remote/datasette
1
0
Fork 0
mirror of https://github.com/simonw/datasette.git synced 2026-06-14 13:06:58 +02:00
Code Issues Projects Releases Packages Wiki Activity
datasette/docs
History
Simon Willison bb59c61c9f Request-scoped permission check cache 
Adds a per-request cache for permission check results, plus wiring that
resolves action permissions in bulk before plugin hooks need them:

- New _permission_check_cache contextvar, set to a fresh dict for each
  request by DatasetteRouter and reset when the request ends. Keys
  include the full serialized actor, so actors differing in any field
  (e.g. token restrictions) never share entries. SkipPermissions mode
  bypasses the cache entirely.
- datasette.allowed_many() now consults the cache and stores its
  results there, so repeated datasette.allowed() checks within one
  request resolve without further SQL.
- Table pages resolve all registered table-level actions against the
  current table and all database-level actions against its database
  (database pages likewise) in batched queries before invoking the
  table_actions/database_actions plugin hooks - allowed() calls made
  inside those hooks are then served from the cache with no plugin
  changes required. Actions with no permission rules from any plugin
  are resolved to False without touching the database.

Benchmarks (benchmarks/) with a simulated 12-plugin ecosystem making
18 checks per table page show 34 -> 13 internal-DB queries per page;
with 2ms-per-query internal DB latency (modelling Datasette Cloud)
table page time drops from 77.9ms to 27.6ms - the caching layer
accounts for ~91% of that improvement over allowed_many() alone.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
2026-06-12 13:11:17 -07:00
..
_static Add favicon to documentation (#1967) 2022-12-31 11:00:31 -08:00
_templates Drop jQuery dependency 2023-03-26 16:38:58 -07:00
.gitignore Added initial docs, including a changelog 2017-11-16 07:11:00 -08:00
authentication.rst Improved docs for user-facing SQL query pages 2026-05-28 15:46:27 -07:00
auto-build.sh Added --load-extension argument to datasette serve 2017-11-16 08:48:49 -08:00
binary_data.rst Use shot-scraper images from datasette-screenshots repo, closes #1844 2022-10-14 12:57:00 -07:00
changelog.rst Add release date for 1.0a33 2026-06-11 10:36:16 -07:00
cli-reference.rst datasette serve --default-deny option (#2593) 2025-11-12 16:14:21 -08:00
codespell-ignore-words.txt Move Metadata to --internal database 2024-06-11 09:33:23 -07:00
conf.py New :pr:ID shortcut for docs 2026-04-15 16:04:17 -07:00
configuration.rst Renamed canned queries to queries / stored queries in docs 2026-05-26 15:17:51 -07:00
contributing.rst Link to datasette.io preview tool 2026-04-15 17:19:43 -07:00
csv_export.rst Use shot-scraper images from datasette-screenshots repo, closes #1844 2022-10-14 12:57:00 -07:00
custom_templates.rst Rename canned queries to queries/stored queries in docs 2026-05-26 14:54:35 -07:00
datasette-0.51.png Release 0.51 2020-10-31 15:21:49 -07:00
datasette-logo.svg Added new logo to the documentation 2020-07-12 12:53:29 -07:00
deploying.rst Add test for RST heading underline lengths, closes #2544 2025-10-26 09:49:49 -07:00
ecosystem.rst Shrunk ecosystem docs in favour of datasette.io, closes #1182 2021-01-09 14:17:18 -08:00
events.md RenameTableEvent, plus write connection track_event() mechanism (#2682) 2026-03-30 11:20:46 -07:00
facets.rst Move table configuration docs from metadata.rst to configuration.rst (#2668) 2026-03-17 08:47:04 -07:00
full_text_search.rst Move table configuration docs from metadata.rst to configuration.rst (#2668) 2026-03-17 08:47:04 -07:00
getting_started.rst Replace Glitch with Codespaces, closes #2488 2025-05-28 19:17:22 -07:00
index.rst Removed broken refs to Glitch, closes #2503 2025-09-28 21:15:58 -07:00
installation.rst Python 3.14, drop Python 3.9 2025-10-08 13:11:32 -07:00
internals.rst Request-scoped permission check cache 2026-06-12 13:11:17 -07:00
introspection.rst Rename canned queries to queries/stored queries in docs 2026-05-26 14:54:35 -07:00
javascript_plugins.rst Replace jump_start() hook with JavaScript makeJumpSections() hook 2026-05-22 21:13:49 -07:00
json_api.rst Clearer examples and descriptions for JSON API extras (#2773) 2026-06-11 19:41:24 -07:00
json_api_doc.py Clearer examples and descriptions for JSON API extras (#2773) 2026-06-11 19:41:24 -07:00
Makefile Added documentation on the Datasette Ecosystem 2019-01-31 19:36:07 -08:00
metadata.rst Move table configuration docs from metadata.rst to configuration.rst (#2668) 2026-03-17 08:47:04 -07:00
metadata_doc.py Rename metadata tables and add schema to docs, refs #2382 2024-08-05 13:53:55 -07:00
pages.rst Improved docs for user-facing SQL query pages 2026-05-28 15:46:27 -07:00
performance.rst Release 0.63a1 2022-10-23 20:07:09 -07:00
plugin_hooks.rst Request-scoped permission check cache 2026-06-12 13:11:17 -07:00
plugins.rst Web UI to edit and delete stored queries (#2764) 2026-06-08 20:19:47 -07:00
publish.rst Remove all remaining "$ " prefixes from docs, closes #2140 2023-08-11 10:44:34 -07:00
settings.rst Fix permissions_execute_sql warnings in documentation 2025-11-01 11:52:23 -07:00
spatialite.rst Renamed canned queries to queries / stored queries in docs 2026-05-26 15:17:51 -07:00
sql_queries.rst Web UI to edit and delete stored queries (#2764) 2026-06-08 20:19:47 -07:00
testing_plugins.rst datasette.fixtures module, closes #2733 2026-05-21 23:05:37 -07:00
upgrade-1.0a20.md Renamed canned queries to queries / stored queries in docs 2026-05-26 15:17:51 -07:00
upgrade_guide.md Replace token-based CSRF with Sec-Fetch-Site header protection (#2689) 2026-04-14 17:11:36 -07:00
writing_plugins.rst New .core CSS class for inputs and buttons 2024-09-03 08:37:26 -07:00