[Python-checkins] bpo-44491: Allow clearing the sqlite3 authoriser callback (GH-26863)

pablogsal webhook-mailer at python.org
Thu Jun 24 10:36:02 EDT 2021 

https://github.com/python/cpython/commit/b19f45533942e4ad7ddf9d2d94f8b87c6f746bce
commit: b19f45533942e4ad7ddf9d2d94f8b87c6f746bce
branch: main
author: Erlend Egeberg Aasland <erlend.aasland at innova.no>
committer: pablogsal <Pablogsal at gmail.com>
date: 2021-06-24T15:35:57+01:00
summary:

bpo-44491: Allow clearing the sqlite3 authoriser callback (GH-26863)

files:
A Misc/NEWS.d/next/Library/2021-06-23-01-33-01.bpo-44491.tiOlr5.rst
M Doc/library/sqlite3.rst
M Doc/whatsnew/3.11.rst
M Lib/sqlite3/test/dbapi.py
M Lib/sqlite3/test/userfunctions.py
M Modules/_sqlite/connection.c

diff --git a/Doc/library/sqlite3.rst b/Doc/library/sqlite3.rst
index 4010e1a4daff2..33cb13e9784c3 100644
--- a/Doc/library/sqlite3.rst
+++ b/Doc/library/sqlite3.rst
@@ -430,6 +430,11 @@ Connection Objects
       argument and the meaning of the second and third argument depending on the first
       one. All necessary constants are available in the :mod:`sqlite3` module.
 
+      Passing :const:`None` as *authorizer_callback* will disable the authorizer.
+
+      .. versionchanged:: 3.11
+         Added support for disabling the authorizer using :const:`None`.
+
 
    .. method:: set_progress_handler(handler, n)
 
diff --git a/Doc/whatsnew/3.11.rst b/Doc/whatsnew/3.11.rst
index 50d91a0adc141..cc88c4166ec1a 100644
--- a/Doc/whatsnew/3.11.rst
+++ b/Doc/whatsnew/3.11.rst
@@ -106,6 +106,14 @@ math
   Dickinson in :issue:`44339`.)
 
 
+sqlite3
+-------
+
+* You can now disable the authorizer by passing :const:`None` to
+  :meth:`~sqlite3.Connection.set_authorizer`.
+  (Contributed by Erlend E. Aasland in :issue:`44491`.)
+
+
 Removed
 =======
 * :class:`smtpd.MailmanProxy` is now removed as it is unusable without
diff --git a/Lib/sqlite3/test/dbapi.py b/Lib/sqlite3/test/dbapi.py
index 1a4b44188bd41..20cca33e23834 100644
--- a/Lib/sqlite3/test/dbapi.py
+++ b/Lib/sqlite3/test/dbapi.py
@@ -652,6 +652,7 @@ def test_check_connection_thread(self):
             lambda: self.con.rollback(),
             lambda: self.con.close(),
             lambda: self.con.set_trace_callback(None),
+            lambda: self.con.set_authorizer(None),
             lambda: self.con.create_collation("foo", None),
         ]
         for fn in fns:
diff --git a/Lib/sqlite3/test/userfunctions.py b/Lib/sqlite3/test/userfunctions.py
index dc900f6486f49..1ed090e3d9256 100644
--- a/Lib/sqlite3/test/userfunctions.py
+++ b/Lib/sqlite3/test/userfunctions.py
@@ -522,6 +522,12 @@ def test_column_access(self):
             self.con.execute("select c2 from t1")
         self.assertIn('prohibited', str(cm.exception))
 
+    def test_clear_authorizer(self):
+        self.con.set_authorizer(None)
+        self.con.execute("select * from t2")
+        self.con.execute("select c2 from t1")
+
+
 class AuthorizerRaiseExceptionTests(AuthorizerTests):
     @staticmethod
     def authorizer_cb(action, arg1, arg2, dbname, source):
diff --git a/Misc/NEWS.d/next/Library/2021-06-23-01-33-01.bpo-44491.tiOlr5.rst b/Misc/NEWS.d/next/Library/2021-06-23-01-33-01.bpo-44491.tiOlr5.rst
new file mode 100644
index 0000000000000..aa25052df8227
--- /dev/null
+++ b/Misc/NEWS.d/next/Library/2021-06-23-01-33-01.bpo-44491.tiOlr5.rst
@@ -0,0 +1,3 @@
+Allow clearing the :mod:`sqlite3` authorizer callback by passing
+:const:``None`` to :meth:`~sqlite3.Connection.set_authorizer`. Patch by
+Erlend E. Aasland.
diff --git a/Modules/_sqlite/connection.c b/Modules/_sqlite/connection.c
index 3e12679cd14c0..6e7101ade9106 100644
--- a/Modules/_sqlite/connection.c
+++ b/Modules/_sqlite/connection.c
@@ -1053,20 +1053,24 @@ pysqlite_connection_set_authorizer_impl(pysqlite_Connection *self,
                                         PyObject *authorizer_cb)
 /*[clinic end generated code: output=f18ba575d788b35c input=df079724c020d2f2]*/
 {
-    int rc;
-
     if (!pysqlite_check_thread(self) || !pysqlite_check_connection(self)) {
         return NULL;
     }
 
-    rc = sqlite3_set_authorizer(self->db, _authorizer_callback, (void*)authorizer_cb);
+    int rc;
+    if (authorizer_cb == Py_None) {
+        rc = sqlite3_set_authorizer(self->db, NULL, NULL);
+        Py_XSETREF(self->function_pinboard_authorizer_cb, NULL);
+    }
+    else {
+        Py_INCREF(authorizer_cb);
+        Py_XSETREF(self->function_pinboard_authorizer_cb, authorizer_cb);
+        rc = sqlite3_set_authorizer(self->db, _authorizer_callback, authorizer_cb);
+    }
     if (rc != SQLITE_OK) {
         PyErr_SetString(pysqlite_OperationalError, "Error setting authorizer callback");
         Py_XSETREF(self->function_pinboard_authorizer_cb, NULL);
         return NULL;
-    } else {
-        Py_INCREF(authorizer_cb);
-        Py_XSETREF(self->function_pinboard_authorizer_cb, authorizer_cb);
     }
     Py_RETURN_NONE;
 }

More information about the Python-checkins mailing list