{"html_url": "https://github.com/simonw/datasette/pull/1940#issuecomment-1347640542", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/1940", "id": 1347640542, "node_id": "IC_kwDOBm6k_c5QU1ze", "user": {"value": 9599, "label": "simonw"}, "created_at": "2022-12-13T02:02:10Z", "updated_at": "2022-12-13T02:02:10Z", "author_association": "OWNER", "body": "This PR ended up bundling part of the implementation of:\r\n- #1636\r\n\r\nI'm going to be bad an NOT untangle that from this before I merge it.", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 1486011362, "label": "register_permissions() plugin hook"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/pull/1940#issuecomment-1347632350", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/1940", "id": 1347632350, "node_id": "IC_kwDOBm6k_c5QUzze", "user": {"value": 22429695, "label": "codecov[bot]"}, "created_at": "2022-12-13T01:48:40Z", "updated_at": "2022-12-13T02:00:52Z", "author_association": "NONE", "body": "# [Codecov](https://codecov.io/gh/simonw/datasette/pull/1940?src=pr&el=h1&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison) Report\nBase: **92.00**% // Head: **92.03**% // Increases project coverage by **`+0.02%`** :tada:\n> Coverage data is based on head [(`a1317ab`)](https://codecov.io/gh/simonw/datasette/pull/1940?src=pr&el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison) compared to base [(`e539c1c`)](https://codecov.io/gh/simonw/datasette/commit/e539c1c024bc62d88df91d9107cbe37e7f0fe55f?el=desc&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison).\n> Patch coverage: 100.00% of modified lines in pull request are covered.\n\n> :exclamation: Current head a1317ab differs from pull request most recent head 94e5c75. Consider uploading reports for the commit 94e5c75 to get more accurate results\n\n<details><summary>Additional details and impacted files</summary>\n\n\n```diff\n@@            Coverage Diff             @@\n##             main    #1940      +/-   ##\n==========================================\n+ Coverage   92.00%   92.03%   +0.02%     \n==========================================\n  Files          38       38              \n  Lines        5378     5396      +18     \n==========================================\n+ Hits         4948     4966      +18     \n  Misses        430      430              \n```\n\n\n| [Impacted Files](https://codecov.io/gh/simonw/datasette/pull/1940?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison) | Coverage \u0394 | |\n|---|---|---|\n| [datasette/permissions.py](https://codecov.io/gh/simonw/datasette/pull/1940/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison#diff-ZGF0YXNldHRlL3Blcm1pc3Npb25zLnB5) | `100.00% <\u00f8> (\u00f8)` | |\n| [datasette/views/database.py](https://codecov.io/gh/simonw/datasette/pull/1940/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison#diff-ZGF0YXNldHRlL3ZpZXdzL2RhdGFiYXNlLnB5) | `96.26% <\u00f8> (\u00f8)` | |\n| [datasette/views/index.py](https://codecov.io/gh/simonw/datasette/pull/1940/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison#diff-ZGF0YXNldHRlL3ZpZXdzL2luZGV4LnB5) | `96.49% <\u00f8> (\u00f8)` | |\n| [datasette/views/special.py](https://codecov.io/gh/simonw/datasette/pull/1940/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison#diff-ZGF0YXNldHRlL3ZpZXdzL3NwZWNpYWwucHk=) | `79.20% <\u00f8> (-0.21%)` | :arrow_down: |\n| [datasette/views/table.py](https://codecov.io/gh/simonw/datasette/pull/1940/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison#diff-ZGF0YXNldHRlL3ZpZXdzL3RhYmxlLnB5) | `92.57% <\u00f8> (\u00f8)` | |\n| [datasette/\\_\\_init\\_\\_.py](https://codecov.io/gh/simonw/datasette/pull/1940/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison#diff-ZGF0YXNldHRlL19faW5pdF9fLnB5) | `100.00% <100.00%> (\u00f8)` | |\n| [datasette/app.py](https://codecov.io/gh/simonw/datasette/pull/1940/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison#diff-ZGF0YXNldHRlL2FwcC5weQ==) | `94.47% <100.00%> (+0.04%)` | :arrow_up: |\n| [datasette/default\\_permissions.py](https://codecov.io/gh/simonw/datasette/pull/1940/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison#diff-ZGF0YXNldHRlL2RlZmF1bHRfcGVybWlzc2lvbnMucHk=) | `95.20% <100.00%> (+0.39%)` | :arrow_up: |\n| [datasette/hookspecs.py](https://codecov.io/gh/simonw/datasette/pull/1940/diff?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison#diff-ZGF0YXNldHRlL2hvb2tzcGVjcy5weQ==) | `100.00% <100.00%> (\u00f8)` | |\n\nHelp us with your feedback. Take ten seconds to tell us [how you rate us](https://about.codecov.io/nps?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison). Have a feature suggestion? [Share it here.](https://app.codecov.io/gh/feedback/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison)\n\n</details>\n\n[:umbrella: View full report at Codecov](https://codecov.io/gh/simonw/datasette/pull/1940?src=pr&el=continue&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison).   \n:loudspeaker: Do you have feedback about the report comment? [Let us know in this issue](https://about.codecov.io/codecov-pr-comment-feedback/?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Simon+Willison).