
sl@0	1586	} {1 {not authorized}}
sl@0	1587	do_test auth-1.243 {
sl@0	1588	set ::authargs
sl@0	1589	} {COMMIT {} {} {}}
sl@0	1590	do_test auth-1.244 {
sl@0	1591	execsql {SELECT * FROM t2}
sl@0	1592	} {11 2 33 7 8 9 44 55 66}
sl@0	1593	do_test auth-1.245 {
sl@0	1594	catchsql {ROLLBACK}
sl@0	1595	} {1 {not authorized}}
sl@0	1596	do_test auth-1.246 {
sl@0	1597	set ::authargs
sl@0	1598	} {ROLLBACK {} {} {}}
sl@0	1599	do_test auth-1.247 {
sl@0	1600	catchsql {END TRANSACTION}
sl@0	1601	} {1 {not authorized}}
sl@0	1602	do_test auth-1.248 {
sl@0	1603	set ::authargs
sl@0	1604	} {COMMIT {} {} {}}
sl@0	1605	do_test auth-1.249 {
sl@0	1606	db authorizer {}
sl@0	1607	catchsql {ROLLBACK}
sl@0	1608	} {0 {}}
sl@0	1609	do_test auth-1.250 {
sl@0	1610	execsql {SELECT * FROM t2}
sl@0	1611	} {11 2 33 7 8 9}
sl@0	1612
sl@0	1613	# ticket #340 - authorization for ATTACH and DETACH.
sl@0	1614	#
sl@0	1615	ifcapable attach {
sl@0	1616	do_test auth-1.251 {
sl@0	1617	db authorizer ::auth
sl@0	1618	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1619	if {$code=="SQLITE_ATTACH"} {
sl@0	1620	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1621	}
sl@0	1622	return SQLITE_OK
sl@0	1623	}
sl@0	1624	catchsql {
sl@0	1625	ATTACH DATABASE ':memory:' AS test1
sl@0	1626	}
sl@0	1627	} {0 {}}
sl@0	1628	do_test auth-1.252 {
sl@0	1629	set ::authargs
sl@0	1630	} {:memory: {} {} {}}
sl@0	1631	do_test auth-1.253 {
sl@0	1632	catchsql {DETACH DATABASE test1}
sl@0	1633	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1634	if {$code=="SQLITE_ATTACH"} {
sl@0	1635	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1636	return SQLITE_DENY
sl@0	1637	}
sl@0	1638	return SQLITE_OK
sl@0	1639	}
sl@0	1640	catchsql {
sl@0	1641	ATTACH DATABASE ':memory:' AS test1;
sl@0	1642	}
sl@0	1643	} {1 {not authorized}}
sl@0	1644	do_test auth-1.254 {
sl@0	1645	lindex [execsql {PRAGMA database_list}] 7
sl@0	1646	} {}
sl@0	1647	do_test auth-1.255 {
sl@0	1648	catchsql {DETACH DATABASE test1}
sl@0	1649	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1650	if {$code=="SQLITE_ATTACH"} {
sl@0	1651	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1652	return SQLITE_IGNORE
sl@0	1653	}
sl@0	1654	return SQLITE_OK
sl@0	1655	}
sl@0	1656	catchsql {
sl@0	1657	ATTACH DATABASE ':memory:' AS test1;
sl@0	1658	}
sl@0	1659	} {0 {}}
sl@0	1660	do_test auth-1.256 {
sl@0	1661	lindex [execsql {PRAGMA database_list}] 7
sl@0	1662	} {}
sl@0	1663	do_test auth-1.257 {
sl@0	1664	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1665	if {$code=="SQLITE_DETACH"} {
sl@0	1666	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1667	return SQLITE_OK
sl@0	1668	}
sl@0	1669	return SQLITE_OK
sl@0	1670	}
sl@0	1671	execsql {ATTACH DATABASE ':memory:' AS test1}
sl@0	1672	catchsql {
sl@0	1673	DETACH DATABASE test1;
sl@0	1674	}
sl@0	1675	} {0 {}}
sl@0	1676	do_test auth-1.258 {
sl@0	1677	lindex [execsql {PRAGMA database_list}] 7
sl@0	1678	} {}
sl@0	1679	do_test auth-1.259 {
sl@0	1680	execsql {ATTACH DATABASE ':memory:' AS test1}
sl@0	1681	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1682	if {$code=="SQLITE_DETACH"} {
