Fixes for permissions debug page, closes #2278

datasette/templates/permissions_debug.html

@@ -57,7 +57,7 @@ textarea {
         <p><label for="permission" style="display:block">Permission</label>
         <select name="permission" id="permission">
             {% for permission in permissions %}
-                <option value="{{ permission.0 }}">{{ permission.name }} (default {{ permission.default }})</option>
+                <option value="{{ permission.name }}">{{ permission.name }} (default {{ permission.default }})</option>
             {% endfor %}
         </select>
         <p><label for="resource_1">Database name</label><input type="text" id="resource_1" name="resource_1"></p>
@@ -71,19 +71,19 @@ textarea {
 
 <script>
 var rawPerms = {{ permissions|tojson }};
-var permissions = Object.fromEntries(rawPerms.map(([label, abbr, needs_resource_1, needs_resource_2, def]) => [label, {needs_resource_1, needs_resource_2, def}]))
+var permissions = Object.fromEntries(rawPerms.map(p => [p.name, p]));
 var permissionSelect = document.getElementById('permission');
 var resource1 = document.getElementById('resource_1');
 var resource2 = document.getElementById('resource_2');
 function updateResourceVisibility() {
     var permission = permissionSelect.value;
-    var {needs_resource_1, needs_resource_2} = permissions[permission];
-    if (needs_resource_1) {
+    var {takes_database, takes_resource} = permissions[permission];
+    if (takes_database) {
         resource1.closest('p').style.display = 'block';
     } else {
         resource1.closest('p').style.display = 'none';
     }
-    if (needs_resource_2) {
+    if (takes_resource) {
         resource2.closest('p').style.display = 'block';
     } else {
         resource2.closest('p').style.display = 'none';

datasette/views/special.py

@@ -125,14 +125,14 @@ class PermissionsDebugView(BaseView):
             {
                 "permission_checks": list(reversed(self.ds._permission_checks)),
                 "permissions": [
-                    (
-                        p.name,
-                        p.abbr,
-                        p.description,
-                        p.takes_database,
-                        p.takes_resource,
-                        p.default,
-                    )
+                    {
+                        "name": p.name,
+                        "abbr": p.abbr,
+                        "description": p.description,
+                        "takes_database": p.takes_database,
+                        "takes_resource": p.takes_resource,
+                        "default": p.default,
+                    }
                     for p in self.ds.permissions.values()
                 ],
             },
@@ -164,6 +164,7 @@ class PermissionsDebugView(BaseView):
                 "permission": permission,
                 "resource": resource,
                 "result": result,
+                "default": self.ds.permissions[permission].default,
             }
         )
 

tests/test_permissions.py

@@ -378,6 +378,13 @@ async def test_permissions_debug(ds_client):
     cookie = ds_client.actor_cookie({"id": "root"})
     response = await ds_client.get("/-/permissions", cookies={"ds_actor": cookie})
     assert response.status_code == 200
+    # Should have a select box listing permissions
+    for fragment in (
+        '<select name="permission" id="permission">',
+        '<option value="view-instance">view-instance (default True)</option>',
+            '<option value="insert-row">insert-row (default False)</option>',
+    ):
+        assert fragment in response.text
     # Should show one failure and one success
     soup = Soup(response.text, "html.parser")
     check_divs = soup.findAll("div", {"class": "check"})
@@ -673,6 +680,7 @@ async def test_actor_restricted_permissions(
         "permission": permission,
         "resource": expected_resource,
         "result": expected_result,
+        "default": perms_ds.permissions[permission].default,
     }
     assert response.json() == expected