124 lines
4.7 KiB
C++
124 lines
4.7 KiB
C++
/*
|
|
* Copyright (C) 2007 Apple Inc. All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
*
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
* 3. Neither the name of Apple Inc. ("Apple") nor the names of
|
|
* its contributors may be used to endorse or promote products derived
|
|
* from this software without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY
|
|
* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
|
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
* DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY
|
|
* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
|
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
|
|
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
|
|
* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
|
|
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
*/
|
|
|
|
#pragma once
|
|
|
|
#include <wtf/Forward.h>
|
|
#include <wtf/HashSet.h>
|
|
#include <wtf/ThreadSafeRefCounted.h>
|
|
#include <wtf/text/StringHash.h>
|
|
#include <wtf/text/WTFString.h>
|
|
|
|
namespace WebCore {
|
|
|
|
extern const int SQLAuthAllow;
|
|
extern const int SQLAuthIgnore;
|
|
extern const int SQLAuthDeny;
|
|
|
|
class DatabaseAuthorizer : public ThreadSafeRefCounted<DatabaseAuthorizer> {
|
|
public:
|
|
|
|
enum Permissions {
|
|
ReadWriteMask = 0,
|
|
ReadOnlyMask = 1 << 1,
|
|
NoAccessMask = 1 << 2
|
|
};
|
|
|
|
static Ref<DatabaseAuthorizer> create(const String& databaseInfoTableName);
|
|
|
|
int createTable(const String& tableName);
|
|
int createTempTable(const String& tableName);
|
|
int dropTable(const String& tableName);
|
|
int dropTempTable(const String& tableName);
|
|
int allowAlterTable(const String& databaseName, const String& tableName);
|
|
|
|
int createIndex(const String& indexName, const String& tableName);
|
|
int createTempIndex(const String& indexName, const String& tableName);
|
|
int dropIndex(const String& indexName, const String& tableName);
|
|
int dropTempIndex(const String& indexName, const String& tableName);
|
|
|
|
int createTrigger(const String& triggerName, const String& tableName);
|
|
int createTempTrigger(const String& triggerName, const String& tableName);
|
|
int dropTrigger(const String& triggerName, const String& tableName);
|
|
int dropTempTrigger(const String& triggerName, const String& tableName);
|
|
|
|
int createView(const String& viewName);
|
|
int createTempView(const String& viewName);
|
|
int dropView(const String& viewName);
|
|
int dropTempView(const String& viewName);
|
|
|
|
int createVTable(const String& tableName, const String& moduleName);
|
|
int dropVTable(const String& tableName, const String& moduleName);
|
|
|
|
int allowDelete(const String& tableName);
|
|
int allowInsert(const String& tableName);
|
|
int allowUpdate(const String& tableName, const String& columnName);
|
|
int allowTransaction();
|
|
|
|
int allowSelect() { return SQLAuthAllow; }
|
|
int allowRead(const String& tableName, const String& columnName);
|
|
|
|
int allowReindex(const String& indexName);
|
|
int allowAnalyze(const String& tableName);
|
|
int allowFunction(const String& functionName);
|
|
int allowPragma(const String& pragmaName, const String& firstArgument);
|
|
|
|
int allowAttach(const String& filename);
|
|
int allowDetach(const String& databaseName);
|
|
|
|
void disable();
|
|
void enable();
|
|
void setPermissions(int permissions);
|
|
|
|
void reset();
|
|
void resetDeletes();
|
|
|
|
bool lastActionWasInsert() const { return m_lastActionWasInsert; }
|
|
bool lastActionChangedDatabase() const { return m_lastActionChangedDatabase; }
|
|
bool hadDeletes() const { return m_hadDeletes; }
|
|
|
|
private:
|
|
explicit DatabaseAuthorizer(const String& databaseInfoTableName);
|
|
void addAllowedFunctions();
|
|
int denyBasedOnTableName(const String&) const;
|
|
int updateDeletesBasedOnTableName(const String&);
|
|
bool allowWrite();
|
|
|
|
int m_permissions;
|
|
bool m_securityEnabled : 1;
|
|
bool m_lastActionWasInsert : 1;
|
|
bool m_lastActionChangedDatabase : 1;
|
|
bool m_hadDeletes : 1;
|
|
|
|
const String m_databaseInfoTableName;
|
|
|
|
HashSet<String, ASCIICaseInsensitiveHash> m_allowedFunctions;
|
|
};
|
|
|
|
} // namespace WebCore
|