engine/sqlite/src/auth.cpp
author skip
Thu, 25 Feb 2010 14:29:19 +0000
changeset 2 29cda98b007e
permissions -rw-r--r--
Initial import of Podcatcher from the Bergamot project
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
2
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
     1
/*
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
     2
** 2003 January 11
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
     3
**
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
     4
** The author disclaims copyright to this source code.  In place of
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
     5
** a legal notice, here is a blessing:
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
     6
**
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
     7
**    May you do good and not evil.
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
     8
**    May you find forgiveness for yourself and forgive others.
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
     9
**    May you share freely, never taking more than you give.
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    10
**
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    11
*************************************************************************
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    12
** This file contains code used to implement the sqlite3_set_authorizer()
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    13
** API.  This facility is an optional feature of the library.  Embedded
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    14
** systems that do not need this facility may omit it by recompiling
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    15
** the library with -DSQLITE_OMIT_AUTHORIZATION=1
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    16
**
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    17
** $Id: auth.cpp 1282 2008-11-13 09:31:33Z LarsPson $
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    18
*/
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    19
#include "sqliteInt.h"
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    20
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    21
/*
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    22
** All of the code in this file may be omitted by defining a single
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    23
** macro.
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    24
*/
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    25
#ifndef SQLITE_OMIT_AUTHORIZATION
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    26
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    27
/*
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    28
** Set or clear the access authorization function.
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    29
**
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    30
** The access authorization function is be called during the compilation
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    31
** phase to verify that the user has read and/or write access permission on
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    32
** various fields of the database.  The first argument to the auth function
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    33
** is a copy of the 3rd argument to this routine.  The second argument
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    34
** to the auth function is one of these constants:
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    35
**
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    36
**       SQLITE_CREATE_INDEX
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    37
**       SQLITE_CREATE_TABLE
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    38
**       SQLITE_CREATE_TEMP_INDEX
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    39
**       SQLITE_CREATE_TEMP_TABLE
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    40
**       SQLITE_CREATE_TEMP_TRIGGER
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    41
**       SQLITE_CREATE_TEMP_VIEW
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    42
**       SQLITE_CREATE_TRIGGER
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    43
**       SQLITE_CREATE_VIEW
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    44
**       SQLITE_DELETE
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    45
**       SQLITE_DROP_INDEX
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    46
**       SQLITE_DROP_TABLE
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    47
**       SQLITE_DROP_TEMP_INDEX
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    48
**       SQLITE_DROP_TEMP_TABLE
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    49
**       SQLITE_DROP_TEMP_TRIGGER
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    50
**       SQLITE_DROP_TEMP_VIEW
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    51
**       SQLITE_DROP_TRIGGER
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    52
**       SQLITE_DROP_VIEW
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    53
**       SQLITE_INSERT
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    54
**       SQLITE_PRAGMA
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    55
**       SQLITE_READ
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    56
**       SQLITE_SELECT
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    57
**       SQLITE_TRANSACTION
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    58
**       SQLITE_UPDATE
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    59
**
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    60
** The third and fourth arguments to the auth function are the name of
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    61
** the table and the column that are being accessed.  The auth function
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    62
** should return either SQLITE_OK, SQLITE_DENY, or SQLITE_IGNORE.  If
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    63
** SQLITE_OK is returned, it means that access is allowed.  SQLITE_DENY
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    64
** means that the SQL statement will never-run - the sqlite3_exec() call
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    65
** will return with an error.  SQLITE_IGNORE means that the SQL statement
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    66