sl@0	1683	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1684	return SQLITE_IGNORE
sl@0	1685	}
sl@0	1686	return SQLITE_OK
sl@0	1687	}
sl@0	1688	catchsql {
sl@0	1689	DETACH DATABASE test1;
sl@0	1690	}
sl@0	1691	} {0 {}}
sl@0	1692	ifcapable tempdb {
sl@0	1693	ifcapable schema_pragmas {
sl@0	1694	do_test auth-1.260 {
sl@0	1695	lindex [execsql {PRAGMA database_list}] 7
sl@0	1696	} {test1}
sl@0	1697	} ;# ifcapable schema_pragmas
sl@0	1698	do_test auth-1.261 {
sl@0	1699	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1700	if {$code=="SQLITE_DETACH"} {
sl@0	1701	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1702	return SQLITE_DENY
sl@0	1703	}
sl@0	1704	return SQLITE_OK
sl@0	1705	}
sl@0	1706	catchsql {
sl@0	1707	DETACH DATABASE test1;
sl@0	1708	}
sl@0	1709	} {1 {not authorized}}
sl@0	1710	ifcapable schema_pragmas {
sl@0	1711	do_test auth-1.262 {
sl@0	1712	lindex [execsql {PRAGMA database_list}] 7
sl@0	1713	} {test1}
sl@0	1714	} ;# ifcapable schema_pragmas
sl@0	1715	db authorizer {}
sl@0	1716	execsql {DETACH DATABASE test1}
sl@0	1717	db authorizer ::auth
sl@0	1718
sl@0	1719	# Authorization for ALTER TABLE. These tests are omitted if the library
sl@0	1720	# was built without ALTER TABLE support.
sl@0	1721	ifcapable altertable {
sl@0	1722
sl@0	1723	do_test auth-1.263 {
sl@0	1724	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1725	if {$code=="SQLITE_ALTER_TABLE"} {
sl@0	1726	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1727	return SQLITE_OK
sl@0	1728	}
sl@0	1729	return SQLITE_OK
sl@0	1730	}
sl@0	1731	catchsql {
sl@0	1732	ALTER TABLE t1 RENAME TO t1x
sl@0	1733	}
sl@0	1734	} {0 {}}
sl@0	1735	do_test auth-1.264 {
sl@0	1736	execsql {SELECT name FROM sqlite_temp_master WHERE type='table'}
sl@0	1737	} {t1x}
sl@0	1738	do_test auth-1.265 {
sl@0	1739	set authargs
sl@0	1740	} {temp t1 {} {}}
sl@0	1741	do_test auth-1.266 {
sl@0	1742	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1743	if {$code=="SQLITE_ALTER_TABLE"} {
sl@0	1744	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1745	return SQLITE_IGNORE
sl@0	1746	}
sl@0	1747	return SQLITE_OK
sl@0	1748	}
sl@0	1749	catchsql {
sl@0	1750	ALTER TABLE t1x RENAME TO t1
sl@0	1751	}
sl@0	1752	} {0 {}}
sl@0	1753	do_test auth-1.267 {
sl@0	1754	execsql {SELECT name FROM sqlite_temp_master WHERE type='table'}
sl@0	1755	} {t1x}
sl@0	1756	do_test auth-1.268 {
sl@0	1757	set authargs
sl@0	1758	} {temp t1x {} {}}
sl@0	1759	do_test auth-1.269 {
sl@0	1760	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1761	if {$code=="SQLITE_ALTER_TABLE"} {
sl@0	1762	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1763	return SQLITE_DENY
sl@0	1764	}
sl@0	1765	return SQLITE_OK
sl@0	1766	}
sl@0	1767	catchsql {
sl@0	1768	ALTER TABLE t1x RENAME TO t1
sl@0	1769	}
sl@0	1770	} {1 {not authorized}}
sl@0	1771	do_test auth-1.270 {
sl@0	1772	execsql {SELECT name FROM sqlite_temp_master WHERE type='table'}
sl@0	1773	} {t1x}
sl@0	1774
sl@0	1775	do_test auth-1.271 {
sl@0	1776	set authargs
sl@0	1777	} {temp t1x {} {}}
sl@0	1778	} ;# ifcapable altertable
sl@0	1779
sl@0	1780	} else {
sl@0	1781	db authorizer {}
sl@0	1782	db eval {
sl@0	1783	DETACH DATABASE test1;
sl@0	1784	}
sl@0	1785	}
