Remove test-only cascading logic implementation, fix params bug

mirror of https://github.com/simonw/datasette.git synced 2026-06-09 10:36:58 +02:00

Three changes:

1. Rewrite test_utils_permissions.py to exercise production code paths
   (allowed_resources / allowed) instead of the test-only
   resolve_permissions_from_catalog function. Tests now register plugins
   via ds.pm.register and call the real Datasette methods.

2. Remove resolve_permissions_from_catalog, resolve_permissions_with_candidates,
   and build_rules_union from datasette/utils/permissions.py. These were
   only used by tests and implemented the cascading logic a third time,
   independently of the two production implementations.

3. Fix bug in gather_permission_sql_from_hooks where empty params dicts
   ({}) would cause framework-injected params (:actor_id, :actor, :action)
   to be silently lost. The expression `params = permission_sql.params or {}`
   creates a new dict when params is {} (falsy), so setdefault writes to a
   throwaway dict. Fixed by explicitly checking `is None`.

https://claude.ai/code/session_013EkyroQKPhcjdMbpHc9g4X

This commit is contained in:

Claude

2026-02-06 02:10:36 +00:00

parent 1fa23f4a42

commit c9429466cd

No known key found for this signature in database

2 changed files with 543 additions and 870 deletions

1120

tests/test_utils_permissions.py

View file

File diff suppressed because it is too large Load diff

Rows
Columns

Remove test-only cascading logic implementation, fix params bug

1120 tests/test_utils_permissions.py View file

1120

tests/test_utils_permissions.py

View file