mirror of
https://github.com/simonw/datasette.git
synced 2025-12-10 16:51:24 +01:00
On /-/allowed show reason column if vsible to user
This commit is contained in:
Simon Willison
parent
ee62bf9bdc
commit
ee4fcff5c0
2 changed files with 38 additions and 11 deletions
|
|
@ -80,6 +80,7 @@ const resultsContent = document.getElementById('results-content');
|
||||||
const resultsCount = document.getElementById('results-count');
|
const resultsCount = document.getElementById('results-count');
|
||||||
const pagination = document.getElementById('pagination');
|
const pagination = document.getElementById('pagination');
|
||||||
const submitBtn = document.getElementById('submit-btn');
|
const submitBtn = document.getElementById('submit-btn');
|
||||||
|
const hasDebugPermission = {{ 'true' if has_debug_permission else 'false' }};
|
||||||
let currentData = null;
|
let currentData = null;
|
||||||
|
|
||||||
form.addEventListener('submit', async (ev) => {
|
form.addEventListener('submit', async (ev) => {
|
||||||
|
|
@ -164,7 +165,9 @@ function displayResults(data) {
|
||||||
html += '<th>Resource Path</th>';
|
html += '<th>Resource Path</th>';
|
||||||
html += '<th>Parent</th>';
|
html += '<th>Parent</th>';
|
||||||
html += '<th>Child</th>';
|
html += '<th>Child</th>';
|
||||||
html += '<th>Reason</th>';
|
if (hasDebugPermission) {
|
||||||
|
html += '<th>Reason</th>';
|
||||||
|
}
|
||||||
html += '</tr></thead>';
|
html += '</tr></thead>';
|
||||||
html += '<tbody>';
|
html += '<tbody>';
|
||||||
|
|
||||||
|
|
@ -173,7 +176,9 @@ function displayResults(data) {
|
||||||
html += `<td><span class="resource-path">${escapeHtml(item.resource || '/')}</span></td>`;
|
html += `<td><span class="resource-path">${escapeHtml(item.resource || '/')}</span></td>`;
|
||||||
html += `<td>${escapeHtml(item.parent || '—')}</td>`;
|
html += `<td>${escapeHtml(item.parent || '—')}</td>`;
|
||||||
html += `<td>${escapeHtml(item.child || '—')}</td>`;
|
html += `<td>${escapeHtml(item.child || '—')}</td>`;
|
||||||
html += `<td>${escapeHtml(item.reason || '—')}</td>`;
|
if (hasDebugPermission) {
|
||||||
|
html += `<td>${escapeHtml(item.reason || '—')}</td>`;
|
||||||
|
}
|
||||||
html += '</tr>';
|
html += '</tr>';
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -225,6 +225,7 @@ class AllowedResourcesView(BaseView):
|
||||||
request,
|
request,
|
||||||
{
|
{
|
||||||
"supported_actions": sorted_actions,
|
"supported_actions": sorted_actions,
|
||||||
|
"has_debug_permission": has_debug_permission,
|
||||||
},
|
},
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -262,12 +263,19 @@ class AllowedResourcesView(BaseView):
|
||||||
offset = (page - 1) * page_size
|
offset = (page - 1) * page_size
|
||||||
|
|
||||||
# Use the simplified allowed_resources method
|
# Use the simplified allowed_resources method
|
||||||
|
# If user has debug permission, use the with_reasons variant
|
||||||
try:
|
try:
|
||||||
allowed_resources = await self.ds.allowed_resources(
|
if has_debug_permission:
|
||||||
action=action,
|
allowed_resources = await self.ds.allowed_resources_with_reasons(
|
||||||
actor=actor,
|
action=action,
|
||||||
parent=parent_filter,
|
actor=actor,
|
||||||
)
|
)
|
||||||
|
else:
|
||||||
|
allowed_resources = await self.ds.allowed_resources(
|
||||||
|
action=action,
|
||||||
|
actor=actor,
|
||||||
|
parent=parent_filter,
|
||||||
|
)
|
||||||
except Exception:
|
except Exception:
|
||||||
# If catalog tables don't exist yet, return empty results
|
# If catalog tables don't exist yet, return empty results
|
||||||
headers = {}
|
headers = {}
|
||||||
|
|
@ -287,10 +295,24 @@ class AllowedResourcesView(BaseView):
|
||||||
|
|
||||||
# Convert to list of dicts with resource path
|
# Convert to list of dicts with resource path
|
||||||
allowed_rows = []
|
allowed_rows = []
|
||||||
for resource in allowed_resources:
|
for item in allowed_resources:
|
||||||
|
# Extract resource and reason depending on what we got back
|
||||||
|
if has_debug_permission:
|
||||||
|
# allowed_resources_with_reasons returns AllowedResource(resource, reason)
|
||||||
|
resource = item.resource
|
||||||
|
reason = item.reason
|
||||||
|
else:
|
||||||
|
# allowed_resources returns plain Resource objects
|
||||||
|
resource = item
|
||||||
|
reason = None
|
||||||
|
|
||||||
parent_val = resource.parent
|
parent_val = resource.parent
|
||||||
child_val = resource.child
|
child_val = resource.child
|
||||||
|
|
||||||
|
# Apply parent filter if needed (when using with_reasons, we need to filter manually)
|
||||||
|
if parent_filter is not None and parent_val != parent_filter:
|
||||||
|
continue
|
||||||
|
|
||||||
# Build resource path
|
# Build resource path
|
||||||
if parent_val is None:
|
if parent_val is None:
|
||||||
resource_path = "/"
|
resource_path = "/"
|
||||||
|
|
@ -305,9 +327,9 @@ class AllowedResourcesView(BaseView):
|
||||||
"resource": resource_path,
|
"resource": resource_path,
|
||||||
}
|
}
|
||||||
|
|
||||||
# Add debug fields if available
|
# Add reason if we have it
|
||||||
if has_debug_permission and hasattr(resource, "_reason"):
|
if reason is not None:
|
||||||
row["reason"] = resource._reason
|
row["reason"] = reason
|
||||||
|
|
||||||
allowed_rows.append(row)
|
allowed_rows.append(row)
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue