Arguments: |
The arguments sent to the callback method are:
code [required] |
One of the authorizer Authorizer Action Constants that specifies the particular action to be
authorized.
|
str1 [required] |
String 1 that contains additional details about the action to be authorized. The string varies depending on the
action that triggered the callback. See the table in the Remarks section for possible values.
|
str2 [required] |
String 2 that contains additional details about the action to be authorized. The string varies depending on the
action that triggered the callback. See the table in the Remarks section for possible values.
|
str3 [required] |
The Database Name of the database (main,temp, etc.,) if applicable. If not applicable, the empty string.
|
str4 [required] |
The name of the inner-most trigger or view that is responsible for the access attempt or the empty string if this
access attempt is directly from top-level SQL code.
|
userData [required] |
The user data object specified by the programmer as the third argument to thesetAuthorizermethod. If the programmer did not specify a user data argument, this will be the
.nilobject.
|
|
Return value: |
The programmer must return 1 of the 3 authorizer return code Authorizer Return Code Constants .
Any other reuturn will cause the instantiation of the The ooSQLiteStmt Class object to fail
with an error.
|
Remarks: |
At various points during the compilation process of a statement, as logic is being created to perform various actions,
the authorizer callback is invoked to see if those actions are allowed. In ooSQLite, the compilation process of a
statement takes place during the initialization of an new (Class method) object.
The authorizer callback should return OK to allow the action, IGNORE to disallow the specific action but allow the SQL
statement to continue to be compiled, or DENY to cause the entire SQL statement to be rejected with an error. If the
authorizer callback returns any value other than IGNORE, OK, or DENY then the instantiation of the
ooSQLiteStmtobject that triggered the authorizer will fail with an error lastErrMsg (Attribute) .
If the action code is READ and the callback returns IGNORE then the prepared statement statement is constructed to
substitute a NULL value in place of the table column that would have been read if OK had been returned. The IGNORE
return can be used to deny an untrusted user access to individual columns of a table. If the action code is DELETE and
the callback returns IGNORE then the DELETE operation proceeds but the truncate optimization is disabled and all rows
are deleted individually.
The callback method must not do anything that will modify the database connection that invoked the callback. Any actions
to modify the database connection must be deferred until after the completion of the step invocation that triggered the update hook to begin with. Running any other SQL
statements, including SELECT statements, or merely instantiating a new new (Class method)
object, or executing anotherstepmethod will modify the database connection.
The following table lists the values forstr1andstr2for each of the possible action codes, the value of thecodeargument
Code |
Str1 |
Str2 |
CREATE_INDEX |
Index Name |
Table Name |
CREATE_TABLE |
Table Name |
Empty String |
CREATE_TEMP_INDEX |
Index Name |
Table Name |
CREATE_TEMP_TABLE |
Table Name |
Empty String |
CREATE_TEMP_TRIGGER |
Trigger Name |
Table Name |
CREATE_TEMP_VIEW |
View Name |
Empty String |
CREATE_TRIGGER |
Trigger Name |
Table Name |
CREATE_VIEW |
View Name |
Empty String |
DELETE |
Table Name |
Empty String |
DROP_INDEX |
Index Name |
Table Name |
DROP_TABLE |
Table Name |
Empty String |
DROP_TEMP_INDEX |
Index Name |
Table Name |
DROP_TEMP_TABLE |
Table Name |
Empty String |
DROP_TEMP_TRIGGER |
Trigger Name |
Table Name |
DROP_TEMP_VIEW |
View Name |
Empty String |
DROP_TRIGGER |
Trigger Name |
Table Name |
DROP_VIEW |
View Name |
Empty String |
INSERT |
Table Name |
Empty String |
PRAGMA |
Pragma Name |
userData arg or Empty String |
READ |
Table Name |
Column Name |
SELECT |
Empty String |
Empty String |
TRANSACTION |
Operation |
Empty String |
UPDATE |
Table Name |
Column Name |
ATTACH |
Filename |
Empty String |
DETACH |
Database Name |
Empty String |
ALTER_TABLE |
Database Name |
Table Name |
REINDEX |
Index Name |
Empty String |
ANALYZE |
Table Name |
Empty String |
CREATE_VTABLE |
Table Name |
Module Name |
DROP_VTABLE |
Table Name |
Module Name |
FUNCTION |
Empty String |
Function Name |
SAVEPOINT |
Operation |
Savepoint Name |
|
Details: |
The implementation of anauthorizercallback method is is discussed on the SQLite
sqlite3_set_authorizer page.
|