sl@0	1786	}
sl@0	1787
sl@0	1788	ifcapable altertable {
sl@0	1789	db authorizer {}
sl@0	1790	catchsql {ALTER TABLE t1x RENAME TO t1}
sl@0	1791	db authorizer ::auth
sl@0	1792	do_test auth-1.272 {
sl@0	1793	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1794	if {$code=="SQLITE_ALTER_TABLE"} {
sl@0	1795	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1796	return SQLITE_OK
sl@0	1797	}
sl@0	1798	return SQLITE_OK
sl@0	1799	}
sl@0	1800	catchsql {
sl@0	1801	ALTER TABLE t2 RENAME TO t2x
sl@0	1802	}
sl@0	1803	} {0 {}}
sl@0	1804	do_test auth-1.273 {
sl@0	1805	execsql {SELECT name FROM sqlite_master WHERE type='table'}
sl@0	1806	} {t2x}
sl@0	1807	do_test auth-1.274 {
sl@0	1808	set authargs
sl@0	1809	} {main t2 {} {}}
sl@0	1810	do_test auth-1.275 {
sl@0	1811	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1812	if {$code=="SQLITE_ALTER_TABLE"} {
sl@0	1813	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1814	return SQLITE_IGNORE
sl@0	1815	}
sl@0	1816	return SQLITE_OK
sl@0	1817	}
sl@0	1818	catchsql {
sl@0	1819	ALTER TABLE t2x RENAME TO t2
sl@0	1820	}
sl@0	1821	} {0 {}}
sl@0	1822	do_test auth-1.276 {
sl@0	1823	execsql {SELECT name FROM sqlite_master WHERE type='table'}
sl@0	1824	} {t2x}
sl@0	1825	do_test auth-1.277 {
sl@0	1826	set authargs
sl@0	1827	} {main t2x {} {}}
sl@0	1828	do_test auth-1.278 {
sl@0	1829	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	1830	if {$code=="SQLITE_ALTER_TABLE"} {
sl@0	1831	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	1832	return SQLITE_DENY
sl@0	1833	}
sl@0	1834	return SQLITE_OK
sl@0	1835	}
sl@0	1836	catchsql {
sl@0	1837	ALTER TABLE t2x RENAME TO t2
sl@0	1838	}
sl@0	1839	} {1 {not authorized}}
sl@0	1840	do_test auth-1.279 {
sl@0	1841	execsql {SELECT name FROM sqlite_master WHERE type='table'}
sl@0	1842	} {t2x}
sl@0	1843	do_test auth-1.280 {
sl@0	1844	set authargs
sl@0	1845	} {main t2x {} {}}
sl@0	1846	db authorizer {}
sl@0	1847	catchsql {ALTER TABLE t2x RENAME TO t2}
sl@0	1848
sl@0	1849	} ;# ifcapable altertable
sl@0	1850
sl@0	1851	# Test the authorization callbacks for the REINDEX command.
sl@0	1852	ifcapable reindex {
sl@0	1853
sl@0	1854	proc auth {code args} {
sl@0	1855	if {$code=="SQLITE_REINDEX"} {
sl@0	1856	set ::authargs [concat $::authargs $args]
sl@0	1857	}
sl@0	1858	return SQLITE_OK
sl@0	1859	}
sl@0	1860	db authorizer auth
sl@0	1861	do_test auth-1.281 {
sl@0	1862	execsql {
sl@0	1863	CREATE TABLE t3(a PRIMARY KEY, b, c);
sl@0	1864	CREATE INDEX t3_idx1 ON t3(c COLLATE BINARY);
sl@0	1865	CREATE INDEX t3_idx2 ON t3(b COLLATE NOCASE);
sl@0	1866	}
sl@0	1867	} {}
sl@0	1868	do_test auth-1.282 {
sl@0	1869	set ::authargs {}
sl@0	1870	execsql {
sl@0	1871	REINDEX t3_idx1;
sl@0	1872	}
sl@0	1873	set ::authargs
sl@0	1874	} {t3_idx1 {} main {}}
sl@0	1875	do_test auth-1.283 {
sl@0	1876	set ::authargs {}
sl@0	1877	execsql {
sl@0	1878	REINDEX BINARY;
sl@0	1879	}
sl@0	1880	set ::authargs
sl@0	1881	} {t3_idx1 {} main {} sqlite_autoindex_t3_1 {} main {}}
sl@0	1882	do_test auth-1.284 {
sl@0	1883	set ::authargs {}
sl@0	1884	execsql {
sl@0	1885	REINDEX NOCASE;
sl@0	1886	}
sl@0	1887	set ::authargs
sl@0	1888	} {t3_idx2 {} main {}}
sl@0	1889	do_test auth-1.285 {
sl@0	1890	set ::authargs {}
sl@0	1891	execsql {
sl@0	1892	REINDEX t3;
sl@0	1893	}
sl@0	1894	set ::authargs
sl@0	1895	} {t3_idx2 {} main {} t3_idx1 {} main {} sqlite_autoindex_t3_1 {} main {}}
sl@0	1896	do_test auth-1.286 {
sl@0	1897	execsql {
sl@0	1898	DROP TABLE t3;
sl@0	1899	}
sl@0	1900	} {}
sl@0	1901	ifcapable tempdb {
sl@0	1902	do_test auth-1.287 {
sl@0	1903	execsql {
sl@0	1904	CREATE TEMP TABLE t3(a PRIMARY KEY, b, c);
sl@0	1905	CREATE INDEX t3_idx1 ON t3(c COLLATE BINARY);
sl@0	1906	CREATE INDEX t3_idx2 ON t3(b COLLATE NOCASE);
sl@0	1907	}
sl@0	1908	} {}
sl@0	1909	do_test auth-1.288 {
sl@0	1910	set ::authargs {}
sl@0	1911	execsql {
sl@0	1912	REINDEX temp.t3_idx1;
sl@0	1913	}
sl@0	1914	set ::authargs
sl@0	1915	} {t3_idx1 {} temp {}}
sl@0	1916	do_test auth-1.289 {
sl@0	1917	set ::authargs {}
sl@0	1918	execsql {
sl@0	1919	REINDEX BINARY;
sl@0	1920	}
sl@0	1921	set ::authargs
sl@0	1922	} {t3_idx1 {} temp {} sqlite_autoindex_t3_1 {} temp {}}
sl@0	1923	do_test auth-1.290 {
sl@0	1924	set ::authargs {}
sl@0	1925	execsql {
sl@0	1926	REINDEX NOCASE;
sl@0	1927	}
sl@0	1928	set ::authargs
sl@0	1929	} {t3_idx2 {} temp {}}
sl@0	1930	do_test auth-1.291 {
sl@0	1931	set ::authargs {}
sl@0	1932	execsql {
sl@0	1933	REINDEX temp.t3;
sl@0	1934	}
sl@0	1935	set ::authargs
sl@0	1936	} {t3_idx2 {} temp {} t3_idx1 {} temp {} sqlite_autoindex_t3_1 {} temp {}}
sl@0	1937	proc auth {code args} {
sl@0	1938	if {$code=="SQLITE_REINDEX"} {
sl@0	1939	set ::authargs [concat $::authargs $args]
sl@0	1940	return SQLITE_DENY
sl@0	1941	}
sl@0	1942	return SQLITE_OK
sl@0	1943	}
sl@0	1944	do_test auth-1.292 {
sl@0	1945	set ::authargs {}
sl@0	1946	catchsql {
sl@0	1947	REINDEX temp.t3;
sl@0	1948	}
sl@0	1949	} {1 {not authorized}}
sl@0	1950	do_test auth-1.293 {
sl@0	1951	execsql {
sl@0	1952	DROP TABLE t3;
sl@0	1953	}
sl@0	1954	} {}
sl@0	1955	}
sl@0	1956
sl@0	1957	} ;# ifcapable reindex
sl@0	1958
sl@0	1959	ifcapable analyze {
sl@0	1960	proc auth {code args} {
sl@0	1961	if {$code=="SQLITE_ANALYZE"} {
sl@0	1962	set ::authargs [concat $::authargs $args]
sl@0	1963	}
sl@0	1964	return SQLITE_OK
sl@0	1965	}
sl@0	1966	do_test auth-1.294 {
sl@0	1967	set ::authargs {}
sl@0	1968	execsql {
sl@0	1969	CREATE TABLE t4(a,b,c);
sl@0	1970	CREATE INDEX t4i1 ON t4(a);
sl@0	1971	CREATE INDEX t4i2 ON t4(b,a,c);
sl@0	1972	INSERT INTO t4 VALUES(1,2,3);
sl@0	1973	ANALYZE;
sl@0	1974	}
sl@0	1975	set ::authargs
sl@0	1976	} {t4 {} main {}}
sl@0	1977	do_test auth-1.295 {
sl@0	1978	execsql {
sl@0	1979	SELECT count(*) FROM sqlite_stat1;
sl@0	1980	}
sl@0	1981	} 2
sl@0	1982	proc auth {code args} {
sl@0	1983	if {$code=="SQLITE_ANALYZE"} {
sl@0	1984	set ::authargs [concat $::authargs $args]
sl@0	1985	return SQLITE_DENY
sl@0	1986	}
sl@0	1987	return SQLITE_OK
sl@0	1988	}
sl@0	1989	do_test auth-1.296 {
sl@0	1990	set ::authargs {}
sl@0	1991	catchsql {
sl@0	1992	ANALYZE;
sl@0	1993	}
sl@0	1994	} {1 {not authorized}}
sl@0	1995	do_test auth-1.297 {
sl@0	1996	execsql {
sl@0	1997	SELECT count(*) FROM sqlite_stat1;
sl@0	1998	}
sl@0	1999	} 2
sl@0	2000	} ;# ifcapable analyze
sl@0	2001
sl@0	2002
sl@0	2003	# Authorization for ALTER TABLE ADD COLUMN.
sl@0	2004	# These tests are omitted if the library
sl@0	2005	# was built without ALTER TABLE support.
sl@0	2006	ifcapable {altertable} {
sl@0	2007	do_test auth-1.300 {
sl@0	2008	execsql {CREATE TABLE t5(x)}
sl@0	2009	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	2010	if {$code=="SQLITE_ALTER_TABLE"} {
sl@0	2011	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	2012	return SQLITE_OK
sl@0	2013	}
sl@0	2014	return SQLITE_OK
sl@0	2015	}
sl@0	2016	catchsql {
sl@0	2017	ALTER TABLE t5 ADD COLUMN new_col_1;
sl@0	2018	}
sl@0	2019	} {0 {}}
sl@0	2020	do_test auth-1.301 {
sl@0	2021	set x [execsql {SELECT sql FROM sqlite_master WHERE name='t5'}]
sl@0	2022	regexp new_col_1 $x
sl@0	2023	} {1}
sl@0	2024	do_test auth-1.302 {
sl@0	2025	set authargs
sl@0	2026	} {main t5 {} {}}
sl@0	2027	do_test auth-1.303 {
sl@0	2028	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	2029	if {$code=="SQLITE_ALTER_TABLE"} {
sl@0	2030	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	2031	return SQLITE_IGNORE
sl@0	2032	}
sl@0	2033	return SQLITE_OK
sl@0	2034	}
sl@0	2035	catchsql {
sl@0	2036	ALTER TABLE t5 ADD COLUMN new_col_2;
sl@0	2037	}
sl@0	2038	} {0 {}}
sl@0	2039	do_test auth-1.304 {
sl@0	2040	set x [execsql {SELECT sql FROM sqlite_master WHERE name='t5'}]
sl@0	2041	regexp new_col_2 $x
sl@0	2042	} {0}
sl@0	2043	do_test auth-1.305 {
sl@0	2044	set authargs
sl@0	2045	} {main t5 {} {}}
sl@0	2046	do_test auth-1.306 {
sl@0	2047	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	2048	if {$code=="SQLITE_ALTER_TABLE"} {
sl@0	2049	set ::authargs [list $arg1 $arg2 $arg3 $arg4]
sl@0	2050	return SQLITE_DENY
sl@0	2051	}
sl@0	2052	return SQLITE_OK
sl@0	2053	}
sl@0	2054	catchsql {
sl@0	2055	ALTER TABLE t5 ADD COLUMN new_col_3
sl@0	2056	}
sl@0	2057	} {1 {not authorized}}
sl@0	2058	do_test auth-1.307 {
sl@0	2059	set x [execsql {SELECT sql FROM sqlite_temp_master WHERE type='t5'}]
sl@0	2060	regexp new_col_3 $x
sl@0	2061	} {0}
sl@0	2062
sl@0	2063	do_test auth-1.308 {
sl@0	2064	set authargs
sl@0	2065	} {main t5 {} {}}
sl@0	2066	execsql {DROP TABLE t5}
sl@0	2067	} ;# ifcapable altertable
sl@0	2068
sl@0	2069	do_test auth-2.1 {
sl@0	2070	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	2071	if {$code=="SQLITE_READ" && $arg1=="t3" && $arg2=="x"} {
sl@0	2072	return SQLITE_DENY
sl@0	2073	}
