github/datasette
1
0
Fork 0
mirror of https://github.com/simonw/datasette.git synced 2025-12-10 16:51:24 +01:00
Code Issues Projects Releases Packages Wiki Activity

Optimize database page table listing to avoid scanning all tables

Browse source 
Restructured the table listing logic in get_tables() to check permissions
via SQL first using the permission_resources_sql plugin hook, then only
fetch table counts for tables that will actually be displayed.

Previous implementation called table_counts() for all tables before checking
permissions, which defeated the purpose of the optimization - it still
required scanning every table just to list them.

Changes:
- Modified Database.table_counts() to accept optional 'tables' parameter
  that allows selective counting while preserving caching for immutable DBs
- Rewrote get_tables() in database view to query catalog_tables for table
  names first (cheap operation), use resolve_permissions_from_catalog to
  check permissions in bulk, then only call table_counts() with the subset
  of allowed tables
- Fixed bug in default_permissions.py where query_config could be a string
  instead of dict, causing AttributeError
- Correctly handles table-level 'allow: True' blocks that should bypass
  database-level restrictions when determining privacy status

All 177 permission tests passing.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Simon Willison 2025-10-17 17:04:05 -07:00
commit 75298db4ae
3 changed files with 169 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

24
datasette/database.py
View file

@ -374,12 +374,25 @@ class Database:
self.cached_size = Path(self.path).stat().st_size self.cached_size = Path(self.path).stat().st_size
return self.cached_size return self.cached_size
async def table_counts(self, limit=10): async def table_counts(self, limit=10, tables=None):
# Determine which tables we need counts for
if tables is None:
tables_to_count = await self.table_names()
else:
tables_to_count = tables
# If we have cached counts for immutable database, use them
if not self.is_mutable and self.cached_table_counts is not None: if not self.is_mutable and self.cached_table_counts is not None:
return self.cached_table_counts # Return only the requested tables from cache
return {
table: self.cached_table_counts.get(table)
for table in tables_to_count
if table in self.cached_table_counts
}
# Try to get counts for each table, $limit timeout for each count # Try to get counts for each table, $limit timeout for each count
counts = {} counts = {}
for table in await self.table_names(): for table in tables_to_count:
try: try:
table_count = ( table_count = (
await self.execute( await self.execute(
@ -392,8 +405,11 @@ class Database:
# QueryInterrupted - so we catch that too: # QueryInterrupted - so we catch that too:
except (QueryInterrupted, sqlite3.OperationalError, sqlite3.DatabaseError): except (QueryInterrupted, sqlite3.OperationalError, sqlite3.DatabaseError):
counts[table] = None counts[table] = None
if not self.is_mutable:
# Only cache if we counted all tables
if tables is None and not self.is_mutable:
self._cached_table_counts = counts self._cached_table_counts = counts
return counts return counts
@property @property

4
datasette/default_permissions.py
View file

@ -263,6 +263,9 @@ async def _config_permission_rules(datasette, actor, action) -> list[PluginSQL]:
) )
for query_name, query_config in (db_config.get("queries") or {}).items(): for query_name, query_config in (db_config.get("queries") or {}).items():
# query_config can be a string (just SQL) or a dict
if isinstance(query_config, str):
continue
query_perm = (query_config.get("permissions") or {}).get(action) query_perm = (query_config.get("permissions") or {}).get(action)
add_row( add_row(
db_name, db_name,
@ -325,7 +328,6 @@ async def _config_permission_rules(datasette, actor, action) -> list[PluginSQL]:
params[f"{key}_reason"] = reason params[f"{key}_reason"] = reason
sql = "\nUNION ALL\n".join(parts) sql = "\nUNION ALL\n".join(parts)
print(sql, params)
return [PluginSQL(source="config_permissions", sql=sql, params=params)] return [PluginSQL(source="config_permissions", sql=sql, params=params)]

