bpo-44491: Allow clearing the sqlite3 authoriser callback (GH-26863)

2021-06-24 16:35:57 +02:00 · 2021-06-24 16:35:57 +02:00 · b19f455339
commit b19f455339
parent 18ba1ff6a4
6 changed files with 33 additions and 6 deletions
--- a/Doc/library/sqlite3.rst
+++ b/Doc/library/sqlite3.rst
@ -430,6 +430,11 @@ Connection Objects
      argument and the meaning of the second and third argument depending on the first
      one. All necessary constants are available in the :mod:`sqlite3` module.

+      Passing :const:`None` as *authorizer_callback* will disable the authorizer.
+
+      .. versionchanged:: 3.11
+         Added support for disabling the authorizer using :const:`None`.
+

   .. method:: set_progress_handler(handler, n)

--- a/Doc/whatsnew/3.11.rst
+++ b/Doc/whatsnew/3.11.rst
@ -106,6 +106,14 @@ math
  Dickinson in :issue:`44339`.)


+sqlite3
+-------
+
+* You can now disable the authorizer by passing :const:`None` to
+  :meth:`~sqlite3.Connection.set_authorizer`.
+  (Contributed by Erlend E. Aasland in :issue:`44491`.)
+
+
 Removed
 =======
 * :class:`smtpd.MailmanProxy` is now removed as it is unusable without
--- a/Lib/sqlite3/test/dbapi.py
+++ b/Lib/sqlite3/test/dbapi.py
@ -652,6 +652,7 @@ class ThreadTests(unittest.TestCase):
            lambda: self.con.rollback(),
            lambda: self.con.close(),
            lambda: self.con.set_trace_callback(None),
+            lambda: self.con.set_authorizer(None),
            lambda: self.con.create_collation("foo", None),
        ]
        for fn in fns:
--- a/Lib/sqlite3/test/userfunctions.py
+++ b/Lib/sqlite3/test/userfunctions.py
@ -522,6 +522,12 @@ class AuthorizerTests(unittest.TestCase):
            self.con.execute("select c2 from t1")
        self.assertIn('prohibited', str(cm.exception))

+    def test_clear_authorizer(self):
+        self.con.set_authorizer(None)
+        self.con.execute("select * from t2")
+        self.con.execute("select c2 from t1")
+
+
 class AuthorizerRaiseExceptionTests(AuthorizerTests):
    @staticmethod
    def authorizer_cb(action, arg1, arg2, dbname, source):
--- a/Misc/NEWS.d/next/Library/2021-06-23-01-33-01.bpo-44491.tiOlr5.rst
+++ b/Misc/NEWS.d/next/Library/2021-06-23-01-33-01.bpo-44491.tiOlr5.rst
@ -0,0 +1,3 @@
+Allow clearing the :mod:`sqlite3` authorizer callback by passing
+:const:``None`` to :meth:`~sqlite3.Connection.set_authorizer`. Patch by
+Erlend E. Aasland.
--- a/Modules/_sqlite/connection.c
+++ b/Modules/_sqlite/connection.c
@ -1053,20 +1053,24 @@ pysqlite_connection_set_authorizer_impl(pysqlite_Connection *self,
                                        PyObject *authorizer_cb)
 /*[clinic end generated code: output=f18ba575d788b35c input=df079724c020d2f2]*/
 {
-    int rc;
-
    if (!pysqlite_check_thread(self) || !pysqlite_check_connection(self)) {
        return NULL;
    }

-    rc = sqlite3_set_authorizer(self->db, _authorizer_callback, (void*)authorizer_cb);
+    int rc;
+    if (authorizer_cb == Py_None) {
+        rc = sqlite3_set_authorizer(self->db, NULL, NULL);
+        Py_XSETREF(self->function_pinboard_authorizer_cb, NULL);
+    }
+    else {
+        Py_INCREF(authorizer_cb);
+        Py_XSETREF(self->function_pinboard_authorizer_cb, authorizer_cb);
+        rc = sqlite3_set_authorizer(self->db, _authorizer_callback, authorizer_cb);
+    }
    if (rc != SQLITE_OK) {
        PyErr_SetString(pysqlite_OperationalError, "Error setting authorizer callback");
        Py_XSETREF(self->function_pinboard_authorizer_cb, NULL);
        return NULL;
-    } else {
-        Py_INCREF(authorizer_cb);
-        Py_XSETREF(self->function_pinboard_authorizer_cb, authorizer_cb);
    }
    Py_RETURN_NONE;
 }