int DatabaseAuthorizer::allowDelete(const String& tableName)
{
if (m_readOnly && m_securityEnabled)
return SQLAuthDeny;
return updateDeletesBasedOnTableName(tableName);
}
int DatabaseAuthorizer::allowDelete(const String& tableName)
{
if (!allowWrite())
return SQLAuthDeny;
return updateDeletesBasedOnTableName(tableName);
}
int DatabaseAuthorizer::dropTempTrigger(const String&, const String& tableName)
{
// SQLITE_DROP_TEMP_TRIGGER results in a DELETE operation, which is not
// allowed in read-only transactions or private browsing, so we might as
// well disallow SQLITE_DROP_TEMP_TRIGGER in these cases
if (!allowWrite())
return SQLAuthDeny;
return updateDeletesBasedOnTableName(tableName);
}
int DatabaseAuthorizer::dropTempIndex(const String&, const String& tableName)
{
// SQLITE_DROP_TEMP_INDEX should result in a DELETE operation, which is
// not allowed in read-only transactions or private browsing, so we might
// as well disallow SQLITE_DROP_TEMP_INDEX in these cases
if (!allowWrite())
return SQLAuthDeny;
return updateDeletesBasedOnTableName(tableName);
}
int DatabaseAuthorizer::dropTempTable(const String& tableName)
{
// SQLITE_DROP_TEMP_TABLE results in a DELETE operation, which is not
// allowed in read-only transactions or private browsing, so we might as
// well disallow SQLITE_DROP_TEMP_TABLE in these cases
if (m_readOnly && m_securityEnabled)
return SQLAuthDeny;
return updateDeletesBasedOnTableName(tableName);
}
int DatabaseAuthorizer::dropVTable(const String& tableName, const String& moduleName)
{
if (!allowWrite())
return SQLAuthDeny;
// Allow only the FTS3 extension
if (!equalIgnoringCase(moduleName, "fts3"))
return SQLAuthDeny;
return updateDeletesBasedOnTableName(tableName);
}
int DatabaseAuthorizer::dropVTable(const String& tableName, const String& moduleName)
{
if (m_readOnly && m_securityEnabled)
return SQLAuthDeny;
// Allow only the FTS3 extension
if (moduleName != "fts3")
return SQLAuthDeny;
return updateDeletesBasedOnTableName(tableName);
}
