audlegacy: sqlite/auth.c annotate

annotate sqlite/auth.c @ 1566:e513069caf71 trunk

[svn] - pls and m3u is now fully modular

author	nenolod
date	Thu, 10 Aug 2006 20:44:47 -0700
parents	b6b61becdf4e
children

rev	line source
1434 b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	1 /*
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	2 ** 2003 January 11
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	3 **
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	4 ** The author disclaims copyright to this source code. In place of
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	5 ** a legal notice, here is a blessing:
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	6 **
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	7 ** May you do good and not evil.
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	8 ** May you find forgiveness for yourself and forgive others.
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	9 ** May you share freely, never taking more than you give.
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	10 **
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	11 *************************************************************************
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	12 ** This file contains code used to implement the sqlite3_set_authorizer()
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	13 ** API. This facility is an optional feature of the library. Embedded
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	14 ** systems that do not need this facility may omit it by recompiling
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	15 ** the library with -DSQLITE_OMIT_AUTHORIZATION=1
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	16 **
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	17 ** $Id: auth.c,v 1.24 2006/01/13 13:55:45 drh Exp $
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	18 */
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	19 #include "sqliteInt.h"
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	20
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	21 /*
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	22 ** All of the code in this file may be omitted by defining a single
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	23 ** macro.
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	24 */
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	25 #ifndef SQLITE_OMIT_AUTHORIZATION
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	26
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	27 /*
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	28 ** Set or clear the access authorization function.
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	29 **
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	30 ** The access authorization function is be called during the compilation
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	31 ** phase to verify that the user has read and/or write access permission on
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	32 ** various fields of the database. The first argument to the auth function
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	33 ** is a copy of the 3rd argument to this routine. The second argument
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	34 ** to the auth function is one of these constants:
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	35 **
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	36 ** SQLITE_CREATE_INDEX
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	37 ** SQLITE_CREATE_TABLE
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	38 ** SQLITE_CREATE_TEMP_INDEX
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	39 ** SQLITE_CREATE_TEMP_TABLE
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	40 ** SQLITE_CREATE_TEMP_TRIGGER
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	41 ** SQLITE_CREATE_TEMP_VIEW
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	42 ** SQLITE_CREATE_TRIGGER
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	43 ** SQLITE_CREATE_VIEW
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	44 ** SQLITE_DELETE
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	45 ** SQLITE_DROP_INDEX
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	46 ** SQLITE_DROP_TABLE
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	47 ** SQLITE_DROP_TEMP_INDEX
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	48 ** SQLITE_DROP_TEMP_TABLE
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	49 ** SQLITE_DROP_TEMP_TRIGGER
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	50 ** SQLITE_DROP_TEMP_VIEW
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	51 ** SQLITE_DROP_TRIGGER
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	52 ** SQLITE_DROP_VIEW
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	53 ** SQLITE_INSERT
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	54 ** SQLITE_PRAGMA
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	55 ** SQLITE_READ
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	56 ** SQLITE_SELECT
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	57 ** SQLITE_TRANSACTION
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	58 ** SQLITE_UPDATE
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	59 **
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	60 ** The third and fourth arguments to the auth function are the name of
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	61 ** the table and the column that are being accessed. The auth function
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	62 ** should return either SQLITE_OK, SQLITE_DENY, or SQLITE_IGNORE. If
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	63 ** SQLITE_OK is returned, it means that access is allowed. SQLITE_DENY
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	64 ** means that the SQL statement will never-run - the sqlite3_exec() call
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	65 ** will return with an error. SQLITE_IGNORE means that the SQL statement
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	66 ** should run but attempts to read the specified column will return NULL
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	67 ** and attempts to write the column will be ignored.
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	68 **
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	69 ** Setting the auth function to NULL disables this hook. The default
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	70 ** setting of the auth function is NULL.
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	71 */
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	72 int sqlite3_set_authorizer(
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	73 sqlite3 *db,
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	74 int (xAuth)(void,int,const char,const char,const char,const char),
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	75 void *pArg
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	76 ){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	77 db->xAuth = xAuth;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	78 db->pAuthArg = pArg;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	79 sqlite3ExpirePreparedStatements(db);
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	80 return SQLITE_OK;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	81 }
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	82
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	83 /*
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	84 ** Write an error message into pParse->zErrMsg that explains that the
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	85 ** user-supplied authorization function returned an illegal value.
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	86 */
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	87 static void sqliteAuthBadReturnCode(Parse *pParse, int rc){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	88 sqlite3ErrorMsg(pParse, "illegal return value (%d) from the "
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	89 "authorization function - should be SQLITE_OK, SQLITE_IGNORE, "
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	90 "or SQLITE_DENY", rc);
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	91 pParse->rc = SQLITE_ERROR;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	92 }
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	93
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	94 /*
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	95 ** The pExpr should be a TK_COLUMN expression. The table referred to
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	96 ** is in pTabList or else it is the NEW or OLD table of a trigger.
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	97 ** Check to see if it is OK to read this particular column.
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	98 **
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	99 ** If the auth function returns SQLITE_IGNORE, change the TK_COLUMN
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	100 ** instruction into a TK_NULL. If the auth function returns SQLITE_DENY,
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	101 ** then generate an error.
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	102 */
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	103 void sqlite3AuthRead(
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	104 Parse pParse, / The parser context */
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	105 Expr pExpr, / The expression to check authorization on */
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	106 SrcList pTabList / All table that pExpr might refer to */
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	107 ){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	108 sqlite3 *db = pParse->db;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	109 int rc;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	110 Table pTab; / The table being read */
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	111 const char zCol; / Name of the column of the table */
