mirror of
https://github.com/simonw/datasette.git
synced 2025-12-10 16:51:24 +01:00
Remove deprecated register_permissions hook
- Removed register_permissions hook definition from hookspecs.py - Removed register_permissions implementation from default_permissions.py - Removed pm.hook.register_permissions() call from app.py invoke_startup() - The register_actions hook now serves as the sole mechanism for registering actions - Removed Permission import from default_permissions.py as it's no longer needed This completes the migration from the old register_permissions hook to the new register_actions hook. All permission definitions should now use Action objects via register_actions, and permission checking should use permission_resources_sql to provide SQL-based permission rules. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Simon Willison
parent
fe2084df66
commit
dc241e8691
3 changed files with 1 additions and 147 deletions
|
|
@ -602,25 +602,6 @@ class Datasette:
|
|||
event_classes.extend(extra_classes)
|
||||
self.event_classes = tuple(event_classes)
|
||||
|
||||
# Register permissions, but watch out for duplicate name/abbr
|
||||
names = {}
|
||||
abbrs = {}
|
||||
for hook in pm.hook.register_permissions(datasette=self):
|
||||
if hook:
|
||||
for p in hook:
|
||||
if p.name in names and p != names[p.name]:
|
||||
raise StartupError(
|
||||
"Duplicate permission name: {}".format(p.name)
|
||||
)
|
||||
if p.abbr and p.abbr in abbrs and p != abbrs[p.abbr]:
|
||||
raise StartupError(
|
||||
"Duplicate permission abbr: {}".format(p.abbr)
|
||||
)
|
||||
names[p.name] = p
|
||||
if p.abbr:
|
||||
abbrs[p.abbr] = p
|
||||
self.permissions[p.name] = p
|
||||
|
||||
# Register actions, but watch out for duplicate name/abbr
|
||||
action_names = {}
|
||||
action_abbrs = {}
|
||||
|
|
|
|||
|
|
@ -1,132 +1,10 @@
|
|||
from datasette import hookimpl, Permission
|
||||
from datasette import hookimpl
|
||||
from datasette.permissions import PermissionSQL
|
||||
from datasette.utils import actor_matches_allow
|
||||
import itsdangerous
|
||||
import time
|
||||
|
||||
|
||||
@hookimpl
|
||||
def register_permissions():
|
||||
return (
|
||||
Permission(
|
||||
name="view-instance",
|
||||
abbr="vi",
|
||||
description="View Datasette instance",
|
||||
takes_database=False,
|
||||
takes_resource=False,
|
||||
default=True,
|
||||
),
|
||||
Permission(
|
||||
name="view-database",
|
||||
abbr="vd",
|
||||
description="View database",
|
||||
takes_database=True,
|
||||
takes_resource=False,
|
||||
default=True,
|
||||
implies_can_view=True,
|
||||
),
|
||||
Permission(
|
||||
name="view-database-download",
|
||||
abbr="vdd",
|
||||
description="Download database file",
|
||||
takes_database=True,
|
||||
takes_resource=False,
|
||||
default=True,
|
||||
),
|
||||
Permission(
|
||||
name="view-table",
|
||||
abbr="vt",
|
||||
description="View table",
|
||||
takes_database=True,
|
||||
takes_resource=True,
|
||||
default=True,
|
||||
implies_can_view=True,
|
||||
),
|
||||
Permission(
|
||||
name="view-query",
|
||||
abbr="vq",
|
||||
description="View named query results",
|
||||
takes_database=True,
|
||||
takes_resource=True,
|
||||
default=True,
|
||||
implies_can_view=True,
|
||||
),
|
||||
Permission(
|
||||
name="execute-sql",
|
||||
abbr="es",
|
||||
description="Execute read-only SQL queries",
|
||||
takes_database=True,
|
||||
takes_resource=False,
|
||||
default=True,
|
||||
implies_can_view=True,
|
||||
),
|
||||
Permission(
|
||||
name="permissions-debug",
|
||||
abbr="pd",
|
||||
description="Access permission debug tool",
|
||||
takes_database=False,
|
||||
takes_resource=False,
|
||||
default=False,
|
||||
),
|
||||
Permission(
|
||||
name="debug-menu",
|
||||
abbr="dm",
|
||||
description="View debug menu items",
|
||||
takes_database=False,
|
||||
takes_resource=False,
|
||||
default=False,
|
||||
),
|
||||
Permission(
|
||||
name="insert-row",
|
||||
abbr="ir",
|
||||
description="Insert rows",
|
||||
takes_database=True,
|
||||
takes_resource=True,
|
||||
default=False,
|
||||
),
|
||||
Permission(
|
||||
name="delete-row",
|
||||
abbr="dr",
|
||||
description="Delete rows",
|
||||
takes_database=True,
|
||||
takes_resource=True,
|
||||
default=False,
|
||||
),
|
||||
Permission(
|
||||
name="update-row",
|
||||
abbr="ur",
|
||||
description="Update rows",
|
||||
takes_database=True,
|
||||
takes_resource=True,
|
||||
default=False,
|
||||
),
|
||||
Permission(
|
||||
name="create-table",
|
||||
abbr="ct",
|
||||
description="Create tables",
|
||||
takes_database=True,
|
||||
takes_resource=False,
|
||||
default=False,
|
||||
),
|
||||
Permission(
|
||||
name="alter-table",
|
||||
abbr="at",
|
||||
description="Alter tables",
|
||||
takes_database=True,
|
||||
takes_resource=True,
|
||||
default=False,
|
||||
),
|
||||
Permission(
|
||||
name="drop-table",
|
||||
abbr="dt",
|
||||
description="Drop tables",
|
||||
takes_database=True,
|
||||
takes_resource=True,
|
||||
default=False,
|
||||
),
|
||||
)
|
||||
|
||||
|
||||
@hookimpl(tryfirst=True, specname="permission_allowed")
|
||||
async def permission_allowed_sql_bridge(datasette, actor, action, resource):
|
||||
"""
|
||||
|
|
|
|||
|
|
@ -69,11 +69,6 @@ def register_facet_classes():
|
|||
"""Register Facet subclasses"""
|
||||
|
||||
|
||||
@hookspec
|
||||
def register_permissions(datasette):
|
||||
"""Register permissions: returns a list of datasette.permission.Permission named tuples"""
|
||||
|
||||
|
||||
@hookspec
|
||||
def register_actions(datasette):
|
||||
"""Register actions: returns a list of datasette.permission.Action objects"""
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue