Make sure that DropView is not executed without write permissions

agarciamontoro · agarciamontoro · commit cb3b61c0c17e · 2019-10-29T12:36:17.000+01:00
Signed-off-by: Alejandro García Montoro &lt;alejandro.garciamontoro@gmail.com&gt;
diff --git a/engine.go b/engine.go
@@ -120,7 +120,7 @@ func (e *Engine) Query(
 	case *plan.CreateIndex:
 		typ = sql.CreateIndexProcess
 		perm = auth.ReadPerm | auth.WritePerm
-	case *plan.InsertInto, *plan.DeleteFrom, *plan.Update, *plan.DropIndex, *plan.UnlockTables, *plan.LockTables, *plan.CreateView:
+	case *plan.InsertInto, *plan.DeleteFrom, *plan.Update, *plan.DropIndex, *plan.UnlockTables, *plan.LockTables, *plan.CreateView, *plan.DropView:
 		perm = auth.ReadPerm | auth.WritePerm
 	}
 
diff --git a/engine_test.go b/engine_test.go
@@ -3149,6 +3149,7 @@ func TestReadOnly(t *testing.T) {
 		`DROP INDEX foo ON mytable`,
 		`INSERT INTO mytable (i, s) VALUES(42, 'yolo')`,
 		`CREATE VIEW myview AS SELECT i FROM mytable`,
+		`DROP VIEW myview`,
 	}
 
 	for _, query := range writingQueries {

Original file line number	Diff line number	Diff line change
`@@ -120,7 +120,7 @@ func (e *Engine) Query(`
`120`	`120`	`case *plan.CreateIndex:`
`121`	`121`	`typ = sql.CreateIndexProcess`
`122`	`122`	`perm = auth.ReadPerm \| auth.WritePerm`
`123`		`- case plan.InsertInto, plan.DeleteFrom, plan.Update, plan.DropIndex, plan.UnlockTables, plan.LockTables, *plan.CreateView:`
	`123`	`+ case plan.InsertInto, plan.DeleteFrom, plan.Update, plan.DropIndex, plan.UnlockTables, plan.LockTables, plan.CreateView, plan.DropView:`
`124`	`124`	`perm = auth.ReadPerm \| auth.WritePerm`
`125`	`125`	`}`
`126`	`126`
Original file line number	Diff line number	Diff line change
`@@ -3149,6 +3149,7 @@ func TestReadOnly(t *testing.T) {`
`3149`	`3149`	`DROP INDEX foo ON mytable`,
`3150`	`3150`	`INSERT INTO mytable (i, s) VALUES(42, 'yolo')`,
`3151`	`3151`	`CREATE VIEW myview AS SELECT i FROM mytable`,
	`3152`	+ `DROP VIEW myview`,
`3152`	`3153`	`}`
`3153`	`3154`
`3154`	`3155`	`for _, query := range writingQueries {`