sqlite3 set_authorizer 方法有问题 [英] Trouble with sqlite3 set_authorizer method

问题描述

我正在尝试使用 Connection.set_authorizer 方法只允许使用连接对象进行某些数据库操作.(文档在这里)

I'm trying to use the Connection.set_authorizer method to only allow certain DB operations with a connection object. (The documentation is here)

我正在使用此代码进行测试:

I'm using this code to test:

import sqlite3 as sqlite

def select_authorizer(sqltype, arg1, arg2, dbname):  
    print("Test")  
    return sqlite.SQLITE_OK  #should allow all operations           

conn = sqlite.connect(":memory:")
conn.execute("CREATE TABLE A (name integer PRIMARY KEY AUTOINCREMENT)")
conn.set_authorizer(select_authorizer)
conn.execute("SELECT * FROM A").fetchall() #should still work

这给了我一个sqlite3.DatabaseError:未授权，没有打印出测试".我猜我可能错误地设置了我的授权人，它甚至没有调用它.(虽然错误消息肯定没有传达这一点)但是根据文档，这个设置看起来是正确的.

This gives me a sqlite3.DatabaseError: not authorized, without ever printing out "Test". I'm guessing I may have set up my authorizer wrong, and it's just failing to even call it. (Though the error message sure doesn't communicate that) But according to the documentation, this setup looks right.

将 sqlite.SQLITE_OKAY 更改为 sqlite.SQLITE_OK，但由于该方法似乎根本没有被调用，因此毫无帮助.

Changed sqlite.SQLITE_OKAY to sqlite.SQLITE_OK, but since the method doesn't seem to be called at all, not surprisingly that didn't help.

推荐答案

授权方回调接受 5 个参数，但你的只接受四个:

The authorizer callback takes 5 arguments, but yours only accepts four:

回调的第一个参数表示要授权的操作类型.第二个和第三个参数将是参数或 None 取决于第一个参数.如果适用，第四个参数是数据库的名称(main"、temp"等).第 5 个参数是负责访问尝试的最内层触发器或视图的名称，如果此访问尝试直接来自输入 SQL 代码，则为 None.

The first argument to the callback signifies what kind of operation is to be authorized. The second and third argument will be arguments or None depending on the first argument. The 4th argument is the name of the database ("main", "temp", etc.) if applicable. The 5th argument is the name of the inner-most trigger or view that is responsible for the access attempt or None if this access attempt is directly from input SQL code.

因此，签名应该是:

def select_authorizer(sqltype, arg1, arg2, dbname, source):

通常，在测试这样的回调时，使用 *args 通配符参数可以轻松测试:

Generally, when testing a callback like that, testing is made easy by using a *args wildcard parameter:

def select_authorizer(*args):
     print(args)
     return sqlite.SQLITE_OK

上面的回调打印出来:

(21, None, None, None, None)
(20, 'A', 'name', 'main', None)

当我运行你的测试时SELECT.

请参阅 SQLite set_authorizer 的 C 参考和操作代码参考，用于使用的各种常量.

See the C reference for SQLite set_authorizer and the action codes reference for the various constants used.

这篇关于sqlite3 set_authorizer 方法有问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！