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	112 int iSrc; /* Index in pTabList->a[] of table being read */
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	113 const char zDBase; / Name of database being accessed */
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	114 TriggerStack pStack; / The stack of current triggers */
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	115 int iDb; /* The index of the database the expression refers to */
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	116
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	117 if( db->xAuth==0 ) return;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	118 if( pExpr->op==TK_AS ) return;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	119 assert( pExpr->op==TK_COLUMN );
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	120 iDb = sqlite3SchemaToIndex(pParse->db, pExpr->pSchema);
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	121 if( iDb<0 ){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	122 /* An attempt to read a column out of a subquery or other
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	123 ** temporary table. */
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	124 return;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	125 }
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	126 for(iSrc=0; pTabList && iSrc<pTabList->nSrc; iSrc++){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	127 if( pExpr->iTable==pTabList->a[iSrc].iCursor ) break;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	128 }
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	129 if( iSrc>=0 && pTabList && iSrc<pTabList->nSrc ){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	130 pTab = pTabList->a[iSrc].pTab;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	131 }else if( (pStack = pParse->trigStack)!=0 ){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	132 /* This must be an attempt to read the NEW or OLD pseudo-tables
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	133 ** of a trigger.
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	134 */
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	135 assert( pExpr->iTable==pStack->newIdx \|\| pExpr->iTable==pStack->oldIdx );
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	136 pTab = pStack->pTab;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	137 }else{
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	138 return;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	139 }
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	140 if( pTab==0 ) return;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	141 if( pExpr->iColumn>=0 ){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	142 assert( pExpr->iColumn<pTab->nCol );
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	143 zCol = pTab->aCol[pExpr->iColumn].zName;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	144 }else if( pTab->iPKey>=0 ){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	145 assert( pTab->iPKey<pTab->nCol );
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	146 zCol = pTab->aCol[pTab->iPKey].zName;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	147 }else{
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	148 zCol = "ROWID";
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	149 }
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	150 assert( iDb>=0 && iDb<db->nDb );
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	151 zDBase = db->aDb[iDb].zName;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	152 rc = db->xAuth(db->pAuthArg, SQLITE_READ, pTab->zName, zCol, zDBase,
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	153 pParse->zAuthContext);
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	154 if( rc==SQLITE_IGNORE ){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	155 pExpr->op = TK_NULL;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	156 }else if( rc==SQLITE_DENY ){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	157 if( db->nDb>2 \|\| iDb!=0 ){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	158 sqlite3ErrorMsg(pParse, "access to %s.%s.%s is prohibited",
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	159 zDBase, pTab->zName, zCol);
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	160 }else{
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	161 sqlite3ErrorMsg(pParse, "access to %s.%s is prohibited",pTab->zName,zCol);
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	162 }
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	163 pParse->rc = SQLITE_AUTH;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	164 }else if( rc!=SQLITE_OK ){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	165 sqliteAuthBadReturnCode(pParse, rc);
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	166 }
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	167 }
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	168
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	169 /*
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	170 ** Do an authorization check using the code and arguments given. Return
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	171 ** either SQLITE_OK (zero) or SQLITE_IGNORE or SQLITE_DENY. If SQLITE_DENY
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	172 ** is returned, then the error count and error message in pParse are
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	173 ** modified appropriately.
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	174 */
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	175 int sqlite3AuthCheck(
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	176 Parse *pParse,
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	177 int code,
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	178 const char *zArg1,
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	179 const char *zArg2,
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	180 const char *zArg3
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	181 ){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	182 sqlite3 *db = pParse->db;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	183 int rc;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	184
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	185 /* Don't do any authorization checks if the database is initialising. */
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	186 if( db->init.busy ){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	187 return SQLITE_OK;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	188 }
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	189
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	190 if( db->xAuth==0 ){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	191 return SQLITE_OK;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	192 }
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	193 rc = db->xAuth(db->pAuthArg, code, zArg1, zArg2, zArg3, pParse->zAuthContext);
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	194 if( rc==SQLITE_DENY ){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	195 sqlite3ErrorMsg(pParse, "not authorized");
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	196 pParse->rc = SQLITE_AUTH;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	197 }else if( rc!=SQLITE_OK && rc!=SQLITE_IGNORE ){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	198 rc = SQLITE_DENY;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	199 sqliteAuthBadReturnCode(pParse, rc);
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	200 }
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	201 return rc;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	202 }
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	203
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	204 /*
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	205 ** Push an authorization context. After this routine is called, the
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	206 ** zArg3 argument to authorization callbacks will be zContext until
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	207 ** popped. Or if pParse==0, this routine is a no-op.
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	208 */
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	209 void sqlite3AuthContextPush(
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	210 Parse *pParse,
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	211 AuthContext *pContext,
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	212 const char *zContext
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	213 ){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	214 pContext->pParse = pParse;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	215 if( pParse ){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	216 pContext->zAuthContext = pParse->zAuthContext;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	217 pParse->zAuthContext = zContext;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	218 }
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	219 }
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	220
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	221 /*
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	222 ** Pop an authorization context that was previously pushed
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	223 ** by sqlite3AuthContextPush
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	224 */
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	225 void sqlite3AuthContextPop(AuthContext *pContext){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	226 if( pContext->pParse ){
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	227 pContext->pParse->zAuthContext = pContext->zAuthContext;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	228 pContext->pParse = 0;
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	229 }
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	230 }
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	231
b6b61becdf4e [svn] - add sqlite/ directory nenolod parents: diff changeset	232 #endif /* SQLITE_OMIT_AUTHORIZATION */

Mercurial > audlegacy

annotate sqlite/auth.c @ 1566:e513069caf71 trunk