github
html_url | issue_url | id | node_id | user | created_at | updated_at | author_association | body | reactions | issue | performed_via_github_app |
---|---|---|---|---|---|---|---|---|---|---|---|
https://github.com/simonw/datasette/issues/1829#issuecomment-1278302478 | https://api.github.com/repos/simonw/datasette/issues/1829 | 1278302478 | IC_kwDOBm6k_c5MMVkO | 9599 | 2022-10-14T00:06:19Z | 2022-10-14T00:06:19Z | OWNER | I'll finish this in a PR: - https://github.com/simonw/datasette/pull/1842 | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
1396948693 | |
https://github.com/simonw/datasette/issues/1829#issuecomment-1278300241 | https://api.github.com/repos/simonw/datasette/issues/1829 | 1278300241 | IC_kwDOBm6k_c5MMVBR | 9599 | 2022-10-14T00:03:52Z | 2022-10-14T00:04:28Z | OWNER | Here's what I've got so far: ```diff diff --git a/datasette/app.py b/datasette/app.py index 5fa4955c..df9eae49 100644 --- a/datasette/app.py +++ b/datasette/app.py @@ -1,5 +1,5 @@ import asyncio -from typing import Sequence, Union, Tuple +from typing import Sequence, Union, Tuple, Optional import asgi_csrf import collections import datetime @@ -707,7 +707,7 @@ class Datasette: Raises datasette.Forbidden() if any of the checks fail """ - assert actor is None or isinstance(actor, dict) + assert actor is None or isinstance(actor, dict), "actor must be None or a dict" for permission in permissions: if isinstance(permission, str): action = permission @@ -732,23 +732,34 @@ class Datasette: else: raise Forbidden(action) - async def check_visibility(self, actor, action, resource): + async def check_visibility( + self, + actor: dict, + action: Optional[str] = None, + resource: Optional[str] = None, + permissions: Optional[ + Sequence[Union[Tuple[str, Union[str, Tuple[str, str]]], str]] + ] = None, + ): """Returns (visible, private) - visible = can you see it, private = can others see it too""" - visible = await self.permission_allowed( - actor, - action, - resource=resource, - default=True, - ) - if not visible: + if permissions: + assert ( + not action and not resource + ), "Can't use action= or resource= with permissions=" + else: + permissions = [(action, resource)] + try: + await self.ensure_permissions(actor, permissions) + except Forbidden: return False, False - private = not await self.permission_allowed( - None, - action, - resource=resource, - default=True, -… | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
1396948693 |