/ Check-in [65c7bcc4]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Add the ".auth ON|OFF" command to the command-line shell.
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | trunk
Files: files | file ages | folders
SHA1: 65c7bcc42786a254966c531ba9062abb8fc8c5bf
User & Date: drh 2016-04-04 17:23:10
Context
2016-04-04
17:34
Improved handling of UTF8 by the command-line shell. check-in: 4534ebf1 user: drh tags: trunk
17:23
Add the ".auth ON|OFF" command to the command-line shell. check-in: 65c7bcc4 user: drh tags: trunk
16:40
Test that the view name is passed to the authorization callback when a SELECT statement is run on a view. check-in: 8627a4cd user: dan tags: trunk
Changes
Hide Diffs Side-by-Side Diffs Ignore Whitespace Patch

Changes to src/shell.c.

   883    883     UNUSED_PARAMETER(NotUsed);
   884    884     seenInterrupt++;
   885    885     if( seenInterrupt>2 ) exit(1);
   886    886     if( globalDb ) sqlite3_interrupt(globalDb);
   887    887   }
   888    888   #endif
   889    889   
          890  +/*
          891  +** When the ".auth ON" is set, the following authorizer callback is
          892  +** invoked.  It always returns SQLITE_OK.
          893  +*/
          894  +static int shellAuth(
          895  +  void *pClientData,
          896  +  int op,
          897  +  const char *zA1,
          898  +  const char *zA2,
          899  +  const char *zA3,
          900  +  const char *zA4
          901  +){
          902  +  ShellState *p = (ShellState*)pClientData;
          903  +  static const char *azAction[] = { 0,
          904  +     "CREATE_INDEX",         "CREATE_TABLE",         "CREATE_TEMP_INDEX",
          905  +     "CREATE_TEMP_TABLE",    "CREATE_TEMP_TRIGGER",  "CREATE_TEMP_VIEW",
          906  +     "CREATE_TRIGGER",       "CREATE_VIEW",          "DELETE",
          907  +     "DROP_INDEX",           "DROP_TABLE",           "DROP_TEMP_INDEX",
          908  +     "DROP_TEMP_TABLE",      "DROP_TEMP_TRIGGER",    "DROP_TEMP_VIEW",
          909  +     "DROP_TRIGGER",         "DROP_VIEW",            "INSERT",
          910  +     "PRAGMA",               "READ",                 "SELECT",
          911  +     "TRANSACTION",          "UPDATE",               "ATTACH",
          912  +     "DETACH",               "ALTER_TABLE",          "REINDEX",
          913  +     "ANALYZE",              "CREATE_VTABLE",        "DROP_VTABLE",
          914  +     "FUNCTION",             "SAVEPOINT",            "RECURSIVE"
          915  +  };
          916  +  int i;
          917  +  const char *az[4];
          918  +  az[0] = zA1;
          919  +  az[1] = zA2;
          920  +  az[2] = zA3;
          921  +  az[3] = zA4;
          922  +  raw_printf(p->out, "authorizer: %s", azAction[op]);
          923  +  for(i=0; i<4; i++){
          924  +    raw_printf(p->out, " ");
          925  +    if( az[i] ){
          926  +      output_c_string(p->out, az[i]);
          927  +    }else{
          928  +      raw_printf(p->out, "NULL");
          929  +    }
          930  +  }
          931  +  raw_printf(p->out, "\n");
          932  +  return SQLITE_OK;
          933  +}
          934  +  
          935  +
   890    936   /*
   891    937   ** This is the callback routine that the shell
   892    938   ** invokes for each row of a query result.
   893    939   */
   894    940   static int shell_callback(
   895    941     void *pArg,
   896    942     int nArg,        /* Number of result columns */
................................................................................
  1954   2000     return rc;
  1955   2001   }
  1956   2002   
  1957   2003   /*
  1958   2004   ** Text of a help message
  1959   2005   */
  1960   2006   static char zHelp[] =
         2007  +  ".auth ON|OFF           Show authorizer callbacks\n"
  1961   2008     ".backup ?DB? FILE      Backup DB (default \"main\") to FILE\n"
  1962   2009     ".bail on|off           Stop after hitting an error.  Default OFF\n"
  1963   2010     ".binary on|off         Turn binary output on or off.  Default OFF\n"
  1964   2011     ".changes on|off        Show number of rows changed by SQL\n"
  1965   2012     ".clone NEWDB           Clone data into NEWDB from the existing database\n"
  1966   2013     ".databases             List names and files of attached databases\n"
  1967   2014     ".dbinfo ?DB?           Show status information about the database\n"
................................................................................
  2919   2966     }
  2920   2967   
  2921   2968     /* Process the input line.
  2922   2969     */
  2923   2970     if( nArg==0 ) return 0; /* no tokens, no error */
  2924   2971     n = strlen30(azArg[0]);
  2925   2972     c = azArg[0][0];
         2973  +
         2974  +  if( c=='a' && strncmp(azArg[0], "auth", n)==0 ){
         2975  +    if( nArg!=2 ){
         2976  +      raw_printf(stderr, "Usage: .auth ON|OFF\n");
         2977  +      rc = 1;
         2978  +      goto meta_command_exit;
         2979  +    }
         2980  +    open_db(p, 0);
         2981  +    if( booleanValue(azArg[1]) ){
         2982  +      sqlite3_set_authorizer(p->db, shellAuth, p);
         2983  +    }else{
         2984  +      sqlite3_set_authorizer(p->db, 0, 0);
         2985  +    }
         2986  +  }else
         2987  +
  2926   2988     if( (c=='b' && n>=3 && strncmp(azArg[0], "backup", n)==0)
  2927   2989      || (c=='s' && n>=3 && strncmp(azArg[0], "save", n)==0)
  2928   2990     ){
  2929   2991       const char *zDestFile = 0;
  2930   2992       const char *zDb = 0;
  2931   2993       sqlite3 *pDest;
  2932   2994       sqlite3_backup *pBackup;