Add authorization callbacks for REINDEX. (CVS 2148)

FossilOrigin-Name: 9f0d744ee4d99f44e88c6f799821791c3b5f31b6

manifest

@@ -1,5 +1,5 @@
-C Include\sthe\s'FOR'\skeyword\sin\sbuilds\sthat\sinclude\scursors\sbut\snot\striggers.\s(CVS\s2147)
-D 2004-11-23T12:24:13
+C Add\sauthorization\scallbacks\sfor\sREINDEX.\s(CVS\s2148)
+D 2004-11-23T15:41:16
 F Makefile.in 8291610f5839939a5fbff4dbbf85adb0fe1ac37f
 F Makefile.linux-gcc a9e5a0d309fa7c38e7c14d3ecf7690879d3a5457
 F README a01693e454a00cc117967e3f9fdab2d4d52e9bc1
@@ -31,7 +31,7 @@ F src/attach.c e49d09dad9f5f9fb10b4b0c1be5a70ae4c45e689
 F src/auth.c 3b81f2a42f48a62c2c9c9b0eda31a157c681edea
 F src/btree.c fa113d624d38bcb36700a0244b47f39d57d34efb
 F src/btree.h 861e40b759a195ba63819740e484390012cf81ab
-F src/build.c b62389de594d0b413068d6e067794249a1f1d209
+F src/build.c cbfb818055aacb2d53fbb7c801d8815439395f3f
 F src/cursor.c f883813759742068890b1f699335872bfa8fdf41
 F src/date.c 65536e7ea04fdde6e0551264fca15966966e171f
 F src/delete.c 9083377a4c5b152b4466021592f32e3e8a3819e3
@@ -61,10 +61,10 @@ F src/printf.c 3d20b21cfecadacecac3fb7274e746cb81d3d357
 F src/random.c eff68e3f257e05e81eae6c4d50a51eb88beb4ff3
 F src/select.c 36cc9da999596578566e167d310e99f2005a7f03
 F src/shell.c e8f4f486cbf6e60d81173146ac8a6522c930fa51
-F src/sqlite.h.in 6d0e82c24ef3f84a10b468119f3943a5dfc806c7
+F src/sqlite.h.in f4a0e527c84281aef7aaa5afb027b00159c97f71
 F src/sqliteInt.h 1dc643cf84f1d83bd45e314f724bb824ee24c000
 F src/table.c 25b3ff2b39b7d87e8d4a5da0713d68dfc06cbee9
-F src/tclsqlite.c 7f1a1a678140e6901c8954590ca2aabe50b48f71
+F src/tclsqlite.c 4a9dad39dc41e959eefe3117670ac1aa45a353c2
 F src/test1.c b7d94c54e58f95452387a5cabdf98b2be8059f29
 F src/test2.c b11fa244fff02190707dd0879987c37c75e61fc8
 F src/test3.c 6f1ec93e13632a004b527049535079eda84c459d
@@ -88,7 +88,7 @@ F test/alter.test 95c57a4f461fa81293e0dccef7f83889aadb169a
 F test/attach.test f39069efd4394422798f249df9a31489aa941ee1
 F test/attach2.test eeb987770f4dbe68bd29afdbc2e8cff0142e6eb5
 F test/attach3.test c05c70b933afbde0901dab9da3e66ee842c09f38
-F test/auth.test ecc43fc5605ec562ef73874aa803d18c12d20fa6
+F test/auth.test 559e0816b8100740624ebb0ab7aab05f5c92831c
 F test/autoinc.test c071e51ff167b8e889212273588d9cca71845b70
 F test/autovacuum.test a4e8da39a6268378c4f9fc17fe2df1d5be16d631
 F test/autovacuum_crash.test 2dca85cbcc497098e45e8847c86407eb3554f3d4
@@ -261,7 +261,7 @@ F www/tclsqlite.tcl 560ecd6a916b320e59f2917317398f3d59b7cc25
 F www/vdbe.tcl 095f106d93875c94b47367384ebc870517431618
 F www/version3.tcl 092a01f5ef430d2c4acc0ae558d74c4bb89638a0
 F www/whentouse.tcl fdacb0ba2d39831e8a6240d05a490026ad4c4e4c
-P ff20c623c64d67b19c13c4fd3afe8ea137bb8a0b
-R 1a54f4a7a14ebb3a3e2ebffc4a746ce3
+P 3053d82d7192ff77ff5f1fee143d784d5d51772a
+R a49bc02d1fdd0d416a9fe44ea293a6c3
 U danielk1977
-Z d9f7778c5acda6b87511801083905cea
+Z 84fb8419b6155b0b4da06bd874aa57f4

manifest.uuid

@@ -1 +1 @@
-3053d82d7192ff77ff5f1fee143d784d5d51772a
+9f0d744ee4d99f44e88c6f799821791c3b5f31b6

src/build.c

@@ -22,7 +22,7 @@
 **     COMMIT
 **     ROLLBACK
 **
-** $Id: build.c,v 1.286 2004/11/22 11:51:13 danielk1977 Exp $
+** $Id: build.c,v 1.287 2004/11/23 15:41:16 danielk1977 Exp $
 */
 #include "sqliteInt.h"
 #include <ctype.h>
@@ -2039,6 +2039,13 @@ static void sqlite3RefillIndex(Parse *pParse, Index *pIndex, int memRootPage){
   Vdbe *v;                       /* Generate code into this virtual machine */
   int isUnique;                  /* True for a unique index */
 
+#ifndef SQLITE_OMIT_AUTHORIZATION
+  if( sqlite3AuthCheck(pParse, SQLITE_REINDEX, pIndex->zName, 0,
+      pParse->db->aDb[pIndex->iDb].zName ) ){
+    return;
+  }
+#endif
+
   v = sqlite3GetVdbe(pParse);
   if( v==0 ) return;
   if( memRootPage>=0 ){

src/sqlite.h.in

@@ -12,7 +12,7 @@
 ** This header file defines the interface that the SQLite library
 ** presents to client programs.
 **
-** @(#) $Id: sqlite.h.in,v 1.123 2004/11/20 06:05:56 danielk1977 Exp $
+** @(#) $Id: sqlite.h.in,v 1.124 2004/11/23 15:41:16 danielk1977 Exp $
 */
 #ifndef _SQLITE3_H_
 #define _SQLITE3_H_
@@ -429,6 +429,7 @@ int sqlite3_set_authorizer(
 #define SQLITE_ATTACH               24   /* Filename        NULL            */
 #define SQLITE_DETACH               25   /* Database Name   NULL            */
 #define SQLITE_ALTER_TABLE          26   /* Database Name   Table Name      */
+#define SQLITE_REINDEX              27   /* Index Name      NULL            */
 
 
 /*

src/tclsqlite.c

@@ -11,7 +11,7 @@
 *************************************************************************
 ** A TCL Interface to SQLite
 **
-** $Id: tclsqlite.c,v 1.107 2004/11/12 15:53:37 danielk1977 Exp $
+** $Id: tclsqlite.c,v 1.108 2004/11/23 15:41:16 danielk1977 Exp $
 */
 #ifndef NO_TCL     /* Omit this whole file if TCL is unavailable */
 
@@ -288,6 +288,7 @@ static int auth_callback(
     case SQLITE_ATTACH            : zCode="SQLITE_ATTACH"; break;
     case SQLITE_DETACH            : zCode="SQLITE_DETACH"; break;
     case SQLITE_ALTER_TABLE       : zCode="SQLITE_ALTER_TABLE"; break;
+    case SQLITE_REINDEX           : zCode="SQLITE_REINDEX"; break;
     default                       : zCode="????"; break;
   }
   Tcl_DStringInit(&str);

test/auth.test

@@ -12,7 +12,7 @@
 # focus of this script is testing the ATTACH and DETACH commands
 # and related functionality.
 #
-# $Id: auth.test,v 1.24 2004/11/23 10:13:03 danielk1977 Exp $
+# $Id: auth.test,v 1.25 2004/11/23 15:41:17 danielk1977 Exp $
 #
 
 set testdir [file dirname $argv0]
@@ -1800,6 +1800,112 @@ catchsql {ALTER TABLE t2x RENAME TO t2}
 
