diff --git a/datasette/app.py b/datasette/app.py index 9348a611..fb41c284 100644 --- a/datasette/app.py +++ b/datasette/app.py @@ -602,25 +602,6 @@ class Datasette: event_classes.extend(extra_classes) self.event_classes = tuple(event_classes) - # Register permissions, but watch out for duplicate name/abbr - names = {} - abbrs = {} - for hook in pm.hook.register_permissions(datasette=self): - if hook: - for p in hook: - if p.name in names and p != names[p.name]: - raise StartupError( - "Duplicate permission name: {}".format(p.name) - ) - if p.abbr and p.abbr in abbrs and p != abbrs[p.abbr]: - raise StartupError( - "Duplicate permission abbr: {}".format(p.abbr) - ) - names[p.name] = p - if p.abbr: - abbrs[p.abbr] = p - self.permissions[p.name] = p - # Register actions, but watch out for duplicate name/abbr action_names = {} action_abbrs = {} diff --git a/datasette/default_permissions.py b/datasette/default_permissions.py index 8dc61aba..19d0e4f8 100644 --- a/datasette/default_permissions.py +++ b/datasette/default_permissions.py @@ -1,132 +1,10 @@ -from datasette import hookimpl, Permission +from datasette import hookimpl from datasette.permissions import PermissionSQL from datasette.utils import actor_matches_allow import itsdangerous import time -@hookimpl -def register_permissions(): - return ( - Permission( - name="view-instance", - abbr="vi", - description="View Datasette instance", - takes_database=False, - takes_resource=False, - default=True, - ), - Permission( - name="view-database", - abbr="vd", - description="View database", - takes_database=True, - takes_resource=False, - default=True, - implies_can_view=True, - ), - Permission( - name="view-database-download", - abbr="vdd", - description="Download database file", - takes_database=True, - takes_resource=False, - default=True, - ), - Permission( - name="view-table", - abbr="vt", - description="View table", - takes_database=True, - takes_resource=True, - default=True, - implies_can_view=True, - ), - Permission( - name="view-query", - abbr="vq", - description="View named query results", - takes_database=True, - takes_resource=True, - default=True, - implies_can_view=True, - ), - Permission( - name="execute-sql", - abbr="es", - description="Execute read-only SQL queries", - takes_database=True, - takes_resource=False, - default=True, - implies_can_view=True, - ), - Permission( - name="permissions-debug", - abbr="pd", - description="Access permission debug tool", - takes_database=False, - takes_resource=False, - default=False, - ), - Permission( - name="debug-menu", - abbr="dm", - description="View debug menu items", - takes_database=False, - takes_resource=False, - default=False, - ), - Permission( - name="insert-row", - abbr="ir", - description="Insert rows", - takes_database=True, - takes_resource=True, - default=False, - ), - Permission( - name="delete-row", - abbr="dr", - description="Delete rows", - takes_database=True, - takes_resource=True, - default=False, - ), - Permission( - name="update-row", - abbr="ur", - description="Update rows", - takes_database=True, - takes_resource=True, - default=False, - ), - Permission( - name="create-table", - abbr="ct", - description="Create tables", - takes_database=True, - takes_resource=False, - default=False, - ), - Permission( - name="alter-table", - abbr="at", - description="Alter tables", - takes_database=True, - takes_resource=True, - default=False, - ), - Permission( - name="drop-table", - abbr="dt", - description="Drop tables", - takes_database=True, - takes_resource=True, - default=False, - ), - ) - - @hookimpl(tryfirst=True, specname="permission_allowed") async def permission_allowed_sql_bridge(datasette, actor, action, resource): """ diff --git a/datasette/hookspecs.py b/datasette/hookspecs.py index 5477a407..c2ef9495 100644 --- a/datasette/hookspecs.py +++ b/datasette/hookspecs.py @@ -69,11 +69,6 @@ def register_facet_classes(): """Register Facet subclasses""" -@hookspec -def register_permissions(datasette): - """Register permissions: returns a list of datasette.permission.Permission named tuples""" - - @hookspec def register_actions(datasette): """Register actions: returns a list of datasette.permission.Action objects"""