sl@0	2074	return SQLITE_OK
sl@0	2075	}
sl@0	2076	db authorizer ::auth
sl@0	2077	execsql {CREATE TABLE t3(x INTEGER PRIMARY KEY, y, z)}
sl@0	2078	catchsql {SELECT * FROM t3}
sl@0	2079	} {1 {access to t3.x is prohibited}}
sl@0	2080	do_test auth-2.1 {
sl@0	2081	catchsql {SELECT y,z FROM t3}
sl@0	2082	} {0 {}}
sl@0	2083	do_test auth-2.2 {
sl@0	2084	catchsql {SELECT ROWID,y,z FROM t3}
sl@0	2085	} {1 {access to t3.x is prohibited}}
sl@0	2086	do_test auth-2.3 {
sl@0	2087	catchsql {SELECT OID,y,z FROM t3}
sl@0	2088	} {1 {access to t3.x is prohibited}}
sl@0	2089	do_test auth-2.4 {
sl@0	2090	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	2091	if {$code=="SQLITE_READ" && $arg1=="t3" && $arg2=="x"} {
sl@0	2092	return SQLITE_IGNORE
sl@0	2093	}
sl@0	2094	return SQLITE_OK
sl@0	2095	}
sl@0	2096	execsql {INSERT INTO t3 VALUES(44,55,66)}
sl@0	2097	catchsql {SELECT * FROM t3}
sl@0	2098	} {0 {{} 55 66}}
sl@0	2099	do_test auth-2.5 {
sl@0	2100	catchsql {SELECT rowid,y,z FROM t3}
sl@0	2101	} {0 {{} 55 66}}
sl@0	2102	do_test auth-2.6 {
sl@0	2103	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	2104	if {$code=="SQLITE_READ" && $arg1=="t3" && $arg2=="ROWID"} {
sl@0	2105	return SQLITE_IGNORE
sl@0	2106	}
sl@0	2107	return SQLITE_OK
sl@0	2108	}
sl@0	2109	catchsql {SELECT * FROM t3}
sl@0	2110	} {0 {44 55 66}}
sl@0	2111	do_test auth-2.7 {
sl@0	2112	catchsql {SELECT ROWID,y,z FROM t3}
sl@0	2113	} {0 {44 55 66}}
sl@0	2114	do_test auth-2.8 {
sl@0	2115	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	2116	if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="ROWID"} {
sl@0	2117	return SQLITE_IGNORE
sl@0	2118	}
sl@0	2119	return SQLITE_OK
sl@0	2120	}
sl@0	2121	catchsql {SELECT ROWID,b,c FROM t2}
sl@0	2122	} {0 {{} 2 33 {} 8 9}}
sl@0	2123	do_test auth-2.9.1 {
sl@0	2124	# We have to flush the cache here in case the Tcl interface tries to
sl@0	2125	# reuse a statement compiled with sqlite3_prepare_v2(). In this case,
sl@0	2126	# the first error encountered is an SQLITE_SCHEMA error. Then, when
sl@0	2127	# trying to recompile the statement, the authorization error is encountered.
sl@0	2128	# If we do not flush the cache, the correct error message is returned, but
sl@0	2129	# the error code is SQLITE_SCHEMA, not SQLITE_ERROR as required by the test
sl@0	2130	# case after this one.
