When inserting a row into a child table, invoke the authorization callback to request permission to read the parent key columns.

FossilOrigin-Name: 9842f2d5f606eb8f641ecae9fbc5368b8d7e4286
author: dan <dan@noemail.net> 2009-10-02 14:23:41 +0000
committer: dan <dan@noemail.net> 2009-10-02 14:23:41 +0000
commit: 47a06346ffcbf5c26f04721e69e140aa671b8b35 (patch)
tree: 2cb0e03f26116d147f4a00d85bd646b2074bcb3d /src
parent: 1316700e54cf437f7189e74fadafda0d6db7965c (diff)
download: sqlite-47a06346ffcbf5c26f04721e69e140aa671b8b35.tar.gz
sqlite-47a06346ffcbf5c26f04721e69e140aa671b8b35.zip
3 files changed, 44 insertions, 18 deletions
diff --git a/src/auth.c b/src/auth.c
index ec3514257..042fc6615 100644
--- a/src/auth.c
+++ b/src/auth.c
@@ -92,6 +92,41 @@ static void sqliteAuthBadReturnCode(Parse *pParse){
 }
 
 /*
+** Invoke the authorization callback for permission to read column zCol from
+** table zTab in database zDb. This function assumes that an authorization
+** callback has been registered (i.e. that sqlite3.xAuth is not NULL).
+**
+** If SQLITE_IGNORE is returned and pExpr is not NULL, then pExpr is changed
+** to an SQL NULL expression. Otherwise, if pExpr is NULL, then SQLITE_IGNORE
+** is treated as SQLITE_DENY. In this case an error is left in pParse.
+*/
+void sqlite3AuthReadCol(
+  Parse *pParse,                  /* The parser context */
+  const char *zTab,               /* Table name */
+  const char *zCol,               /* Column name */
+  int iDb,                        /* Index of containing database. */
+  Expr *pExpr                     /* Optional expression */
+){
+  sqlite3 *db = pParse->db;       /* Database handle */
+  char *zDb = db->aDb[iDb].zName; /* Name of attached database */
+  int rc;                         /* Auth callback return code */
+
+  rc = db->xAuth(db->pAuthArg, SQLITE_READ, zTab,zCol,zDb,pParse->zAuthContext);
+  if( rc!=SQLITE_IGNORE && rc!=SQLITE_DENY && rc!=SQLITE_OK ){
+    sqliteAuthBadReturnCode(pParse);
+  }else if( rc==SQLITE_IGNORE && pExpr ){
+    pExpr->op = TK_NULL;
+  }else if( rc!=SQLITE_OK ){
+    if( db->nDb>2 || iDb!=0 ){
+      sqlite3ErrorMsg(pParse, "access to %s.%s.%s is prohibited",zDb,zTab,zCol);
+    }else{
+      sqlite3ErrorMsg(pParse, "access to %s.%s is prohibited", zTab, zCol);
+    }
+    pParse->rc = SQLITE_AUTH;
+  }
+}
+
+/*
 ** The pExpr should be a TK_COLUMN expression.  The table referred to
 ** is in pTabList or else it is the NEW or OLD table of a trigger.  
 ** Check to see if it is OK to read this particular column.
@@ -107,11 +142,9 @@ void sqlite3AuthRead(
   SrcList *pTabList     /* All table that pExpr might refer to */
 ){
   sqlite3 *db = pParse->db;
-  int rc;
   Table *pTab = 0;      /* The table being read */
   const char *zCol;     /* Name of the column of the table */
   int iSrc;             /* Index in pTabList->a[] of table being read */
-  const char *zDBase;   /* Name of database being accessed */
   int iDb;              /* The index of the database the expression refers to */
   int iCol;             /* Index of column in table */
 
@@ -148,22 +181,7 @@ void sqlite3AuthRead(
     zCol = "ROWID";
   }
   assert( iDb>=0 && iDb<db->nDb );
-  zDBase = db->aDb[iDb].zName;
-  rc = db->xAuth(db->pAuthArg, SQLITE_READ, pTab->zName, zCol, zDBase, 
-                 pParse->zAuthContext);
-  if( rc==SQLITE_IGNORE ){
-    pExpr->op = TK_NULL;
-  }else if( rc==SQLITE_DENY ){
-    if( db->nDb>2 || iDb!=0 ){
-      sqlite3ErrorMsg(pParse, "access to %s.%s.%s is prohibited", 
-         zDBase, pTab->zName, zCol);
-    }else{
-      sqlite3ErrorMsg(pParse, "access to %s.%s is prohibited",pTab->zName,zCol);
-    }
-    pParse->rc = SQLITE_AUTH;
-  }else if( rc!=SQLITE_OK ){
-    sqliteAuthBadReturnCode(pParse);
-  }
+  sqlite3AuthReadCol(pParse, pTab->zName, zCol, iDb, pExpr);
 }
 
 /*
diff --git a/src/fkey.c b/src/fkey.c
index 4d6a32ad6..dc5b4199c 100644
--- a/src/fkey.c
+++ b/src/fkey.c
@@ -732,6 +732,13 @@ void sqlite3FkCheck(
       if( aiCol[i]==pTab->iPKey ){
         aiCol[i] = -1;
       }
+#ifndef SQLITE_OMIT_AUTHORIZATION
+      /* Request permission to read the parent key columns. */
+      if( db->xAuth ){
+        char *zCol = pTo->aCol[pIdx ? pIdx->aiColumn[i] : pTo->iPKey].zName;
+        sqlite3AuthReadCol(pParse, pTo->zName, zCol, iDb, 0);
+      }
+#endif
     }
 
     /* Take a shared-cache advisory read-lock on the parent table. Allocate 
diff --git a/src/sqliteInt.h b/src/sqliteInt.h
index f97a81ca6..a82bbdfc8 100644
--- a/src/sqliteInt.h
+++ b/src/sqliteInt.h
@@ -2734,6 +2734,7 @@ void sqlite3DeferForeignKey(Parse*, int);
   int sqlite3AuthCheck(Parse*,int, const char*, const char*, const char*);
   void sqlite3AuthContextPush(Parse*, AuthContext*, const char*);
   void sqlite3AuthContextPop(AuthContext*);
+  void sqlite3AuthReadCol(Parse*, const char *, const char *, int, Expr *);
 #else
 # define sqlite3AuthRead(a,b,c,d)
 # define sqlite3AuthCheck(a,b,c,d,e)    SQLITE_OK
author	dan <dan@noemail.net>	2009-10-02 14:23:41 +0000
committer	dan <dan@noemail.net>	2009-10-02 14:23:41 +0000
commit	47a06346ffcbf5c26f04721e69e140aa671b8b35 (patch)
tree	2cb0e03f26116d147f4a00d85bd646b2074bcb3d /src
parent	1316700e54cf437f7189e74fadafda0d6db7965c (diff)
download	sqlite-47a06346ffcbf5c26f04721e69e140aa671b8b35.tar.gz sqlite-47a06346ffcbf5c26f04721e69e140aa671b8b35.zip