diff --git a/.github/workflows/deploy-latest.yml b/.github/workflows/deploy-latest.yml index 8cf63a4a..d6baa2f6 100644 --- a/.github/workflows/deploy-latest.yml +++ b/.github/workflows/deploy-latest.yml @@ -60,7 +60,7 @@ jobs: - name: Make some modifications to metadata.json run: | cat fixtures.json | \ - jq '.databases |= . + {"ephemeral": {"allow": {"id": "root"}}}' | \ + jq '.databases |= . + {"ephemeral": {"allow": {"id": "*"}}}' | \ jq '.plugins |= . + {"datasette-ephemeral-tables": {"table_ttl": 900}}' \ > metadata.json cat metadata.json @@ -71,6 +71,8 @@ jobs: service_account_email: ${{ secrets.GCP_SA_EMAIL }} service_account_key: ${{ secrets.GCP_SA_KEY }} - name: Deploy to Cloud Run + env: + LATEST_DATASETTE_SECRET: ${{ secrets.LATEST_DATASETTE_SECRET }} run: |- gcloud config set run/region us-central1 gcloud config set project datasette-222320 @@ -85,7 +87,8 @@ jobs: --version-note=$GITHUB_SHA \ --extra-options="--setting template_debug 1 --setting trace_debug 1 --crossdb" \ --install 'datasette-ephemeral-tables>=0.2.2' \ - --service "datasette-latest$SUFFIX" + --service "datasette-latest$SUFFIX" \ + --secret $LATEST_DATASETTE_SECRET - name: Deploy to docs as well (only for main) if: ${{ github.ref == 'refs/heads/main' }} run: |- diff --git a/tests/plugins/my_plugin.py b/tests/plugins/my_plugin.py index 15c06dbc..3e7b2148 100644 --- a/tests/plugins/my_plugin.py +++ b/tests/plugins/my_plugin.py @@ -215,6 +215,16 @@ def permission_allowed(actor, action): return False elif action == "view-database-download": return actor.get("can_download") if actor else None + # Special permissions for latest.datasette.io demos + # See https://github.com/simonw/todomvc-datasette/issues/2 + if actor == "todomvc" and action in ( + "insert-row", + "create-table", + "drop-table", + "delete-row", + "update-row", + ): + return True @hookimpl