Make ds.pemrission_allawed(..., default=) a keyword-only argument, refs #2262

datasette/app.py

@@ -896,7 +896,7 @@ class Datasette:
             await await_me_maybe(hook)
 
     async def permission_allowed(
-        self, actor, action, resource=None, default=DEFAULT_NOT_SET
+        self, actor, action, resource=None, *, default=DEFAULT_NOT_SET
     ):
         """Check permissions using the permissions_allowed plugin hook"""
         result = None

datasette/views/table.py

@@ -444,10 +444,10 @@ class TableInsertView(BaseView):
             # Must have insert-row AND upsert-row permissions
             if not (
                 await self.ds.permission_allowed(
-                    request.actor, "insert-row", database_name, table_name
+                    request.actor, "insert-row", resource=(database_name, table_name)
                 )
                 and await self.ds.permission_allowed(
-                    request.actor, "update-row", database_name, table_name
+                    request.actor, "update-row", resource=(database_name, table_name)
                 )
             ):
                 return _error(