remote/datasette
1
0
Fork 0
mirror of https://github.com/simonw/datasette.git synced 2026-06-06 09:07:00 +02:00
Code Issues Projects Releases Packages Wiki Activity
datasette/datasette/templates
History
Simon Willison 7db754c284 Implement resource-based permission system with SQL-driven access control 
This introduces a new hierarchical permission system that uses SQL queries
for efficient permission checking across resources. The system replaces the
older permission_allowed() pattern with a more flexible resource-based
approach.

Core changes:

- New Resource ABC and Action dataclass in datasette/permissions.py
  * Resources represent hierarchical entities (instance, database, table)
  * Each resource type implements resources_sql() to list all instances
  * Actions define operations on resources with cascading rules

- New plugin hook: register_actions(datasette)
  * Plugins register actions with their associated resource types
  * Replaces register_permissions() and register_resource_types()
  * See docs/plugin_hooks.rst for full documentation

- Three new Datasette methods for permission checks:
  * allowed_resources(action, actor) - returns list[Resource]
  * allowed_resources_with_reasons(action, actor) - for debugging
  * allowed(action, resource, actor) - checks single resource
  * All use SQL for filtering, never Python iteration

- New /-/tables endpoint (TablesView)
  * Returns JSON list of tables user can view
  * Supports ?q= parameter for regex filtering
  * Format: {"matches": [{"name": "db/table", "url": "/db/table"}]}
  * Respects all permission rules from configuration and plugins

- SQL-based permission evaluation (datasette/utils/actions_sql.py)
  * Cascading rules: child-level → parent-level → global-level
  * DENY beats ALLOW at same specificity
  * Uses CTEs for efficient SQL-only filtering
  * Combines permission_resources_sql() hook results

- Default actions in datasette/default_actions.py
  * InstanceResource, DatabaseResource, TableResource, QueryResource
  * Core actions: view-instance, view-database, view-table, etc.

- Fixed default_permissions.py to handle database-level allow blocks
  * Now creates parent-level rules for view-table action
  * Fixes: datasette ... -s databases.fixtures.allow.id root

Documentation:

- Comprehensive register_actions() hook documentation
- Detailed resources_sql() method explanation
- /-/tables endpoint documentation in docs/introspection.rst
- Deprecated register_permissions() with migration guide

Tests:

- tests/test_actions_sql.py: 7 tests for core permission API
- tests/test_tables_endpoint.py: 13 tests for /-/tables endpoint
- All 118 documentation tests pass
- Tests verify SQL does filtering (not Python)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-10-20 16:00:36 -07:00
..
_action_menu.html Refactored action menus to a shared include, closes #2301 2024-03-12 16:35:34 -07:00
_close_open_menus.html details-menu class to avoid accidential details closure 2022-11-13 13:06:58 -08:00
_codemirror.html Remove min-height on CodeMirror, closes #1899 2022-11-17 23:21:00 -08:00
_codemirror_foot.html Use DOMContentLoaded instead of load event for CodeMirror initialization. Closes #1894 (#1898) 2022-11-17 23:29:00 -08:00
_crumbs.html Refactor breadcrumbs to respect permissions, refs #1831 2022-10-13 14:42:52 -07:00
_debug_common_functions.html Refactor debug templates to use shared JavaScript functions 2025-10-08 21:53:34 -07:00
_description_source_license.html ?_extra= support and TableView refactor to table_view 2023-03-22 15:49:39 -07:00
_facet_results.html Fix for datalist against foreign key facets 2022-11-17 17:23:35 -08:00
_footer.html Queries took rather than query took, closes #1572 2021-12-18 20:03:21 -08:00
_permission_ui_styles.html New allowed_resources_sql plugin hook and debug tools (#2505) 2025-10-08 14:27:51 -07:00
_suggested_facets.html ?_extra= support and TableView refactor to table_view 2023-03-22 15:49:39 -07:00
_table.html JavaScript Plugin API, providing custom panels and column menu items 2023-10-12 17:00:27 -07:00
allow_debug.html New .core CSS class for inputs and buttons 2024-09-03 08:37:26 -07:00
api_explorer.html New .core CSS class for inputs and buttons 2024-09-03 08:37:26 -07:00
base.html Implement resource-based permission system with SQL-driven access control 2025-10-20 16:00:36 -07:00
create_token.html New .core CSS class for inputs and buttons 2024-09-03 08:37:26 -07:00
csrf_error.html Missing template from previous commit, refs #2389 2024-08-14 21:32:57 -07:00
database.html Better breadcrumbs on database and table page, closes #2454 2025-01-09 10:07:03 -08:00
debug_allowed.html Refactor debug templates to use shared JavaScript functions 2025-10-08 21:53:34 -07:00
debug_check.html Refactor debug templates to use shared JavaScript functions 2025-10-08 21:53:34 -07:00
debug_rules.html Refactor debug templates to use shared JavaScript functions 2025-10-08 21:53:34 -07:00
error.html Refactor breadcrumbs to respect permissions, refs #1831 2022-10-13 14:42:52 -07:00
index.html Fix for spacing on index page, closes #2399 2024-08-20 09:36:02 -07:00
logout.html New .core CSS class for inputs and buttons 2024-09-03 08:37:26 -07:00
messages_debug.html New .core CSS class for inputs and buttons 2024-09-03 08:37:26 -07:00
patterns.html header.hd and footer.ft, refs #2420 2024-09-05 19:57:27 -07:00
permissions_debug.html /-/permissions?filter=exclude-yours/only-yours - closes #2460 2025-02-04 11:09:44 -08:00
query.html New .core CSS class for inputs and buttons 2024-09-03 08:37:26 -07:00
row.html Refactored action menus to a shared include, closes #2301 2024-03-12 16:35:34 -07:00
show_json.html Refactor breadcrumbs to respect permissions, refs #1831 2022-10-13 14:42:52 -07:00
table.html Better breadcrumbs on database and table page, closes #2454 2025-01-09 10:07:03 -08:00