From 1cf86e5eccf3f92b483bacbad860879cf39b0ad6 Mon Sep 17 00:00:00 2001 From: Simon Willison Date: Mon, 8 Jun 2020 07:18:37 -0700 Subject: [PATCH] Show padlock on private index page, refs #811 --- datasette/templates/index.html | 2 +- datasette/views/index.py | 3 +++ tests/test_permissions.py | 6 ++++++ 3 files changed, 10 insertions(+), 1 deletion(-) diff --git a/datasette/templates/index.html b/datasette/templates/index.html index 3b8568b3..5a8dccae 100644 --- a/datasette/templates/index.html +++ b/datasette/templates/index.html @@ -5,7 +5,7 @@ {% block body_class %}index{% endblock %} {% block content %} -

{{ metadata.title or "Datasette" }}

+

{{ metadata.title or "Datasette" }}{% if private %} 🔒{% endif %}

{% block description_source_license %}{% include "_description_source_license.html" %}{% endblock %} diff --git a/datasette/views/index.py b/datasette/views/index.py index 0f7fb613..8cbe28f0 100644 --- a/datasette/views/index.py +++ b/datasette/views/index.py @@ -121,5 +121,8 @@ class IndexView(BaseView): "databases": databases, "metadata": self.ds.metadata(), "datasette_version": __version__, + "private": not await self.ds.permission_allowed( + None, "view-instance" + ), }, ) diff --git a/tests/test_permissions.py b/tests/test_permissions.py index df905aa1..5dcf46ad 100644 --- a/tests/test_permissions.py +++ b/tests/test_permissions.py @@ -16,10 +16,16 @@ def test_view_instance(allow, expected_anon, expected_auth): ): anon_response = client.get(path) assert expected_anon == anon_response.status + if allow and path == "/" and anon_response.status == 200: + # Should be no padlock + assert "

Datasette 🔒

" not in anon_response.text auth_response = client.get( path, cookies={"ds_actor": client.ds.sign({"id": "root"}, "actor")}, ) assert expected_auth == auth_response.status + # Check for the padlock + if allow and path == "/" and expected_anon == 403 and expected_auth == 200: + assert "

Datasette 🔒

" in auth_response.text @pytest.mark.parametrize(