 } ;# ifcapable altertable
 
+# Test the authorization callbacks for the REINDEX command.
+ifcapable reindex {
+
+proc auth {code args} {
+  if {$code=="SQLITE_REINDEX"} {
+    set ::authargs [concat $::authargs $args]
+  }
+  return SQLITE_OK
+}
+db authorizer auth
+do_test auth-1.281 {
+  execsql {
+    CREATE TABLE t3(a PRIMARY KEY, b, c);
+    CREATE INDEX t3_idx1 ON t3(c COLLATE BINARY);
+    CREATE INDEX t3_idx2 ON t3(b COLLATE NOCASE);
+  }
+} {}
+do_test auth-1.282 {
+  set ::authargs {}
+  execsql {
+    REINDEX t3_idx1;
+  }
+  set ::authargs
+} {t3_idx1 {} main {}}
+do_test auth-1.283 {
+  set ::authargs {}
+  execsql {
+    REINDEX BINARY;
+  }
+  set ::authargs
+} {t3_idx1 {} main {} sqlite_autoindex_t3_1 {} main {}}
+do_test auth-1.284 {
+  set ::authargs {}
+  execsql {
+    REINDEX NOCASE;
+  }
+  set ::authargs
+} {t3_idx2 {} main {}}
+do_test auth-1.285 {
+  set ::authargs {}
+  execsql {
+    REINDEX t3;
+  }
+  set ::authargs
+} {t3_idx2 {} main {} t3_idx1 {} main {} sqlite_autoindex_t3_1 {} main {}}
+do_test auth-1.286 {
+  execsql {
+    DROP TABLE t3;
+  }
+} {}
+do_test auth-1.287 {
+  execsql {
+    CREATE TEMP TABLE t3(a PRIMARY KEY, b, c);
+    CREATE INDEX t3_idx1 ON t3(c COLLATE BINARY);
+    CREATE INDEX t3_idx2 ON t3(b COLLATE NOCASE);
+  }
+} {}
+do_test auth-1.288 {
+  set ::authargs {}
+  execsql {
+    REINDEX temp.t3_idx1;
+  }
+  set ::authargs
+} {t3_idx1 {} temp {}}
+do_test auth-1.289 {
+  set ::authargs {}
+  execsql {
+    REINDEX BINARY;
+  }
+  set ::authargs
+} {t3_idx1 {} temp {} sqlite_autoindex_t3_1 {} temp {}}
+do_test auth-1.290 {
+  set ::authargs {}
+  execsql {
+    REINDEX NOCASE;
+  }
+  set ::authargs
+} {t3_idx2 {} temp {}}
+do_test auth-1.291 {
+  set ::authargs {}
+  execsql {
+    REINDEX temp.t3;
+  }
+  set ::authargs
+} {t3_idx2 {} temp {} t3_idx1 {} temp {} sqlite_autoindex_t3_1 {} temp {}}
+proc auth {code args} {
+  if {$code=="SQLITE_REINDEX"} {
+    set ::authargs [concat $::authargs $args]
+    return SQLITE_DENY
+  }
+  return SQLITE_OK
+}
+do_test auth-1.292 {
+  set ::authargs {}
+  catchsql {
+    REINDEX temp.t3;
+  }
+} {1 {not authorized}}
+do_test auth-1.293 {
+  execsql {
+    DROP TABLE t3;
+  }
+} {}
+
+} ;# ifcapable reindex 
+
 
 do_test auth-2.1 {
   proc auth {code arg1 arg2 arg3 arg4} {