Skip to content

Instance Method

setAuthorizerValidator(lifetime:_:)

Set the validator for the SQLite authorizer hook.
func setAuthorizerValidator(lifetime: SQLiteObserverLifetime, _ callback: @escaping SQLiteConnection.SQLiteAuthorizerValidator) async throws -> SQLiteHookToken

Parameters

lifetime

The observer lifetime behavior. See SQLiteObserverLifetime for details. Use scoped for automatic cleanup on token deallocation, or pinned for explicit cleanup only.

callback

Closure to invoke when authorization events occur.

Return Value

A SQLiteHookToken that removes the validator when canceled.

Discussion

The authorizer validator examines database access attempts and decides whether to allow, deny, or ignore them. Only one validator can be active per connection. Setting a new validator replaces any existing validator.

let token = connection.setAuthorizerValidator(lifetime: .pinned) { [weak self] event in
    if event.action == .delete && event.parameter1 == "sensitive_table" {
        return self?.accessControl.allowDelete() == true ? .allow : .deny
    }
    return .allow
}

Important

Registration is safe from any thread. Callbacks are invoked on SQLite’s internal thread; hop to your own actor or event loop as needed.