** should run but attempts to read the specified column will return NULL
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    67
** and attempts to write the column will be ignored.
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    68
**
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    69
** Setting the auth function to NULL disables this hook.  The default
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    70
** setting of the auth function is NULL.
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    71
*/
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    72
EXPORT_C int sqlite3_set_authorizer(
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    73
  sqlite3 *db,
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    74
  int (*xAuth)(void*,int,const char*,const char*,const char*,const char*),
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    75
  void *pArg
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    76
){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    77
  sqlite3_mutex_enter(db->mutex);
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    78
  db->xAuth = xAuth;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    79
  db->pAuthArg = pArg;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    80
  sqlite3ExpirePreparedStatements(db);
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    81
  sqlite3_mutex_leave(db->mutex);
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    82
  return SQLITE_OK;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    83
}
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    84
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    85
/*
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    86
** Write an error message into pParse->zErrMsg that explains that the
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    87
** user-supplied authorization function returned an illegal value.
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    88
*/
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    89
static void sqliteAuthBadReturnCode(Parse *pParse, int rc){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    90
  sqlite3ErrorMsg(pParse, "illegal return value (%d) from the "
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    91
    "authorization function - should be SQLITE_OK, SQLITE_IGNORE, "
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    92
    "or SQLITE_DENY", rc);
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    93
  pParse->rc = SQLITE_ERROR;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    94
}
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    95
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    96
/*
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    97
** The pExpr should be a TK_COLUMN expression.  The table referred to
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    98
** is in pTabList or else it is the NEW or OLD table of a trigger.  
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
    99
** Check to see if it is OK to read this particular column.
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   100
**
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   101
** If the auth function returns SQLITE_IGNORE, change the TK_COLUMN 
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   102
** instruction into a TK_NULL.  If the auth function returns SQLITE_DENY,
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   103
** then generate an error.
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   104
*/
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   105
void sqlite3AuthRead(
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   106
  Parse *pParse,        /* The parser context */
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   107
  Expr *pExpr,          /* The expression to check authorization on */
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   108
  Schema *pSchema,      /* The schema of the expression */
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   109
  SrcList *pTabList     /* All table that pExpr might refer to */
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   110
){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   111
  sqlite3 *db = pParse->db;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   112
  int rc;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   113
  Table *pTab = 0;      /* The table being read */
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   114
  const char *zCol;     /* Name of the column of the table */
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   115
  int iSrc;             /* Index in pTabList->a[] of table being read */
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   116
  const char *zDBase;   /* Name of database being accessed */
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   117
  TriggerStack *pStack; /* The stack of current triggers */
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   118
  int iDb;              /* The index of the database the expression refers to */
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   119
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   120
  if( db->xAuth==0 ) return;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   121
  if( pExpr->op!=TK_COLUMN ) return;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   122
  iDb = sqlite3SchemaToIndex(pParse->db, pSchema);
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   123
  if( iDb<0 ){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   124
    /* An attempt to read a column out of a subquery or other
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   125
    ** temporary table. */
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   126
    return;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   127
  }
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   128
  for(iSrc=0; pTabList && iSrc<pTabList->nSrc; iSrc++){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   129
    if( pExpr->iTable==pTabList->a[iSrc].iCursor ) break;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   130
  }
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   131
  if( iSrc>=0 && pTabList && iSrc<pTabList->nSrc ){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   132
    pTab = pTabList->a[iSrc].pTab;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   133
  }else if( (pStack = pParse->trigStack)!=0 ){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   134
