sl@0: # 2006 Aug 24
sl@0: #
sl@0: # The author disclaims copyright to this source code.  In place of
sl@0: # a legal notice, here is a blessing:
sl@0: #
sl@0: #    May you do good and not evil.
sl@0: #    May you find forgiveness for yourself and forgive others.
sl@0: #    May you share freely, never taking more than you give.
sl@0: #
sl@0: #***********************************************************************
sl@0: # This file implements regression tests for SQLite library.  The
sl@0: # focus of this script is testing the sqlite3_set_authorizer() API
sl@0: # and related functionality.
sl@0: #
sl@0: # $Id: auth2.test,v 1.3 2008/07/02 13:13:53 danielk1977 Exp $
sl@0: #
sl@0: 
sl@0: set testdir [file dirname $argv0]
sl@0: source $testdir/tester.tcl
sl@0: 
sl@0: # disable this test if the SQLITE_OMIT_AUTHORIZATION macro is
sl@0: # defined during compilation.
sl@0: if {[catch {db auth {}} msg]} {
sl@0:   finish_test
sl@0:   return
sl@0: }
sl@0: 
sl@0: do_test auth2-1.1 {
sl@0:   execsql {
sl@0:     CREATE TABLE t1(a,b,c);
sl@0:     INSERT INTO t1 VALUES(1,2,3);
sl@0:   }
sl@0:   set ::flist {}
sl@0:   proc auth {code arg1 arg2 arg3 arg4} {
sl@0:     if {$code=="SQLITE_FUNCTION"} {
sl@0:       lappend ::flist $arg2
sl@0:       if {$arg2=="max"} {
sl@0:         return SQLITE_DENY
sl@0:       } elseif {$arg2=="min"} {
sl@0:         return SQLITE_IGNORE
sl@0:       } else {
sl@0:         return SQLITE_OK
sl@0:       }
sl@0:     }
sl@0:     return SQLITE_OK
sl@0:   }
sl@0:   db authorizer ::auth
sl@0:   catchsql {SELECT max(a,b,c) FROM t1}
sl@0: } {1 {not authorized to use function: max}}
sl@0: do_test auth2-1.2 {
sl@0:   set ::flist
sl@0: } max
sl@0: do_test auth2-1.3 {
sl@0:   set ::flist {}
sl@0:   catchsql {SELECT min(a,b,c) FROM t1}
sl@0: } {0 {{}}}
sl@0: do_test auth2-1.4 {
sl@0:   set ::flist
sl@0: } min
sl@0: do_test auth2-1.5 {
sl@0:   set ::flist {}
sl@0:   catchsql {SELECT coalesce(min(a,b,c),999) FROM t1}
sl@0: } {0 999}
sl@0: do_test auth2-1.6 {
sl@0:   set ::flist
sl@0: } {coalesce min}
sl@0: do_test auth2-1.7 {
sl@0:   set ::flist {}
sl@0:   catchsql {SELECT coalesce(a,b,c) FROM t1}
sl@0: } {0 1}
sl@0: do_test auth2-1.8 {
sl@0:   set ::flist
sl@0: } coalesce
sl@0: 
sl@0: # Make sure the authorizer is not called when parsing the schema
sl@0: # and when computing the result set of a view.
sl@0: #
sl@0: db close
sl@0: sqlite3 db test.db
sl@0: sqlite3 db2 test.db
sl@0: proc auth {args} {
sl@0:   global authargs
sl@0:   append authargs $args\n
sl@0:   return SQLITE_OK
sl@0: }
sl@0: db auth auth
sl@0: do_test auth2-2.1 {
sl@0:   set ::authargs {}
sl@0:   db eval {
sl@0:     CREATE TABLE t2(x,y,z);
sl@0:   }
sl@0:   set ::authargs
sl@0: } {SQLITE_INSERT sqlite_master {} main {}
sl@0: SQLITE_CREATE_TABLE t2 {} main {}
sl@0: SQLITE_UPDATE sqlite_master type main {}
sl@0: SQLITE_UPDATE sqlite_master name main {}
sl@0: SQLITE_UPDATE sqlite_master tbl_name main {}
sl@0: SQLITE_UPDATE sqlite_master rootpage main {}
sl@0: SQLITE_UPDATE sqlite_master sql main {}
sl@0: SQLITE_READ sqlite_master ROWID main {}
sl@0: SQLITE_READ sqlite_master name main {}
sl@0: SQLITE_READ sqlite_master rootpage main {}
sl@0: SQLITE_READ sqlite_master sql main {}
sl@0: SQLITE_READ sqlite_master tbl_name main {}
sl@0: }
sl@0: do_test auth2-2.2 {
sl@0:   set ::authargs {}
sl@0:   db eval {
sl@0:     CREATE VIEW v2 AS SELECT x+y AS a, y+z AS b from t2;
sl@0:   }
sl@0:   set ::authargs
sl@0: } {SQLITE_INSERT sqlite_master {} main {}
sl@0: SQLITE_CREATE_VIEW v2 {} main {}
sl@0: SQLITE_UPDATE sqlite_master type main {}
sl@0: SQLITE_UPDATE sqlite_master name main {}
sl@0: SQLITE_UPDATE sqlite_master tbl_name main {}
sl@0: SQLITE_UPDATE sqlite_master rootpage main {}
sl@0: SQLITE_UPDATE sqlite_master sql main {}
sl@0: SQLITE_READ sqlite_master ROWID main {}
sl@0: SQLITE_READ sqlite_master name main {}
sl@0: SQLITE_READ sqlite_master rootpage main {}
sl@0: SQLITE_READ sqlite_master sql main {}
sl@0: SQLITE_READ sqlite_master tbl_name main {}
sl@0: }
sl@0: do_test auth2-2.3 {
sl@0:   set ::authargs {}
sl@0:   db eval {
sl@0:     SELECT a, b FROM v2;
sl@0:   }
sl@0:   set ::authargs
sl@0: } {SQLITE_SELECT {} {} {} {}
sl@0: SQLITE_READ v2 a main {}
sl@0: SQLITE_READ v2 b main {}
sl@0: SQLITE_READ t2 x main v2
sl@0: SQLITE_READ t2 y main v2
sl@0: SQLITE_READ t2 y main v2
sl@0: SQLITE_READ t2 z main v2
sl@0: SQLITE_SELECT {} {} {} v2
sl@0: }
sl@0: do_test auth2-2.4 {
sl@0:   db2 eval {
sl@0:     CREATE TABLE t3(p,q,r);
sl@0:   }
sl@0:   set ::authargs {}
sl@0:   db eval {
sl@0:     SELECT b, a FROM v2;
sl@0:   }
sl@0:   set ::authargs
sl@0: } {SQLITE_SELECT {} {} {} {}
sl@0: SQLITE_READ v2 b main {}
sl@0: SQLITE_READ v2 a main {}
sl@0: SQLITE_READ t2 x main v2
sl@0: SQLITE_READ t2 y main v2
sl@0: SQLITE_READ t2 y main v2
sl@0: SQLITE_READ t2 z main v2
sl@0: SQLITE_SELECT {} {} {} v2
sl@0: SQLITE_SELECT {} {} {} {}
sl@0: SQLITE_READ v2 b main {}
sl@0: SQLITE_READ v2 a main {}
sl@0: SQLITE_READ t2 x main v2
sl@0: SQLITE_READ t2 y main v2
sl@0: SQLITE_READ t2 y main v2
sl@0: SQLITE_READ t2 z main v2
sl@0: SQLITE_SELECT {} {} {} v2
sl@0: }
sl@0: db2 close
sl@0: 
sl@0: finish_test