sl@0	2131	#
sl@0	2132	db cache flush
sl@0	2133
sl@0	2134	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	2135	if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="ROWID"} {
sl@0	2136	return bogus
sl@0	2137	}
sl@0	2138	return SQLITE_OK
sl@0	2139	}
sl@0	2140	catchsql {SELECT ROWID,b,c FROM t2}
sl@0	2141	} {1 {illegal return value (999) from the authorization function - should be SQLITE_OK, SQLITE_IGNORE, or SQLITE_DENY}}
sl@0	2142	do_test auth-2.9.2 {
sl@0	2143	db errorcode
sl@0	2144	} {1}
sl@0	2145	do_test auth-2.10 {
sl@0	2146	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	2147	if {$code=="SQLITE_SELECT"} {
sl@0	2148	return bogus
sl@0	2149	}
sl@0	2150	return SQLITE_OK
sl@0	2151	}
sl@0	2152	catchsql {SELECT ROWID,b,c FROM t2}
sl@0	2153	} {1 {illegal return value (1) from the authorization function - should be SQLITE_OK, SQLITE_IGNORE, or SQLITE_DENY}}
sl@0	2154	do_test auth-2.11.1 {
sl@0	2155	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	2156	if {$code=="SQLITE_READ" && $arg2=="a"} {
sl@0	2157	return SQLITE_IGNORE
sl@0	2158	}
sl@0	2159	return SQLITE_OK
sl@0	2160	}
sl@0	2161	catchsql {SELECT * FROM t2, t3}
sl@0	2162	} {0 {{} 2 33 44 55 66 {} 8 9 44 55 66}}
sl@0	2163	do_test auth-2.11.2 {
sl@0	2164	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	2165	if {$code=="SQLITE_READ" && $arg2=="x"} {
sl@0	2166	return SQLITE_IGNORE
sl@0	2167	}
sl@0	2168	return SQLITE_OK
sl@0	2169	}
sl@0	2170	catchsql {SELECT * FROM t2, t3}
sl@0	2171	} {0 {11 2 33 {} 55 66 7 8 9 {} 55 66}}
sl@0	2172
sl@0	2173	# Make sure the OLD and NEW pseudo-tables of a trigger get authorized.
sl@0	2174	#
sl@0	2175	ifcapable trigger {
sl@0	2176	do_test auth-3.1 {
sl@0	2177	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	2178	return SQLITE_OK
sl@0	2179	}
sl@0	2180	execsql {
sl@0	2181	CREATE TABLE tx(a1,a2,b1,b2,c1,c2);
sl@0	2182	CREATE TRIGGER r1 AFTER UPDATE ON t2 FOR EACH ROW BEGIN
sl@0	2183	INSERT INTO tx VALUES(OLD.a,NEW.a,OLD.b,NEW.b,OLD.c,NEW.c);
sl@0	2184	END;
sl@0	2185	UPDATE t2 SET a=a+1;
sl@0	2186	SELECT * FROM tx;
sl@0	2187	}
sl@0	2188	} {11 12 2 2 33 33 7 8 8 8 9 9}
sl@0	2189	do_test auth-3.2 {
sl@0	2190	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	2191	if {$code=="SQLITE_READ" && $arg1=="t2" && $arg2=="c"} {
sl@0	2192	return SQLITE_IGNORE
sl@0	2193	}
sl@0	2194	return SQLITE_OK
sl@0	2195	}
sl@0	2196	execsql {
sl@0	2197	DELETE FROM tx;
sl@0	2198	UPDATE t2 SET a=a+100;
sl@0	2199	SELECT * FROM tx;
sl@0	2200	}
sl@0	2201	} {12 112 2 2 {} {} 8 108 8 8 {} {}}
sl@0	2202	} ;# ifcapable trigger
sl@0	2203
sl@0	2204	# Make sure the names of views and triggers are passed on on arg4.
sl@0	2205	#
sl@0	2206	ifcapable trigger {
sl@0	2207	do_test auth-4.1 {
sl@0	2208	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	2209	lappend ::authargs $code $arg1 $arg2 $arg3 $arg4
sl@0	2210	return SQLITE_OK
sl@0	2211	}
sl@0	2212	set authargs {}
sl@0	2213	execsql {
sl@0	2214	UPDATE t2 SET a=a+1;
sl@0	2215	}
sl@0	2216	set authargs
sl@0	2217	} [list \
sl@0	2218	SQLITE_READ t2 a main {} \
sl@0	2219	SQLITE_UPDATE t2 a main {} \
