kopia lustrzana https://github.com/simonw/datasette
Fixes for permissions debug page, closes #2278
rodzic
27409a7892
commit
26300738e3
|
@ -57,7 +57,7 @@ textarea {
|
||||||
<p><label for="permission" style="display:block">Permission</label>
|
<p><label for="permission" style="display:block">Permission</label>
|
||||||
<select name="permission" id="permission">
|
<select name="permission" id="permission">
|
||||||
{% for permission in permissions %}
|
{% for permission in permissions %}
|
||||||
<option value="{{ permission.0 }}">{{ permission.name }} (default {{ permission.default }})</option>
|
<option value="{{ permission.name }}">{{ permission.name }} (default {{ permission.default }})</option>
|
||||||
{% endfor %}
|
{% endfor %}
|
||||||
</select>
|
</select>
|
||||||
<p><label for="resource_1">Database name</label><input type="text" id="resource_1" name="resource_1"></p>
|
<p><label for="resource_1">Database name</label><input type="text" id="resource_1" name="resource_1"></p>
|
||||||
|
@ -71,19 +71,19 @@ textarea {
|
||||||
|
|
||||||
<script>
|
<script>
|
||||||
var rawPerms = {{ permissions|tojson }};
|
var rawPerms = {{ permissions|tojson }};
|
||||||
var permissions = Object.fromEntries(rawPerms.map(([label, abbr, needs_resource_1, needs_resource_2, def]) => [label, {needs_resource_1, needs_resource_2, def}]))
|
var permissions = Object.fromEntries(rawPerms.map(p => [p.name, p]));
|
||||||
var permissionSelect = document.getElementById('permission');
|
var permissionSelect = document.getElementById('permission');
|
||||||
var resource1 = document.getElementById('resource_1');
|
var resource1 = document.getElementById('resource_1');
|
||||||
var resource2 = document.getElementById('resource_2');
|
var resource2 = document.getElementById('resource_2');
|
||||||
function updateResourceVisibility() {
|
function updateResourceVisibility() {
|
||||||
var permission = permissionSelect.value;
|
var permission = permissionSelect.value;
|
||||||
var {needs_resource_1, needs_resource_2} = permissions[permission];
|
var {takes_database, takes_resource} = permissions[permission];
|
||||||
if (needs_resource_1) {
|
if (takes_database) {
|
||||||
resource1.closest('p').style.display = 'block';
|
resource1.closest('p').style.display = 'block';
|
||||||
} else {
|
} else {
|
||||||
resource1.closest('p').style.display = 'none';
|
resource1.closest('p').style.display = 'none';
|
||||||
}
|
}
|
||||||
if (needs_resource_2) {
|
if (takes_resource) {
|
||||||
resource2.closest('p').style.display = 'block';
|
resource2.closest('p').style.display = 'block';
|
||||||
} else {
|
} else {
|
||||||
resource2.closest('p').style.display = 'none';
|
resource2.closest('p').style.display = 'none';
|
||||||
|
|
|
@ -125,14 +125,14 @@ class PermissionsDebugView(BaseView):
|
||||||
{
|
{
|
||||||
"permission_checks": list(reversed(self.ds._permission_checks)),
|
"permission_checks": list(reversed(self.ds._permission_checks)),
|
||||||
"permissions": [
|
"permissions": [
|
||||||
(
|
{
|
||||||
p.name,
|
"name": p.name,
|
||||||
p.abbr,
|
"abbr": p.abbr,
|
||||||
p.description,
|
"description": p.description,
|
||||||
p.takes_database,
|
"takes_database": p.takes_database,
|
||||||
p.takes_resource,
|
"takes_resource": p.takes_resource,
|
||||||
p.default,
|
"default": p.default,
|
||||||
)
|
}
|
||||||
for p in self.ds.permissions.values()
|
for p in self.ds.permissions.values()
|
||||||
],
|
],
|
||||||
},
|
},
|
||||||
|
@ -164,6 +164,7 @@ class PermissionsDebugView(BaseView):
|
||||||
"permission": permission,
|
"permission": permission,
|
||||||
"resource": resource,
|
"resource": resource,
|
||||||
"result": result,
|
"result": result,
|
||||||
|
"default": self.ds.permissions[permission].default,
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
@ -378,6 +378,13 @@ async def test_permissions_debug(ds_client):
|
||||||
cookie = ds_client.actor_cookie({"id": "root"})
|
cookie = ds_client.actor_cookie({"id": "root"})
|
||||||
response = await ds_client.get("/-/permissions", cookies={"ds_actor": cookie})
|
response = await ds_client.get("/-/permissions", cookies={"ds_actor": cookie})
|
||||||
assert response.status_code == 200
|
assert response.status_code == 200
|
||||||
|
# Should have a select box listing permissions
|
||||||
|
for fragment in (
|
||||||
|
'<select name="permission" id="permission">',
|
||||||
|
'<option value="view-instance">view-instance (default True)</option>',
|
||||||
|
'<option value="insert-row">insert-row (default False)</option>',
|
||||||
|
):
|
||||||
|
assert fragment in response.text
|
||||||
# Should show one failure and one success
|
# Should show one failure and one success
|
||||||
soup = Soup(response.text, "html.parser")
|
soup = Soup(response.text, "html.parser")
|
||||||
check_divs = soup.findAll("div", {"class": "check"})
|
check_divs = soup.findAll("div", {"class": "check"})
|
||||||
|
@ -673,6 +680,7 @@ async def test_actor_restricted_permissions(
|
||||||
"permission": permission,
|
"permission": permission,
|
||||||
"resource": expected_resource,
|
"resource": expected_resource,
|
||||||
"result": expected_result,
|
"result": expected_result,
|
||||||
|
"default": perms_ds.permissions[permission].default,
|
||||||
}
|
}
|
||||||
assert response.json() == expected
|
assert response.json() == expected
|
||||||
|
|
||||||
|
|
Ładowanie…
Reference in New Issue