github/datasette
1
0
Fork 0
mirror of https://github.com/simonw/datasette.git synced 2025-12-10 16:51:24 +01:00
Code Issues Projects Releases Packages Wiki Activity

Ran blacken-docs

Browse source
This commit is contained in:
Simon Willison 2025-10-23 15:53:49 -07:00
commit e71c083700
1 changed files with 15 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

25
docs/internals.rst
View file

@ -391,20 +391,25 @@ Example usage:
.. code-block:: python .. code-block:: python
from datasette.resources import TableResource, DatabaseResource from datasette.resources import (
TableResource,
DatabaseResource,
)
# Check if actor can view a specific table # Check if actor can view a specific table
can_view = await datasette.allowed( can_view = await datasette.allowed(
action="view-table", action="view-table",
resource=TableResource(database="fixtures", table="facetable"), resource=TableResource(
actor=request.actor database="fixtures", table="facetable"
),
actor=request.actor,
) )
# Check if actor can execute SQL on a database # Check if actor can execute SQL on a database
can_execute = await datasette.allowed( can_execute = await datasette.allowed(
action="execute-sql", action="execute-sql",
resource=DatabaseResource(database="fixtures"), resource=DatabaseResource(database="fixtures"),
actor=request.actor actor=request.actor,
) )
The method returns ``True`` if the permission is granted, ``False`` if denied. The method returns ``True`` if the permission is granted, ``False`` if denied.
@ -1059,10 +1064,11 @@ The ``PermissionSQL`` class is used by plugins to contribute SQL-based permissio
from datasette.permissions import PermissionSQL from datasette.permissions import PermissionSQL
@dataclass @dataclass
class PermissionSQL: class PermissionSQL:
source: str # Plugin name for auditing source: str # Plugin name for auditing
sql: str # SQL query returning permission rules sql: str # SQL query returning permission rules
params: Dict[str, Any] # Parameters for the SQL query params: Dict[str, Any] # Parameters for the SQL query
**Attributes:** **Attributes:**
@ -1115,6 +1121,7 @@ Here's an example plugin that grants view-table permissions to users with an "an
from datasette import hookimpl from datasette import hookimpl
from datasette.permissions import PermissionSQL from datasette.permissions import PermissionSQL
@hookimpl @hookimpl
def permission_resources_sql(datasette, actor, action): def permission_resources_sql(datasette, actor, action):
if action != "view-table": if action != "view-table":
@ -1130,7 +1137,7 @@ Here's an example plugin that grants view-table permissions to users with an "an
WHERE json_extract(:actor, '$.role') = 'analyst' WHERE json_extract(:actor, '$.role') = 'analyst'
AND :action = 'view-table' AND :action = 'view-table'
""", """,
params={} params={},
) )
A more complex example that uses custom parameters: A more complex example that uses custom parameters:
@ -1156,9 +1163,7 @@ A more complex example that uses custom parameters:
WHERE user_id = :user_id WHERE user_id = :user_id
AND :action IN ('view-table', 'insert-row', 'update-row') AND :action IN ('view-table', 'insert-row', 'update-row')
""", """,
params={ params={"user_id": actor.get("id")},
"user_id": actor.get("id")
}
) )
**Permission resolution rules:** **Permission resolution rules:**