sl@0	2220	SQLITE_INSERT tx {} main r1 \
sl@0	2221	SQLITE_READ t2 a main r1 \
sl@0	2222	SQLITE_READ t2 a main r1 \
sl@0	2223	SQLITE_READ t2 b main r1 \
sl@0	2224	SQLITE_READ t2 b main r1 \
sl@0	2225	SQLITE_READ t2 c main r1 \
sl@0	2226	SQLITE_READ t2 c main r1]
sl@0	2227	}
sl@0	2228
sl@0	2229	ifcapable {view && trigger} {
sl@0	2230	do_test auth-4.2 {
sl@0	2231	execsql {
sl@0	2232	CREATE VIEW v1 AS SELECT a+b AS x FROM t2;
sl@0	2233	CREATE TABLE v1chng(x1,x2);
sl@0	2234	CREATE TRIGGER r2 INSTEAD OF UPDATE ON v1 BEGIN
sl@0	2235	INSERT INTO v1chng VALUES(OLD.x,NEW.x);
sl@0	2236	END;
sl@0	2237	SELECT * FROM v1;
sl@0	2238	}
sl@0	2239	} {115 117}
sl@0	2240	do_test auth-4.3 {
sl@0	2241	set authargs {}
sl@0	2242	execsql {
sl@0	2243	UPDATE v1 SET x=1 WHERE x=117
sl@0	2244	}
sl@0	2245	set authargs
sl@0	2246	} [list \
sl@0	2247	SQLITE_UPDATE v1 x main {} \
sl@0	2248	SQLITE_INSERT v1chng {} main r2 \
sl@0	2249	SQLITE_READ v1 x main r2 \
sl@0	2250	SQLITE_READ v1 x main r2 \
sl@0	2251	SQLITE_SELECT {} {} {} v1 \
sl@0	2252	SQLITE_READ t2 a main v1 \
sl@0	2253	SQLITE_READ t2 b main v1 \
sl@0	2254	SQLITE_SELECT {} {} {} {} \
sl@0	2255	SQLITE_READ v1 x main v1 \
sl@0	2256	]
sl@0	2257	do_test auth-4.4 {
sl@0	2258	execsql {
sl@0	2259	CREATE TRIGGER r3 INSTEAD OF DELETE ON v1 BEGIN
sl@0	2260	INSERT INTO v1chng VALUES(OLD.x,NULL);
sl@0	2261	END;
sl@0	2262	SELECT * FROM v1;
sl@0	2263	}
sl@0	2264	} {115 117}
sl@0	2265	do_test auth-4.5 {
sl@0	2266	set authargs {}
sl@0	2267	execsql {
sl@0	2268	DELETE FROM v1 WHERE x=117
sl@0	2269	}
sl@0	2270	set authargs
sl@0	2271	} [list \
sl@0	2272	SQLITE_DELETE v1 {} main {} \
sl@0	2273	SQLITE_INSERT v1chng {} main r3 \
sl@0	2274	SQLITE_READ v1 x main r3 \
sl@0	2275	SQLITE_SELECT {} {} {} v1 \
sl@0	2276	SQLITE_READ t2 a main v1 \
sl@0	2277	SQLITE_READ t2 b main v1 \
sl@0	2278	SQLITE_SELECT {} {} {} {} \
sl@0	2279	SQLITE_READ v1 x main v1 \
sl@0	2280	]
sl@0	2281
sl@0	2282	} ;# ifcapable view && trigger
sl@0	2283
sl@0	2284	# Ticket #1338: Make sure authentication works in the presence of an AS
sl@0	2285	# clause.
sl@0	2286	#
sl@0	2287	do_test auth-5.1 {
sl@0	2288	proc auth {code arg1 arg2 arg3 arg4} {
sl@0	2289	return SQLITE_OK
sl@0	2290	}
sl@0	2291	execsql {
sl@0	2292	SELECT count(a) AS cnt FROM t4 ORDER BY cnt
sl@0	2293	}
sl@0	2294	} {1}
sl@0	2295
sl@0	2296	# Ticket #1607
sl@0	2297	#
sl@0	2298	ifcapable compound&&subquery {
sl@0	2299	ifcapable trigger {
sl@0	2300	execsql {
sl@0	2301	DROP TABLE tx;
sl@0	2302	}
sl@0	2303	ifcapable view {
sl@0	2304	execsql {
sl@0	2305	DROP TABLE v1chng;
sl@0	2306	}
sl@0	2307	}
sl@0	2308	}
sl@0	2309	do_test auth-5.2 {
sl@0	2310	execsql {
sl@0	2311	SELECT name FROM (
sl@0	2312	SELECT * FROM sqlite_master UNION ALL SELECT * FROM sqlite_temp_master)
sl@0	2313	WHERE type='table'
sl@0	2314	ORDER BY name
sl@0	2315	}
sl@0	2316	} {sqlite_stat1 t1 t2 t3 t4}
sl@0	2317	}
sl@0	2318
sl@0	2319
sl@0	2320	rename proc {}
sl@0	2321	rename proc_real proc
sl@0	2322
sl@0	2323
sl@0	2324	finish_test

author	sl@SLION-WIN7.fritz.box
	Fri, 15 Jun 2012 03:10:57 +0200
changeset 0	bde4ae8d615e
permissions	-rw-r--r--