No execute-write on immutable databases

Refs https://github.com/simonw/datasette/issues/2742#issuecomment-4536690161
2026-06-01 14:47:00 +02:00 · 2026-05-25 12:46:21 -07:00 · 2026-05-25 12:46:21 -07:00 · 4208ded249
commit 4208ded249
parent 1f7c26ffea
3 changed files with 55 additions and 0 deletions
--- a/datasette/default_database_actions.py
+++ b/datasette/default_database_actions.py
@ -5,6 +5,8 @@ from datasette.resources import DatabaseResource
@hookimpl
 def database_actions(datasette, actor, database, request):
    async def inner():
+        if not datasette.get_database(database).is_mutable:
+            return []
        if not await datasette.allowed(
            action="execute-write-sql",
            resource=DatabaseResource(database),
--- a/datasette/views/database.py
+++ b/datasette/views/database.py
@ -964,6 +964,13 @@ class ExecuteWriteView(BaseView):
            resource=DatabaseResource(db.name),
            actor=request.actor,
        )
+        if not db.is_mutable:
+            return _block_framing(
+                _error(
+                    ["Cannot execute write SQL because this database is immutable."],
+                    403,
+                )
+            )
        return await self._render_form(
            request,
            db,
--- a/tests/test_queries.py
+++ b/tests/test_queries.py
@ -858,6 +858,52 @@ async def test_database_action_menu_links_to_execute_write_for_permitted_actor()
    assert "Execute write SQL" in writer_response.text


+@pytest.mark.asyncio
+async def test_database_action_menu_hides_execute_write_for_immutable_database():
+    ds = Datasette(
+        memory=True,
+        default_deny=True,
+        config={
+            "databases": {
+                "data": {
+                    "permissions": {
+                        "view-database": {"id": "writer"},
+                        "execute-write-sql": {"id": "writer"},
+                    }
+                }
+            }
+        },
+    )
+    db = ds.add_memory_database("execute_write_menu_immutable", name="data")
+    db.is_mutable = False
+    await ds.invoke_startup()
+
+    response = await ds.client.get("/data", actor={"id": "writer"})
+
+    assert response.status_code == 200
+    assert "Execute write SQL" not in response.text
+    assert 'href="/data/-/execute-write"' not in response.text
+
+
+@pytest.mark.asyncio
+async def test_execute_write_get_rejects_immutable_database():
+    ds = Datasette(memory=True, default_deny=True)
+    ds.root_enabled = True
+    db = ds.add_memory_database("execute_write_get_immutable", name="data")
+    db.is_mutable = False
+    await ds.invoke_startup()
+
+    response = await ds.client.get(
+        "/data/-/execute-write?sql=insert+into+dogs+(name)+values+('Cleo')",
+        actor={"id": "root"},
+    )
+
+    assert response.status_code == 403
+    assert response.json()["errors"] == [
+        "Cannot execute write SQL because this database is immutable."
+    ]
+
+
@pytest.mark.asyncio
 async def test_execute_write_post_requires_database_and_table_permissions():
    ds = Datasette(