authorizerCallBack



The authorizerCallBack method is an example of a user callback method for the setAuthorizer method. Here the method name of authorizerCallBack is used, because it is the default method name if the programmer does not specify his own name in the setAuthorizer method. Any method name can be used by specifying it as the second argument to the setAuthorizer method.

Note: there is no authorizerCallBack method in any ooSQLite class. This method is just used to illustrate how to define a user callback method to be used with the set authorizer hook.

Arguments: The arguments sent to the callback method are:
code [required] One of the authorizer Authorizer Action Constants that specifies the particular action to be authorized.
str1 [required] String 1 that contains additional details about the action to be authorized. The string varies depending on the action that triggered the callback. See the table in the Remarks section for possible values.
str2 [required] String 2 that contains additional details about the action to be authorized. The string varies depending on the action that triggered the callback. See the table in the Remarks section for possible values.
str3 [required] The Database Name of the database (main,temp, etc.,) if applicable. If not applicable, the empty string.
str4 [required] The name of the inner-most trigger or view that is responsible for the access attempt or the empty string if this access attempt is directly from top-level SQL code.
userData [required] The user data object specified by the programmer as the third argument to thesetAuthorizermethod. If the programmer did not specify a user data argument, this will be the .nilobject.
Return value: The programmer must return 1 of the 3 authorizer return code Authorizer Return Code Constants . Any other reuturn will cause the instantiation of the The ooSQLiteStmt Class object to fail with an error.
Remarks: At various points during the compilation process of a statement, as logic is being created to perform various actions, the authorizer callback is invoked to see if those actions are allowed. In ooSQLite, the compilation process of a statement takes place during the initialization of an new (Class method) object. The authorizer callback should return OK to allow the action, IGNORE to disallow the specific action but allow the SQL statement to continue to be compiled, or DENY to cause the entire SQL statement to be rejected with an error. If the authorizer callback returns any value other than IGNORE, OK, or DENY then the instantiation of the ooSQLiteStmtobject that triggered the authorizer will fail with an error lastErrMsg (Attribute) . If the action code is READ and the callback returns IGNORE then the prepared statement statement is constructed to substitute a NULL value in place of the table column that would have been read if OK had been returned. The IGNORE return can be used to deny an untrusted user access to individual columns of a table. If the action code is DELETE and the callback returns IGNORE then the DELETE operation proceeds but the truncate optimization is disabled and all rows are deleted individually. The callback method must not do anything that will modify the database connection that invoked the callback. Any actions to modify the database connection must be deferred until after the completion of the step invocation that triggered the update hook to begin with. Running any other SQL statements, including SELECT statements, or merely instantiating a new new (Class method) object, or executing anotherstepmethod will modify the database connection. The following table lists the values forstr1andstr2for each of the possible action codes, the value of thecodeargument
Code Str1 Str2
CREATE_INDEX Index Name Table Name
CREATE_TABLE Table Name Empty String
CREATE_TEMP_INDEX Index Name Table Name
CREATE_TEMP_TABLE Table Name Empty String
CREATE_TEMP_TRIGGER Trigger Name Table Name
CREATE_TEMP_VIEW View Name Empty String
CREATE_TRIGGER Trigger Name Table Name
CREATE_VIEW View Name Empty String
DELETE Table Name Empty String
DROP_INDEX Index Name Table Name
DROP_TABLE Table Name Empty String
DROP_TEMP_INDEX Index Name Table Name
DROP_TEMP_TABLE Table Name Empty String
DROP_TEMP_TRIGGER Trigger Name Table Name
DROP_TEMP_VIEW View Name Empty String
DROP_TRIGGER Trigger Name Table Name
DROP_VIEW View Name Empty String
INSERT Table Name Empty String
PRAGMA Pragma Name userData arg or Empty String
READ Table Name Column Name
SELECT Empty String Empty String
TRANSACTION Operation Empty String
UPDATE Table Name Column Name
ATTACH Filename Empty String
DETACH Database Name Empty String
ALTER_TABLE Database Name Table Name
REINDEX Index Name Empty String
ANALYZE Table Name Empty String
CREATE_VTABLE Table Name Module Name
DROP_VTABLE Table Name Module Name
FUNCTION Empty String Function Name
SAVEPOINT Operation Savepoint Name
Details: The implementation of anauthorizercallback method is is discussed on the SQLite sqlite3_set_authorizer page.