mirror of
https://github.com/simonw/datasette.git
synced 2025-12-10 16:51:24 +01:00
Migrate view-query permission to SQL-based system, refs #2510
This change integrates canned queries with Datasette's new SQL-based permissions system by making the following changes: 1. **Default canned_queries plugin hook**: Added a new hookimpl in default_permissions.py that returns canned queries from datasette configuration. This extracts config-reading logic into a plugin hook, allowing QueryResource to discover all queries. 2. **Async resources_sql()**: Converted Resource.resources_sql() from a synchronous class method returning a string to an async method that receives the datasette instance. This allows QueryResource to call plugin hooks and query the database. 3. **QueryResource implementation**: Implemented QueryResource.resources_sql() to gather all canned queries by: - Querying catalog_databases for all databases - Calling canned_queries hooks for each database with actor=None - Building a UNION ALL SQL query of all (database, query_name) pairs - Properly escaping single quotes in resource names 4. **Simplified get_canned_queries()**: Removed config-reading logic since it's now handled by the default plugin hook. 5. **Added view-query to default allow**: Added "view-query" to the default_allow_actions set so canned queries are accessible by default. 6. **Removed xfail markers**: Removed test xfail markers from: - tests/test_canned_queries.py (entire module) - tests/test_html.py (2 tests) - tests/test_permissions.py (1 test) - tests/test_plugins.py (1 test) All canned query tests now pass with the new permission system. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Simon Willison
parent
60ed646d45
commit
82cc3d5c86
10 changed files with 56 additions and 82 deletions
|
|
@ -499,9 +499,6 @@ async def test_hook_register_output_renderer_all_parameters(ds_client):
|
|||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
@pytest.mark.xfail(
|
||||
reason="Canned queries not accessible due to view-query permission not migrated, refs #2510"
|
||||
)
|
||||
async def test_hook_register_output_renderer_custom_status_code(ds_client):
|
||||
response = await ds_client.get(
|
||||
"/fixtures/pragma_cache_size.testall?status_code=202"
|
||||
|
|
@ -510,9 +507,6 @@ async def test_hook_register_output_renderer_custom_status_code(ds_client):
|
|||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
@pytest.mark.xfail(
|
||||
reason="Canned queries not accessible due to view-query permission not migrated, refs #2510"
|
||||
)
|
||||
async def test_hook_register_output_renderer_custom_content_type(ds_client):
|
||||
response = await ds_client.get(
|
||||
"/fixtures/pragma_cache_size.testall?content_type=text/blah"
|
||||
|
|
@ -521,9 +515,6 @@ async def test_hook_register_output_renderer_custom_content_type(ds_client):
|
|||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
@pytest.mark.xfail(
|
||||
reason="Canned queries not accessible due to view-query permission not migrated, refs #2510"
|
||||
)
|
||||
async def test_hook_register_output_renderer_custom_headers(ds_client):
|
||||
response = await ds_client.get(
|
||||
"/fixtures/pragma_cache_size.testall?header=x-wow:1&header=x-gosh:2"
|
||||
|
|
@ -854,9 +845,6 @@ async def test_hook_startup(ds_client):
|
|||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
@pytest.mark.xfail(
|
||||
reason="Canned queries not yet migrated to new permission system, refs #2510"
|
||||
)
|
||||
async def test_hook_canned_queries(ds_client):
|
||||
queries = (await ds_client.get("/fixtures.json")).json()["queries"]
|
||||
queries_by_name = {q["name"]: q for q in queries}
|
||||
|
|
@ -873,34 +861,24 @@ async def test_hook_canned_queries(ds_client):
|
|||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
@pytest.mark.xfail(
|
||||
reason="Canned queries not yet migrated to new permission system, refs #2510"
|
||||
)
|
||||
async def test_hook_canned_queries_non_async(ds_client):
|
||||
response = await ds_client.get("/fixtures/from_hook.json?_shape=array")
|
||||
assert [{"1": 1, "actor_id": "null"}] == response.json()
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
@pytest.mark.xfail(
|
||||
reason="Canned queries not yet migrated to new permission system, refs #2510"
|
||||
)
|
||||
async def test_hook_canned_queries_async(ds_client):
|
||||
response = await ds_client.get("/fixtures/from_async_hook.json?_shape=array")
|
||||
assert [{"2": 2}] == response.json()
|
||||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
@pytest.mark.xfail(
|
||||
reason="Canned queries not yet migrated to new permission system, refs #2510"
|
||||
)
|
||||
async def test_hook_canned_queries_actor(ds_client):
|
||||
assert (
|
||||
await ds_client.get("/fixtures/from_hook.json?_bot=1&_shape=array")
|
||||
).json() == [{"1": 1, "actor_id": "bot"}]
|
||||
|
||||
|
||||
@pytest.mark.xfail(reason="Magic parameters used with canned queries, refs #2510")
|
||||
def test_hook_register_magic_parameters(restore_working_directory):
|
||||
with make_app_client(
|
||||
extra_databases={"data.db": "create table logs (line text)"},
|
||||
|
|
@ -1048,9 +1026,6 @@ def get_actions_links(html):
|
|||
pytest.param(
|
||||
"/fixtures/pragma_cache_size",
|
||||
"/fixtures/-/query?sql=explain+PRAGMA+cache_size%3B",
|
||||
marks=pytest.mark.xfail(
|
||||
reason="Canned queries not accessible due to view-query permission not migrated, refs #2510"
|
||||
),
|
||||
),
|
||||
# Don't attempt to explain an explain
|
||||
("/fixtures/-/query?sql=explain+select+1", None),
|
||||
|
|
@ -1558,9 +1533,6 @@ async def test_hook_top_query(ds_client):
|
|||
|
||||
|
||||
@pytest.mark.asyncio
|
||||
@pytest.mark.xfail(
|
||||
reason="Canned queries not yet migrated to new permission system, refs #2510"
|
||||
)
|
||||
async def test_hook_top_canned_query(ds_client):
|
||||
try:
|
||||
pm.register(SlotPlugin(), name="SlotPlugin")
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue