Restructured the table listing logic in get_tables() to check permissions
via SQL first using the permission_resources_sql plugin hook, then only
fetch table counts for tables that will actually be displayed.
Previous implementation called table_counts() for all tables before checking
permissions, which defeated the purpose of the optimization - it still
required scanning every table just to list them.
Changes:
- Modified Database.table_counts() to accept optional 'tables' parameter
that allows selective counting while preserving caching for immutable DBs
- Rewrote get_tables() in database view to query catalog_tables for table
names first (cheap operation), use resolve_permissions_from_catalog to
check permissions in bulk, then only call table_counts() with the subset
of allowed tables
- Fixed bug in default_permissions.py where query_config could be a string
instead of dict, causing AttributeError
- Correctly handles table-level 'allow: True' blocks that should bypass
database-level restrictions when determining privacy status
All 177 permission tests passing.
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
Extracted common JavaScript utilities from debug_allowed.html, debug_check.html, and debug_rules.html into a new _debug_common_functions.html include template. This eliminates code duplication and improves maintainability.
The shared functions include:
- populateFormFromURL(): Populates form fields from URL query parameters
- updateURL(formId, page): Updates browser URL with form values
- escapeHtml(text): HTML escaping utility
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* allowed_resources_sql plugin hook and infrastructure
* New methods for checking permissions with the new system
* New /-/allowed and /-/check and /-/rules special endpoints
Still needs to be integrated more deeply into Datasette, especially for listing visible tables.
Refs: #2502
---------
Co-authored-by: Claude <noreply@anthropic.com>
* Tilde encode database for expanded foreign key links
* Test for foreign key fix in #2476
---------
Co-authored-by: Simon Willison <swillison@gmail.com>
* `asyncio_default_fixture_loop_scope = function`
* Fix a bunch of BeautifulSoup deprecation warnings
* Fix for PytestUnraisableExceptionWarning: Exception ignored in: <_io.FileIO [closed]>
* xfail for sql_time_limit tests (these can be flaky in CI)
Refs #2461
