Skip to content

Commit

Permalink
Fixes for permissions debug page, closes #2278
Browse files Browse the repository at this point in the history
  • Loading branch information
@simonw
simonw committed Feb 19, 2024
1 parent 27409a7 commit 2630073
Show file tree
Hide file tree
Showing 3 changed files with 22 additions and 13 deletions.
10 changes: 5 additions & 5 deletions datasette/templates/permissions_debug.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ <h1>Permission check testing tool</h1>
<p><label for="permission" style="display:block">Permission</label>
<select name="permission" id="permission">
{% for permission in permissions %}
<option value="{{ permission.0 }}">{{ permission.name }} (default {{ permission.default }})</option>
<option value="{{ permission.name }}">{{ permission.name }} (default {{ permission.default }})</option>
{% endfor %}
</select>
<p><label for="resource_1">Database name</label><input type="text" id="resource_1" name="resource_1"></p>
Expand All @@ -71,19 +71,19 @@ <h1>Permission check testing tool</h1>

<script>
var rawPerms = {{ permissions|tojson }};
var permissions = Object.fromEntries(rawPerms.map(([label, abbr, needs_resource_1, needs_resource_2, def]) => [label, {needs_resource_1, needs_resource_2, def}]))
var permissions = Object.fromEntries(rawPerms.map(p => [p.name, p]));
var permissionSelect = document.getElementById('permission');
var resource1 = document.getElementById('resource_1');
var resource2 = document.getElementById('resource_2');
function updateResourceVisibility() {
var permission = permissionSelect.value;
var {needs_resource_1, needs_resource_2} = permissions[permission];
if (needs_resource_1) {
var {takes_database, takes_resource} = permissions[permission];
if (takes_database) {
resource1.closest('p').style.display = 'block';
} else {
resource1.closest('p').style.display = 'none';
}
if (needs_resource_2) {
if (takes_resource) {
resource2.closest('p').style.display = 'block';
} else {
resource2.closest('p').style.display = 'none';
Expand Down
17 changes: 9 additions & 8 deletions datasette/views/special.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -125,14 +125,14 @@ async def get(self, request):
{
"permission_checks": list(reversed(self.ds._permission_checks)),
"permissions": [
(
p.name,
p.abbr,
p.description,
p.takes_database,
p.takes_resource,
p.default,
)
{
"name": p.name,
"abbr": p.abbr,
"description": p.description,
"takes_database": p.takes_database,
"takes_resource": p.takes_resource,
"default": p.default,
}
for p in self.ds.permissions.values()
],
},
Expand Down Expand Up @@ -164,6 +164,7 @@ async def post(self, request):
"permission": permission,
"resource": resource,
"result": result,
"default": self.ds.permissions[permission].default,
}
)

Expand Down
8 changes: 8 additions & 0 deletions tests/test_permissions.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -378,6 +378,13 @@ async def test_permissions_debug(ds_client):
cookie = ds_client.actor_cookie({"id": "root"})
response = await ds_client.get("/-/permissions", cookies={"ds_actor": cookie})
assert response.status_code == 200
# Should have a select box listing permissions
for fragment in (
'<select name="permission" id="permission">',
'<option value="view-instance">view-instance (default True)</option>',
'<option value="insert-row">insert-row (default False)</option>',
):
assert fragment in response.text
# Should show one failure and one success
soup = Soup(response.text, "html.parser")
check_divs = soup.findAll("div", {"class": "check"})
Expand Down Expand Up @@ -673,6 +680,7 @@ async def test_actor_restricted_permissions(
"permission": permission,
"resource": expected_resource,
"result": expected_result,
"default": perms_ds.permissions[permission].default,
}
assert response.json() == expected

Expand Down

0 comments on commit 2630073

Please sign in to comment.