github/datasette
1
0
Fork 0
mirror of https://github.com/simonw/datasette.git synced 2025-12-10 16:51:24 +01:00
Code Issues Projects Releases Packages Wiki Activity

Consistent Permission denied:, refs #2279

Browse source
This commit is contained in:
Simon Willison 2024-02-19 12:51:14 -08:00
commit 3856a8cb24
2 changed files with 6 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

6
datasette/views/database.py
View file

@ -860,7 +860,7 @@ class TableCreateView(BaseView):
if not await self.ds.permission_allowed( if not await self.ds.permission_allowed(
request.actor, "update-row", resource=database_name request.actor, "update-row", resource=database_name
): ):
return _error(["Permission denied - need update-row"], 403) return _error(["Permission denied: need update-row"], 403)
table_name = data.get("table") table_name = data.get("table")
if not table_name: if not table_name:
@ -884,7 +884,7 @@ class TableCreateView(BaseView):
if not await self.ds.permission_allowed( if not await self.ds.permission_allowed(
request.actor, "insert-row", resource=database_name request.actor, "insert-row", resource=database_name
): ):
return _error(["Permission denied - need insert-row"], 403) return _error(["Permission denied: need insert-row"], 403)
alter = False alter = False
if rows or row: if rows or row:
@ -897,7 +897,7 @@ class TableCreateView(BaseView):
if not await self.ds.permission_allowed( if not await self.ds.permission_allowed(
request.actor, "alter-table", resource=database_name request.actor, "alter-table", resource=database_name
): ):
return _error(["Permission denied - need alter-table"], 403) return _error(["Permission denied: need alter-table"], 403)
alter = True alter = True
if columns: if columns:

6
tests/test_api_write.py
View file

@ -1316,7 +1316,7 @@ async def test_create_table(
["create-table"], ["create-table"],
{"table": "t", "rows": [{"name": "c"}]}, {"table": "t", "rows": [{"name": "c"}]},
403, 403,
["Permission denied - need insert-row"], ["Permission denied: need insert-row"],
), ),
# This should work: # This should work:
( (
@ -1330,7 +1330,7 @@ async def test_create_table(
["create-table", "insert-row"], ["create-table", "insert-row"],
{"table": "t", "rows": [{"id": 1}], "pk": "id", "replace": True}, {"table": "t", "rows": [{"id": 1}], "pk": "id", "replace": True},
403, 403,
["Permission denied - need update-row"], ["Permission denied: need update-row"],
), ),
), ),
) )
@ -1567,7 +1567,7 @@ async def test_create_using_alter_against_existing_table(
assert response2.status_code == 403 assert response2.status_code == 403
assert response2.json() == { assert response2.json() == {
"ok": False, "ok": False,
"errors": ["Permission denied - need alter-table"], "errors": ["Permission denied: need alter-table"],
} }
else: else:
assert response2.status_code == 201 assert response2.status_code == 201