github/datasette
1
0
Fork 0
mirror of https://github.com/simonw/datasette.git synced 2025-12-10 16:51:24 +01:00
Code Issues Projects Releases Packages Wiki Activity

view-database permission

Browse source 
Also now using 🔒 to indicate private resources - resources that
would not be available to the anonymous user. Refs #811
This commit is contained in:
Simon Willison 2020-06-07 20:50:37 -07:00
commit 9b42e1a4f5
8 changed files with 69 additions and 16 deletions
Download patch file Download diff file Expand all files Collapse all files

7
datasette/default_permissions.py
View file

@ -11,6 +11,12 @@ def permission_allowed(datasette, actor, action, resource_type, resource_identif
allow = datasette.metadata("allow")
if allow is not None:
return actor_matches_allow(actor, allow)
elif action == "view-database":
assert resource_type == "database"
database_allow = datasette.metadata("allow", database=resource_identifier)
if database_allow is None:
return True
return actor_matches_allow(actor, database_allow)
elif action == "view-query":
# Check if this query has a "allow" block in metadata
assert resource_type == "query"
@ -20,7 +26,6 @@ def permission_allowed(datasette, actor, action, resource_type, resource_identif
if isinstance(queries_metadata[query_name], str):
return True
allow = queries_metadata[query_name].get("allow")
print("checking allow - actor = {}, allow = {}".format(actor, allow))
if allow is None:
return True
return actor_matches_allow(actor, allow)