diff --git a/datasette/default_permissions.py b/datasette/default_permissions.py
index a812f79f..e94014e7 100644
--- a/datasette/default_permissions.py
+++ b/datasette/default_permissions.py
@@ -191,7 +191,7 @@ def permission_allowed_actor_restrictions(actor, action, resource):
         if action_initials in all_allowed:
             return None
     # How about for the current database?
-    if action in ("view-database", "view-database-download", "execute-sql"):
+    if isinstance(resource, str):
         database_allowed = _r.get("d", {}).get(resource)
         if database_allowed is not None:
             assert isinstance(database_allowed, list)