    /* This must be an attempt to read the NEW or OLD pseudo-tables
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   135
    ** of a trigger.
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   136
    */
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   137
    assert( pExpr->iTable==pStack->newIdx || pExpr->iTable==pStack->oldIdx );
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   138
    pTab = pStack->pTab;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   139
  }
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   140
  if( pTab==0 ) return;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   141
  if( pExpr->iColumn>=0 ){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   142
    assert( pExpr->iColumn<pTab->nCol );
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   143
    zCol = pTab->aCol[pExpr->iColumn].zName;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   144
  }else if( pTab->iPKey>=0 ){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   145
    assert( pTab->iPKey<pTab->nCol );
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   146
    zCol = pTab->aCol[pTab->iPKey].zName;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   147
  }else{
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   148
    zCol = "ROWID";
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   149
  }
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   150
  assert( iDb>=0 && iDb<db->nDb );
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   151
  zDBase = db->aDb[iDb].zName;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   152
  rc = db->xAuth(db->pAuthArg, SQLITE_READ, pTab->zName, zCol, zDBase, 
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   153
                 pParse->zAuthContext);
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   154
  if( rc==SQLITE_IGNORE ){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   155
    pExpr->op = TK_NULL;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   156
  }else if( rc==SQLITE_DENY ){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   157
    if( db->nDb>2 || iDb!=0 ){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   158
      sqlite3ErrorMsg(pParse, "access to %s.%s.%s is prohibited", 
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   159
         zDBase, pTab->zName, zCol);
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   160
    }else{
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   161
      sqlite3ErrorMsg(pParse, "access to %s.%s is prohibited",pTab->zName,zCol);
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   162
    }
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   163
    pParse->rc = SQLITE_AUTH;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   164
  }else if( rc!=SQLITE_OK ){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   165
    sqliteAuthBadReturnCode(pParse, rc);
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   166
  }
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   167
}
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   168
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   169
/*
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   170
** Do an authorization check using the code and arguments given.  Return
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   171
** either SQLITE_OK (zero) or SQLITE_IGNORE or SQLITE_DENY.  If SQLITE_DENY
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   172
** is returned, then the error count and error message in pParse are
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   173
** modified appropriately.
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   174
*/
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   175
int sqlite3AuthCheck(
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   176
  Parse *pParse,
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   177
  int code,
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   178
  const char *zArg1,
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   179
  const char *zArg2,
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   180
  const char *zArg3
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   181
){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   182
  sqlite3 *db = pParse->db;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   183
  int rc;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   184
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   185
  /* Don't do any authorization checks if the database is initialising
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   186
  ** or if the parser is being invoked from within sqlite3_declare_vtab.
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   187
  */
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   188
  if( db->init.busy || IN_DECLARE_VTAB ){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   189
    return SQLITE_OK;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   190
  }
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   191
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   192
  if( db->xAuth==0 ){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   193
    return SQLITE_OK;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   194
  }
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   195
  rc = db->xAuth(db->pAuthArg, code, zArg1, zArg2, zArg3, pParse->zAuthContext);
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   196
  if( rc==SQLITE_DENY ){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   197
    sqlite3ErrorMsg(pParse, "not authorized");
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   198
    pParse->rc = SQLITE_AUTH;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   199
  }else if( rc!=SQLITE_OK && rc!=SQLITE_IGNORE ){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   200
    rc = SQLITE_DENY;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   201
    sqliteAuthBadReturnCode(pParse, rc);
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   202
  }
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   203
  return rc;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   204
}
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   205
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   206
/*
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   207
** Push an authorization context.  After this routine is called, the
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   208
** zArg3 argument to authorization callbacks will be zContext until
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   209
** popped.  Or if pParse==0, this routine is a no-op.
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   210
*/
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   211
void sqlite3AuthContextPush(
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   212
  Parse *pParse,
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   213
  AuthContext *pContext, 
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   214
  const char *zContext
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   215
){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   216
  pContext->pParse = pParse;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   217
  if( pParse ){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   218
    pContext->zAuthContext = pParse->zAuthContext;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   219
    pParse->zAuthContext = zContext;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   220
  }
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   221
}
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   222
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   223
/*
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   224
** Pop an authorization context that was previously pushed
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   225
** by sqlite3AuthContextPush
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   226
*/
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   227
void sqlite3AuthContextPop(AuthContext *pContext){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   228
  if( pContext->pParse ){
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   229
    pContext->pParse->zAuthContext = pContext->zAuthContext;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   230
    pContext->pParse = 0;
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   231
  }
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   232
}
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   233
29cda98b007e Initial import of Podcatcher from the Bergamot project
skip
parents:
diff changeset
   234
#endif /* SQLITE_OMIT_AUTHORIZATION */