169
datasette/views/database.py
View file

@ -273,34 +273,157 @@ class QueryContext:
async def get_tables(datasette, request, db): async def get_tables(datasette, request, db):
tables = [] tables = []
database = db.name database = db.name
table_counts = await db.table_counts(100)
hidden_table_names = set(await db.hidden_table_names()) hidden_table_names = set(await db.hidden_table_names())
all_foreign_keys = await db.get_all_foreign_keys() all_foreign_keys = await db.get_all_foreign_keys()
for table in table_counts: # Use the new SQL-based permission system to check all tables at once
table_visible, table_private = await datasette.check_visibility( from datasette.utils.permissions import resolve_permissions_from_catalog, PluginSQL
request.actor, from datasette.plugins import pm
permissions=[ from datasette.utils import await_me_maybe
("view-table", (database, table)),
("view-database", database), # Get all table names from catalog (cheap operation, no scanning)
"view-instance", internal_db = datasette.get_internal_database()
], table_names_result = await internal_db.execute(
"SELECT table_name FROM catalog_tables WHERE database_name = ?", [database]
)
table_names = [row["table_name"] for row in table_names_result.rows]
if table_names:
# Use catalog_tables for candidate SQL to query all tables in this database at once
candidate_sql = "SELECT :database AS parent, table_name AS child FROM catalog_tables WHERE database_name = :database"
candidate_params = {"database": database}
# Get plugin SQL blocks for view-table permission
plugins = []
for block in pm.hook.permission_resources_sql(
datasette=datasette,
actor=request.actor,
action="view-table",
):
block = await await_me_maybe(block)
if block is None:
continue
if isinstance(block, (list, tuple)):
candidates = block
else:
candidates = [block]
for candidate in candidates:
if candidate is None:
continue
if not isinstance(candidate, PluginSQL):
continue
plugins.append(candidate)
# Resolve permissions for all tables at once
if isinstance(request.actor, dict):
actor_id = request.actor.get("id")
elif request.actor:
actor_id = request.actor
else:
actor_id = None
internal_db = datasette.get_internal_database()
permission_results = await resolve_permissions_from_catalog(
internal_db,
actor=str(actor_id) if actor_id is not None else "",
plugins=plugins,
action="view-table",
candidate_sql=candidate_sql,
candidate_params=candidate_params,
implicit_deny=True,
) )
if not table_visible:
continue # Create a lookup dict for allowed tables and their privacy status
allowed_tables = {}
for result in permission_results:
table_name = result["child"]
if result["allow"] == 1:
allowed_tables[table_name] = result
# Check which tables are visible to anonymous users (for determining "private" status)
# A table is visible to anonymous users if BOTH view-database AND view-table pass
anon_allowed_tables = set()
if request.actor:
# Check if anonymous users can view the database
anon_can_view_database = await datasette.permission_allowed(
None, "view-database", database
)
# Generate new plugin SQL blocks for anonymous user to check table permissions
anon_plugins = []
for block in pm.hook.permission_resources_sql(
datasette=datasette,
actor="",
action="view-table",
):
block = await await_me_maybe(block)
if block is None:
continue
if isinstance(block, (list, tuple)):
candidates = block
else:
candidates = [block]
for candidate in candidates:
if candidate is None:
continue
if not isinstance(candidate, PluginSQL):
continue
anon_plugins.append(candidate)
anon_permission_results = await resolve_permissions_from_catalog(
internal_db,
actor="",
plugins=anon_plugins,
action="view-table",
candidate_sql=candidate_sql,
candidate_params=candidate_params,
implicit_deny=True,
)
# A table is not private if anonymous users can view it
# This requires passing BOTH view-table AND view-database checks
# UNLESS the table has an explicit allow block that overrides database restrictions
# We approximate this by checking if the permission result has a specific "config allow" reason
# which indicates an explicit table-level allow block
for result in anon_permission_results:
if result["allow"] == 1:
# Check if this is from an explicit table-level allow block
# or if the anonymous user can also view the database
reason = result.get("reason", "")
has_explicit_table_allow = (
"config allow allow for view-table" in reason
)
if has_explicit_table_allow or anon_can_view_database:
anon_allowed_tables.add(result["child"])
else:
allowed_tables = {}
anon_allowed_tables = set()
# Build the tables list for allowed tables only
# Only get table counts for the tables we're actually going to display
allowed_table_names = list(allowed_tables.keys())
# Get counts only for allowed tables (uses caching mechanism)
if allowed_table_names:
table_counts = await db.table_counts(limit=10, tables=allowed_table_names)
else:
table_counts = {}
for table in allowed_table_names:
# Determine if table is private (not visible to anonymous users)
table_private = bool(request.actor and table not in anon_allowed_tables)
table_columns = await db.table_columns(table) table_columns = await db.table_columns(table)
tables.append( table_dict = {
{ "name": table,
"name": table, "columns": table_columns,
"columns": table_columns, "primary_keys": await db.primary_keys(table),
"primary_keys": await db.primary_keys(table), "count": table_counts.get(table),
"count": table_counts[table], "hidden": table in hidden_table_names,
"hidden": table in hidden_table_names, "fts_table": await db.fts_table(table),
"fts_table": await db.fts_table(table), "foreign_keys": all_foreign_keys.get(table, {}),
"foreign_keys": all_foreign_keys[table], "private": table_private,
"private": table_private, }
} tables.append(table_dict)
)
tables.sort(key=lambda t: (t["hidden"], t["name"])) tables.sort(key=lambda t: (t["hidden"], t["name"]))
return tables return tables