html_url,issue_url,id,node_id,user,created_at,updated_at,author_association,body,reactions,issue,performed_via_github_app
https://github.com/simonw/datasette/pull/1940#issuecomment-1345701316,https://api.github.com/repos/simonw/datasette/issues/1940,1345701316,IC_kwDOBm6k_c5QNcXE,9599,2022-12-12T00:10:59Z,2022-12-12T00:10:59Z,OWNER,"Here's my first test failure:
```
tests/test_permissions.py .......F
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> traceback >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
allow = {}, expected_anon = 403, expected_auth = 403, path = '/fixtures/compound_three_primary_keys'
padlock_client =
@pytest.mark.parametrize(
""allow,expected_anon,expected_auth"",
[
(None, 200, 200),
({}, 403, 403),
({""id"": ""root""}, 403, 200),
],
)
@pytest.mark.parametrize(
""path"",
(
""/"",
""/fixtures"",
""/fixtures/compound_three_primary_keys"",
""/fixtures/compound_three_primary_keys/a,a,a"",
""/fixtures/two"", # Query
),
)
def test_view_padlock(allow, expected_anon, expected_auth, path, padlock_client):
padlock_client.ds._metadata_local[""allow""] = allow
fragment = ""🔒""
anon_response = padlock_client.get(path)
> assert expected_anon == anon_response.status
E assert 403 == 200
E + where 200 = .status
/Users/simon/Dropbox/Development/datasette/tests/test_permissions.py:61: AssertionError
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> entering PDB >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> PDB post_mortem (IO-capturing turned off) >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> /Users/simon/Dropbox/Development/datasette/tests/test_permissions.py(61)test_view_padlock()
-> assert expected_anon == anon_response.status
(Pdb) anon_response
(Pdb) anon_response.status
200
(Pdb) path
'/fixtures/compound_three_primary_keys'
(Pdb) padlock_client.ds._metadata_
*** AttributeError: 'Datasette' object has no attribute '_metadata_'
(Pdb) padlock_client.ds._metadata_local
{'databases': {'fixtures': {'queries': {'two': {'sql': 'select 1 + 1', 'name': 'two'}, 'from_async_hook': {'sql': 'select 2', 'name': 'from_async_hook'}, 'from_hook': {'sql': ""select 1, 'null' as actor_id"", 'name': 'from_hook'}}, 'source': None, 'source_url': None, 'license': None, 'license_url': None, 'about': None, 'about_url': None}}, 'allow': {}}
(Pdb) allow
{}
```
It looks like I've broken the `allow` logic that notices that if there's an `""allow"": {}` on the root then anonymous users should not be allowed to view any pages.","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1486011362,