Home/ Questions/Q 8427257
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-10T04:44:15+00:00

I’m trying to use the Connection.set_authorizer method to only allow certain DB operations with

  • 0

I’m trying to use the Connection.set_authorizer method to only allow certain DB operations with a connection object. (The documentation is here)

I’m using this code to test:

import sqlite3 as sqlite

def select_authorizer(sqltype, arg1, arg2, dbname):  
    print("Test")  
    return sqlite.SQLITE_OK  #should allow all operations           

conn = sqlite.connect(":memory:")
conn.execute("CREATE TABLE A (name integer PRIMARY KEY AUTOINCREMENT)")
conn.set_authorizer(select_authorizer)
conn.execute("SELECT * FROM A").fetchall() #should still work

This gives me a sqlite3.DatabaseError: not authorized, without ever printing out “Test”. I’m guessing I may have set up my authorizer wrong, and it’s just failing to even call it. (Though the error message sure doesn’t communicate that) But according to the documentation, this setup looks right.

EDIT: Changed sqlite.SQLITE_OKAY to sqlite.SQLITE_OK, but since the method doesn’t seem to be called at all, not surprisingly that didn’t help.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The authorizer callback takes 5 arguments, but yours only accepts four:

    The first argument to the callback signifies what kind of operation is to be authorized. The second and third argument will be arguments or None depending on the first argument. The 4th argument is the name of the database (“main”, “temp”, etc.) if applicable. The 5th argument is the name of the inner-most trigger or view that is responsible for the access attempt or None if this access attempt is directly from input SQL code.

    Thus, the signature should be:

    def select_authorizer(sqltype, arg1, arg2, dbname, source):

    Generally, when testing a callback like that, testing is made easy by using a *args wildcard parameter:

    def select_authorizer(*args):
     print(args)
     return sqlite.SQLITE_OK

    The above callback prints out:

    (21, None, None, None, None)
(20, 'A', 'name', 'main', None)

    when I run your test SELECT.

    See the C reference for SQLite set_authorizer and the action codes reference for the various constants used.

    • 0