From: danielk1977 Date: Sat, 17 Jun 2006 06:31:18 +0000 (+0000) Subject: When updating a view, invoke the authorization callback for reading the view before... X-Git-Tag: version-3.6.10~2903 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4273deaec1415499cf3c9878cef4c1c35609cef9;p=thirdparty%2Fsqlite.git When updating a view, invoke the authorization callback for reading the view before setting the authorization-context to the view name. (CVS 3264) FossilOrigin-Name: 48d297c561b8d3d670ab425115ef50d1901523b6 --- diff --git a/manifest b/manifest index 0d48c41941..88c6ce227f 100644 --- a/manifest +++ b/manifest @@ -1,5 +1,5 @@ -C Fixes\sfor\sUPDATE\sstatements\son\svirtual\stables.\s(CVS\s3263) -D 2006-06-17T03:27:22 +C When\supdating\sa\sview,\sinvoke\sthe\sauthorization\scallback\sfor\sreading\sthe\sview\sbefore\ssetting\sthe\sauthorization-context\sto\sthe\sview\sname.\s(CVS\s3264) +D 2006-06-17T06:31:19 F Makefile.in f839b470345d3cb4b0644068474623fe2464b5d3 F Makefile.linux-gcc 2d8574d1ba75f129aba2019f0b959db380a90935 F README 9c4e2d6706bdcc3efdd773ce752a8cdab4f90028 @@ -93,7 +93,7 @@ F src/test_server.c a6460daed0b92ecbc2531b6dc73717470e7a648c F src/test_tclvar.c c52f67fbe06d32804af2ba9a2d7aadfc15f5910c F src/tokenize.c 6ebcafa6622839968dda4418a7b6945f277a128f F src/trigger.c 0fc40125820409a6274834a6e04ad804d96e2793 -F src/update.c 37fb7bb2c220c170ca7c0d0b42d1d6b33ecd0c40 +F src/update.c 81e8d54aa970e045f930cd5c918363f669db0420 F src/utf.c ab81ac59084ff1c07d421eb1a0a84ec809603b44 F src/util.c ca6ee72772c0f5dc04d2e0ab1973fd3b6a9bf79d F src/vacuum.c 5b37d0f436f8e1ffacd17934e44720b38d2247f9 @@ -120,7 +120,7 @@ F test/attach.test c616a88eab6b6fd99b7b2fcf449420f14628bc0b F test/attach2.test 0e6a7c54343c85dd877a1e86073a05176043ed40 F test/attach3.test fc0302e8fe9c172fb49e000227c19b5c428a9429 F test/attachmalloc.test cdb26c42850f04698377ccec05f5fa89d987837c -F test/auth.test 9776ab43de94801f0fa6787b3f3e803686ffa0ff +F test/auth.test b7db5241345bc6cb4164cdef2dd687576c4611d4 F test/autoinc.test 60005a676e3e4e17dfa9dbd08aa0b76587ff97e3 F test/autovacuum.test eee7e67d80f7839d11435660ae0a5566a9f7558c F test/autovacuum_crash.test 05a63b8805b20cfba7ace82856ce4ccdda075a31 @@ -368,7 +368,7 @@ F www/tclsqlite.tcl bb0d1357328a42b1993d78573e587c6dcbc964b9 F www/vdbe.tcl 87a31ace769f20d3627a64fa1fade7fed47b90d0 F www/version3.tcl 890248cf7b70e60c383b0e84d77d5132b3ead42b F www/whentouse.tcl 97e2b5cd296f7d8057e11f44427dea8a4c2db513 -P 2119e7bf5577350e4e1236ea729568085620a826 -R 62905f1f1c0b62dcb77e124d65c8ac57 +P 81c5a5b48b05186a1690198092ac92006d9f7020 +R 4bd1f7bb52bbedc6bf653776cdf0cb73 U danielk1977 -Z e81e11fc0bdc2a8704dbb42dcaace95a +Z 949ec801aa978076825007b5248ff956 diff --git a/manifest.uuid b/manifest.uuid index d8453a78a9..2ad6b3e455 100644 --- a/manifest.uuid +++ b/manifest.uuid @@ -1 +1 @@ -81c5a5b48b05186a1690198092ac92006d9f7020 \ No newline at end of file +48d297c561b8d3d670ab425115ef50d1901523b6 \ No newline at end of file diff --git a/src/update.c b/src/update.c index ca2cb260d4..d56dde4efa 100644 --- a/src/update.c +++ b/src/update.c @@ -12,7 +12,7 @@ ** This file contains C code routines that are called by the parser ** to handle UPDATE statements. ** -** $Id: update.c,v 1.128 2006/06/17 03:27:22 danielk1977 Exp $ +** $Id: update.c,v 1.129 2006/06/17 06:31:19 danielk1977 Exp $ */ #include "sqliteInt.h" @@ -253,12 +253,6 @@ void sqlite3Update( } } - /* Start the view context - */ - if( isView ){ - sqlite3AuthContextPush(pParse, &sContext, pTab->zName); - } - /* Begin generating code. */ v = sqlite3GetVdbe(pParse); @@ -284,6 +278,12 @@ void sqlite3Update( goto update_cleanup; } + /* Start the view context + */ + if( isView ){ + sqlite3AuthContextPush(pParse, &sContext, pTab->zName); + } + /* If we are trying to update a view, realize that view into ** a ephemeral table. */ diff --git a/test/auth.test b/test/auth.test index b09086ab92..70a8a0bb91 100644 --- a/test/auth.test +++ b/test/auth.test @@ -12,7 +12,7 @@ # focus of this script is testing the ATTACH and DETACH commands # and related functionality. # -# $Id: auth.test,v 1.34 2006/01/31 14:28:46 drh Exp $ +# $Id: auth.test,v 1.35 2006/06/17 06:31:19 danielk1977 Exp $ # set testdir [file dirname $argv0] @@ -2225,6 +2225,7 @@ do_test auth-4.2 { } {115 117} do_test auth-4.3 { set authargs {} +breakpoint execsql { UPDATE v1 SET x=1 WHERE x=117 }