mirror of
https://github.com/simonw/datasette.git
synced 2025-12-10 16:51:24 +01:00
Upgrade to Black 20.8b1, closes #958
This commit is contained in:
Simon Willison
parent
26b2922f17
commit
a648bb82ba
22 changed files with 203 additions and 58 deletions
|
|
@ -65,7 +65,10 @@ class BaseView:
|
|||
|
||||
async def check_permission(self, request, action, resource=None):
|
||||
ok = await self.ds.permission_allowed(
|
||||
request.actor, action, resource=resource, default=True,
|
||||
request.actor,
|
||||
action,
|
||||
resource=resource,
|
||||
default=True,
|
||||
)
|
||||
if not ok:
|
||||
raise Forbidden(action)
|
||||
|
|
@ -85,7 +88,10 @@ class BaseView:
|
|||
repr(permission)
|
||||
)
|
||||
ok = await self.ds.permission_allowed(
|
||||
request.actor, action, resource=resource, default=None,
|
||||
request.actor,
|
||||
action,
|
||||
resource=resource,
|
||||
default=None,
|
||||
)
|
||||
if ok is not None:
|
||||
if ok:
|
||||
|
|
@ -343,10 +349,10 @@ class DataView(BaseView):
|
|||
return AsgiStream(stream_fn, headers=headers, content_type=content_type)
|
||||
|
||||
async def get_format(self, request, database, args):
|
||||
""" Determine the format of the response from the request, from URL
|
||||
parameters or from a file extension.
|
||||
"""Determine the format of the response from the request, from URL
|
||||
parameters or from a file extension.
|
||||
|
||||
`args` is a dict of the path components parsed from the URL by the router.
|
||||
`args` is a dict of the path components parsed from the URL by the router.
|
||||
"""
|
||||
# If ?_format= is provided, use that as the format
|
||||
_format = request.args.get("_format", None)
|
||||
|
|
|
|||
|
|
@ -21,7 +21,11 @@ class DatabaseView(DataView):
|
|||
|
||||
async def data(self, request, database, hash, default_labels=False, _size=None):
|
||||
await self.check_permissions(
|
||||
request, [("view-database", database), "view-instance",],
|
||||
request,
|
||||
[
|
||||
("view-database", database),
|
||||
"view-instance",
|
||||
],
|
||||
)
|
||||
metadata = (self.ds.metadata("databases") or {}).get(database, {})
|
||||
self.ds.update_with_inherited_metadata(metadata)
|
||||
|
|
@ -42,17 +46,26 @@ class DatabaseView(DataView):
|
|||
views = []
|
||||
for view_name in await db.view_names():
|
||||
visible, private = await check_visibility(
|
||||
self.ds, request.actor, "view-table", (database, view_name),
|
||||
self.ds,
|
||||
request.actor,
|
||||
"view-table",
|
||||
(database, view_name),
|
||||
)
|
||||
if visible:
|
||||
views.append(
|
||||
{"name": view_name, "private": private,}
|
||||
{
|
||||
"name": view_name,
|
||||
"private": private,
|
||||
}
|
||||
)
|
||||
|
||||
tables = []
|
||||
for table in table_counts:
|
||||
visible, private = await check_visibility(
|
||||
self.ds, request.actor, "view-table", (database, table),
|
||||
self.ds,
|
||||
request.actor,
|
||||
"view-table",
|
||||
(database, table),
|
||||
)
|
||||
if not visible:
|
||||
continue
|
||||
|
|
@ -76,7 +89,10 @@ class DatabaseView(DataView):
|
|||
await self.ds.get_canned_queries(database, request.actor)
|
||||
).values():
|
||||
visible, private = await check_visibility(
|
||||
self.ds, request.actor, "view-query", (database, query["name"]),
|
||||
self.ds,
|
||||
request.actor,
|
||||
"view-query",
|
||||
(database, query["name"]),
|
||||
)
|
||||
if visible:
|
||||
canned_queries.append(dict(query, private=private))
|
||||
|
|
|
|||
|
|
@ -26,7 +26,10 @@ class IndexView(BaseView):
|
|||
databases = []
|
||||
for name, db in self.ds.databases.items():
|
||||
visible, database_private = await check_visibility(
|
||||
self.ds, request.actor, "view-database", name,
|
||||
self.ds,
|
||||
request.actor,
|
||||
"view-database",
|
||||
name,
|
||||
)
|
||||
if not visible:
|
||||
continue
|
||||
|
|
@ -36,7 +39,10 @@ class IndexView(BaseView):
|
|||
views = []
|
||||
for view_name in await db.view_names():
|
||||
visible, private = await check_visibility(
|
||||
self.ds, request.actor, "view-table", (name, view_name),
|
||||
self.ds,
|
||||
request.actor,
|
||||
"view-table",
|
||||
(name, view_name),
|
||||
)
|
||||
if visible:
|
||||
views.append({"name": view_name, "private": private})
|
||||
|
|
@ -52,7 +58,10 @@ class IndexView(BaseView):
|
|||
tables = {}
|
||||
for table in table_names:
|
||||
visible, private = await check_visibility(
|
||||
self.ds, request.actor, "view-table", (name, table),
|
||||
self.ds,
|
||||
request.actor,
|
||||
"view-table",
|
||||
(name, table),
|
||||
)
|
||||
if not visible:
|
||||
continue
|
||||
|
|
|
|||
|
|
@ -82,7 +82,11 @@ class LogoutView(BaseView):
|
|||
async def get(self, request):
|
||||
if not request.actor:
|
||||
return Response.redirect("/")
|
||||
return await self.render(["logout.html"], request, {"actor": request.actor},)
|
||||
return await self.render(
|
||||
["logout.html"],
|
||||
request,
|
||||
{"actor": request.actor},
|
||||
)
|
||||
|
||||
async def post(self, request):
|
||||
response = Response.redirect("/")
|
||||
|
|
|
|||
|
|
@ -350,7 +350,10 @@ class TableView(RowTableShared):
|
|||
# Add _where= from querystring
|
||||
if "_where" in request.args:
|
||||
if not await self.ds.permission_allowed(
|
||||
request.actor, "execute-sql", resource=database, default=True,
|
||||
request.actor,
|
||||
"execute-sql",
|
||||
resource=database,
|
||||
default=True,
|
||||
):
|
||||
raise DatasetteError("_where= is not allowed", status=403)
|
||||
else:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue