bpo-44491: Allow clearing the sqlite3 authoriser callback (GH-26863)

author Erlend Egeberg Aasland <erlend.aasland@innova.no>

Thu, 24 Jun 2021 14:35:57 +0000 (16:35 +0200)

committer GitHub <noreply@github.com>

Thu, 24 Jun 2021 14:35:57 +0000 (15:35 +0100)
author Erlend Egeberg Aasland <erlend.aasland@innova.no>
Thu, 24 Jun 2021 14:35:57 +0000 (16:35 +0200)
committer GitHub <noreply@github.com>
Thu, 24 Jun 2021 14:35:57 +0000 (15:35 +0100)
diff --git a/Doc/library/sqlite3.rst b/Doc/library/sqlite3.rst

index 4010e1a4daff27560d6dfaa6645e052552f7aff5..33cb13e9784c3f87587cb499ba9061d97419bfd2 100644 (file)
--- a/Doc/library/sqlite3.rst
+++ b/Doc/library/sqlite3.rst
@@ -430,6 +430,11 @@ Connection Objects
        argument and the meaning of the second and third argument depending on the first
        one. All necessary constants are available in the :mod:`sqlite3` module.
  
+      Passing :const:`None` as *authorizer_callback* will disable the authorizer.
+
+      .. versionchanged:: 3.11
+         Added support for disabling the authorizer using :const:`None`.
+
  
     .. method:: set_progress_handler(handler, n)
  
diff --git a/Doc/whatsnew/3.11.rst b/Doc/whatsnew/3.11.rst

index 50d91a0adc141b50c46a84b922620f87c05834cb..cc88c4166ec1af21f1a36c656251a67c1dc687f7 100644 (file)
--- a/Doc/whatsnew/3.11.rst
+++ b/Doc/whatsnew/3.11.rst
@@ -106,6 +106,14 @@ math
    Dickinson in :issue:`44339`.)
  
  
+sqlite3
+-------
+
+* You can now disable the authorizer by passing :const:`None` to
+  :meth:`~sqlite3.Connection.set_authorizer`.
+  (Contributed by Erlend E. Aasland in :issue:`44491`.)
+
+
  Removed
  =======
  * :class:`smtpd.MailmanProxy` is now removed as it is unusable without
diff --git a/Lib/sqlite3/test/dbapi.py b/Lib/sqlite3/test/dbapi.py

index 1a4b44188bd418a53299e74e933288cffc9842e6..20cca33e23834bd0446e8b54eb19d87b9b63aa37 100644 (file)
--- a/Lib/sqlite3/test/dbapi.py
+++ b/Lib/sqlite3/test/dbapi.py
@@ -652,6 +652,7 @@ class ThreadTests(unittest.TestCase):
              lambda: self.con.rollback(),
              lambda: self.con.close(),
              lambda: self.con.set_trace_callback(None),
+            lambda: self.con.set_authorizer(None),
              lambda: self.con.create_collation("foo", None),
          ]
          for fn in fns:
diff --git a/Lib/sqlite3/test/userfunctions.py b/Lib/sqlite3/test/userfunctions.py

index dc900f6486f4951b7129c54b1d577a18512e5651..1ed090e3d92568f3148fa5bfdbec33875d7ed2dc 100644 (file)
--- a/Lib/sqlite3/test/userfunctions.py
+++ b/Lib/sqlite3/test/userfunctions.py
@@ -522,6 +522,12 @@ class AuthorizerTests(unittest.TestCase):
              self.con.execute("select c2 from t1")
          self.assertIn('prohibited', str(cm.exception))
  
+    def test_clear_authorizer(self):
+        self.con.set_authorizer(None)
+        self.con.execute("select * from t2")
+        self.con.execute("select c2 from t1")
+
+
  class AuthorizerRaiseExceptionTests(AuthorizerTests):
      @staticmethod
      def authorizer_cb(action, arg1, arg2, dbname, source):
diff --git a/Misc/NEWS.d/next/Library/2021-06-23-01-33-01.bpo-44491.tiOlr5.rst b/Misc/NEWS.d/next/Library/2021-06-23-01-33-01.bpo-44491.tiOlr5.rst

new file mode 100644 (file)

index 0000000..aa25052
--- /dev/null
+++ b/Misc/NEWS.d/next/Library/2021-06-23-01-33-01.bpo-44491.tiOlr5.rst
@@ -0,0 +1,3 @@
+Allow clearing the :mod:`sqlite3` authorizer callback by passing
+:const:``None`` to :meth:`~sqlite3.Connection.set_authorizer`. Patch by
+Erlend E. Aasland.
diff --git a/Modules/_sqlite/connection.c b/Modules/_sqlite/connection.c

index 3e12679cd14c0a1209ca91055dc1526afe82a4d3..6e7101ade91060204be9db9c9f65962b488e7e5a 100644 (file)
--- a/Modules/_sqlite/connection.c
+++ b/Modules/_sqlite/connection.c
@@ -1053,20 +1053,24 @@ pysqlite_connection_set_authorizer_impl(pysqlite_Connection *self,
                                          PyObject *authorizer_cb)
  /*[clinic end generated code: output=f18ba575d788b35c input=df079724c020d2f2]*/
  {
-    int rc;
-
      if (!pysqlite_check_thread(self) || !pysqlite_check_connection(self)) {
          return NULL;
      }
  
-    rc = sqlite3_set_authorizer(self->db, _authorizer_callback, (void*)authorizer_cb);
+    int rc;
+    if (authorizer_cb == Py_None) {
+        rc = sqlite3_set_authorizer(self->db, NULL, NULL);
+        Py_XSETREF(self->function_pinboard_authorizer_cb, NULL);
+    }
+    else {
+        Py_INCREF(authorizer_cb);
+        Py_XSETREF(self->function_pinboard_authorizer_cb, authorizer_cb);
+        rc = sqlite3_set_authorizer(self->db, _authorizer_callback, authorizer_cb);
+    }
      if (rc != SQLITE_OK) {
          PyErr_SetString(pysqlite_OperationalError, "Error setting authorizer callback");
          Py_XSETREF(self->function_pinboard_authorizer_cb, NULL);
          return NULL;
-    } else {
-        Py_INCREF(authorizer_cb);
-        Py_XSETREF(self->function_pinboard_authorizer_cb, authorizer_cb);
      }
      Py_RETURN_NONE;
  }
author	Erlend Egeberg Aasland <erlend.aasland@innova.no>
	Thu, 24 Jun 2021 14:35:57 +0000 (16:35 +0200)
committer	GitHub <noreply@github.com>
	Thu, 24 Jun 2021 14:35:57 +0000 (15:35 +0100)
Doc/library/sqlite3.rst		patch \| blob \| blame \| history
Doc/whatsnew/3.11.rst		patch \| blob \| blame \| history
Lib/sqlite3/test/dbapi.py		patch \| blob \| blame \| history
Lib/sqlite3/test/userfunctions.py		patch \| blob \| blame \| history
Misc/NEWS.d/next/Library/2021-06-23-01-33-01.bpo-44491.tiOlr5.rst	[new file with mode: 0644]	patch \| blob
Modules/_sqlite/connection.c		patch \| blob \| blame \| history