Skip to content

Extract out check_permissions() from `BaseView #1675

New issue
New issue
Closed
Closed
Extract out check_permissions() from `BaseView#1675
Labels
refactor
@simonw

Description

@simonw
simonw
opened on Mar 21, 2022

I'm going to refactor this stuff out and document it so it can be easily used by plugins:

datasette/datasette/views/base.py

Lines 69 to 103 in 4a4164b

async def check_permission(self, request, action, resource=None):
ok = await self.ds.permission_allowed(
request.actor,
action,
resource=resource,
default=True,
)
if not ok:
raise Forbidden(action)
async def check_permissions(self, request, permissions):
"""permissions is a list of (action, resource) tuples or 'action' strings"""
for permission in permissions:
if isinstance(permission, str):
action = permission
resource = None
elif isinstance(permission, (tuple, list)) and len(permission) == 2:
action, resource = permission
else:
assert (
False
), "permission should be string or tuple of two items: {}".format(
repr(permission)
)
ok = await self.ds.permission_allowed(
request.actor,
action,
resource=resource,
default=None,
)
if ok is not None:
if ok:
return
else:
raise Forbidden(action)

Originally posted by @simonw in #1660 (comment)

Metadata

Metadata

Assignees

No one assigned

    Labels

    refactor

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions