github/datasette
1
0
Fork 0
mirror of https://github.com/simonw/datasette.git synced 2025-12-10 16:51:24 +01:00
Code Issues Projects Releases Packages Wiki Activity
datasette/datasette
History
Simon Willison f4245dce66 Eliminate duplicate config checking by removing old permission_allowed hooks 
- Removed permission_allowed_default() hook (checked config twice)
- Removed _resolve_config_view_permissions() and _resolve_config_permissions_blocks() helpers
- Added permission_allowed_sql_bridge() to bridge old permission_allowed() API to new SQL system
- Moved default_allow_sql setting check into permission_resources_sql()
- Made root-level allow blocks apply to all view-* actions (view-database, view-table, view-query)
- Added add_row_allow_block() helper for allow blocks that should deny when no match

This resolves the duplicate checking issue where config blocks were evaluated twice:
once in permission_allowed hooks and once in permission_resources_sql hooks.

Note: One test still failing (test_permissions_checked for database download) - needs investigation
2025-10-23 13:53:01 -07:00
..
publish Use service-specific image ID for Cloud Run deploys, refs #2036 2023-03-08 12:25:55 -08:00
static Ran prettier 2025-10-20 16:03:22 -07:00
templates Implement resource-based permission system with SQL-driven access control 2025-10-20 16:00:36 -07:00
utils Ensure :actor, :actor_id and :action are all available to permissions SQL, closes #2520 2025-10-23 09:48:55 -07:00
views Ensure :actor, :actor_id and :action are all available to permissions SQL, closes #2520 2025-10-23 09:48:55 -07:00
__init__.py track_event() mechanism for analytics and plugins 2024-01-31 15:21:40 -08:00
__main__.py Add support for running datasette as a module (#556) 2019-07-11 09:07:44 -07:00
actor_auth_cookie.py Remove python-baseconv dependency, refs #1733, closes #1734 2022-05-02 12:39:06 -07:00
app.py New --root mechanism with datasette.root_enabled, closes #2521 2025-10-23 12:40:50 -07:00
blob_renderer.py Rename route match groups for consistency, refs #1667, #1660 2022-03-19 09:52:08 -07:00
cli.py New --root mechanism with datasette.root_enabled, closes #2521 2025-10-23 12:40:50 -07:00
database.py Hide FTS tables that have content= 2025-04-16 21:44:09 -07:00
default_actions.py Moved Resource defaults to datasette/resources.py 2025-10-20 16:23:14 -07:00
default_magic_parameters.py Fix datetime.utcnow deprecation warning 2024-03-15 15:32:12 -07:00
default_menu_links.py Move Metadata to --internal database 2024-06-11 09:33:23 -07:00
default_permissions.py Eliminate duplicate config checking by removing old permission_allowed hooks 2025-10-23 13:53:01 -07:00
events.py alter table support for /db/-/create API, refs #2101 2024-02-08 13:36:17 -08:00
facets.py Fix huge performance bug in DateFacet, refs #2407 2024-08-21 14:38:11 -07:00
filters.py Removed units functionality and Pint dependency 2024-08-20 19:03:33 -07:00
forbidden.py Fixed a bunch of unused imports spotted with ruff 2024-02-06 17:27:20 -08:00
handle_exception.py debugger: load 'ipdb' if present 2024-08-20 20:02:35 -07:00
hookspecs.py PluginSQL renamed to PermissionSQL, closes #2524 2025-10-23 09:34:19 -07:00
inspect.py Modernize code to Python 3.6+ (#1158) 2020-12-23 09:04:32 -08:00
permissions.py PluginSQL renamed to PermissionSQL, closes #2524 2025-10-23 09:34:19 -07:00
plugins.py Implement resource-based permission system with SQL-driven access control 2025-10-20 16:00:36 -07:00
renderer.py Move Metadata to --internal database 2024-06-11 09:33:23 -07:00
resources.py Moved Resource defaults to datasette/resources.py 2025-10-20 16:23:14 -07:00
sql_functions.py _search= queries now correctly escaped, fixes #651 2019-12-29 18:48:30 +00:00
tracer.py Tracer now catches errors, closes #2405 2024-08-21 12:19:18 -07:00
url_builder.py count all rows button on table page, refs #2408 2024-08-21 19:09:25 -07:00
version.py Release 1.0a19 2025-04-21 22:38:53 -07:00