\n", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 1486011362, "label": "register_permissions() plugin hook"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/pull/1940#issuecomment-1347634128", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/1940", "id": 1347634128, "node_id": "IC_kwDOBm6k_c5QU0PQ", "user": {"value": 9599, "label": "simonw"}, "created_at": "2022-12-13T01:51:56Z", "updated_at": "2022-12-13T01:51:56Z", "author_association": "OWNER", "body": "Actually one last thing: I said that the error would only occur if the permissions differed in some way.", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 1486011362, "label": "register_permissions() plugin hook"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/pull/1940#issuecomment-1347620733", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/1940", "id": 1347620733, "node_id": "IC_kwDOBm6k_c5QUw99", "user": {"value": 9599, "label": "simonw"}, "created_at": "2022-12-13T01:33:06Z", "updated_at": "2022-12-13T01:33:06Z", "author_association": "OWNER", "body": "It's this change which triggers the failures:\r\n```diff\r\ndiff --git a/datasette/app.py b/datasette/app.py\r\nindex 760063d5..defa9688 100644\r\n--- a/datasette/app.py\r\n+++ b/datasette/app.py\r\n@@ -707,9 +707,12 @@ class Datasette:\r\n                 )\r\n         return crumbs\r\n \r\n-    async def permission_allowed(self, actor, action, resource=None, default=False):\r\n+    async def permission_allowed(self, actor, action, resource=None, default=None):\r\n         \"\"\"Check permissions using the permissions_allowed plugin hook\"\"\"\r\n         result = None\r\n+        # Use default from registered permission, if available\r\n+        if default is None and action in self.permissions:\r\n+            default = self.permissions[action].default\r\n         for check in pm.hook.permission_allowed(\r\n             datasette=self,\r\n             actor=actor,\r\n```", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 1486011362, "label": "register_permissions() plugin hook"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/pull/1940#issuecomment-1347616055", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/1940", "id": 1347616055, "node_id": "IC_kwDOBm6k_c5QUv03", "user": {"value": 9599, "label": "simonw"}, "created_at": "2022-12-13T01:27:03Z", "updated_at": "2022-12-13T01:27:03Z", "author_association": "OWNER", "body": "I'm going to revert that last commit, see if I can get the tests running again and then apply the changes a line at a time to figure out which ones broke things.", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 1486011362, "label": "register_permissions() plugin hook"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/pull/1940#issuecomment-1345701316", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/1940", "id": 1345701316, "node_id": "IC_kwDOBm6k_c5QNcXE", "user": {"value": 9599, "label": "simonw"}, "created_at": "2022-12-12T00:10:59Z", "updated_at": "2022-12-12T00:10:59Z", "author_association": "OWNER", "body": "Here's my first test failure:\r\n```\r\ntests/test_permissions.py .......F\r\n>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> traceback >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\r\n\r\nallow = {}, expected_anon = 403, expected_auth = 403, path = '/fixtures/compound_three_primary_keys'\r\npadlock_client = <datasette.utils.testing.TestClient object at 0x107c09d20>\r\n\r\n    @pytest.mark.parametrize(\r\n        \"allow,expected_anon,expected_auth\",\r\n        [\r\n            (None, 200, 200),\r\n            ({}, 403, 403),\r\n            ({\"id\": \"root\"}, 403, 200),\r\n        ],\r\n    )\r\n    @pytest.mark.parametrize(\r\n        \"path\",\r\n        (\r\n            \"/\",\r\n            \"/fixtures\",\r\n            \"/fixtures/compound_three_primary_keys\",\r\n            \"/fixtures/compound_three_primary_keys/a,a,a\",\r\n            \"/fixtures/two\",  # Query\r\n        ),\r\n    )\r\n    def test_view_padlock(allow, expected_anon, expected_auth, path, padlock_client):\r\n        padlock_client.ds._metadata_local[\"allow\"] = allow\r\n        fragment = \"\ud83d\udd12</h1>\"\r\n        anon_response = padlock_client.get(path)\r\n>       assert expected_anon == anon_response.status\r\nE       assert 403 == 200\r\nE        +  where 200 = <datasette.utils.testing.TestResponse object at 0x107aea680>.status\r\n\r\n/Users/simon/Dropbox/Development/datasette/tests/test_permissions.py:61: AssertionError\r\n>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> entering PDB >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\r\n\r\n>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> PDB post_mortem (IO-capturing turned off) >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>\r\n> /Users/simon/Dropbox/Development/datasette/tests/test_permissions.py(61)test_view_padlock()\r\n-> assert expected_anon == anon_response.status\r\n(Pdb) anon_response\r\n<datasette.utils.testing.TestResponse object at 0x107aea680>\r\n(Pdb) anon_response.status\r\n200\r\n(Pdb) path\r\n'/fixtures/compound_three_primary_keys'\r\n(Pdb) padlock_client.ds._metadata_\r\n*** AttributeError: 'Datasette' object has no attribute '_metadata_'\r\n(Pdb) padlock_client.ds._metadata_local\r\n{'databases': {'fixtures': {'queries': {'two': {'sql': 'select 1 + 1', 'name': 'two'}, 'from_async_hook': {'sql': 'select 2', 'name': 'from_async_hook'}, 'from_hook': {'sql': \"select 1, 'null' as actor_id\", 'name': 'from_hook'}}, 'source': None, 'source_url': None, 'license': None, 'license_url': None, 'about': None, 'about_url': None}}, 'allow': {}}\r\n(Pdb) allow\r\n{}\r\n```\r\nIt looks like I've broken the `allow` logic that notices that if there's an `\"allow\": {}` on the root then anonymous users should not be allowed to view any pages.", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 1486011362, "label": "register_permissions() plugin hook"}, "performed_via_github_app": null}