id,page,ref,title,content,breadcrumbs,references plugin_hooks:plugin-hook-permission-resources-sql,plugin_hooks,plugin-hook-permission-resources-sql,"permission_resources_sql(datasette, actor, action)","datasette - Datasette class Access to the Datasette instance. actor - dictionary or None The current actor dictionary. None for anonymous requests. action - string The permission action being evaluated. Examples include ""view-table"" or ""insert-row"" . Return value A datasette.permissions.PermissionSQL object, None or an iterable of PermissionSQL objects. Datasette's action-based permission resolver calls this hook to gather SQL rows describing which resources an actor may access ( allow = 1 ) or should be denied ( allow = 0 ) for a specific action. Each SQL snippet should return parent , child , allow and reason columns. Parameter naming convention: Plugin parameters in PermissionSQL.params should use unique names to avoid conflicts with other plugins. The recommended convention is to prefix parameters with your plugin's source name (e.g., myplugin_user_id ). The system reserves these parameter names: :actor , :actor_id , :action , and :filter_parent . You can also use return PermissionSQL.allow(reason=""reason goes here"") or PermissionSQL.deny(reason=""reason goes here"") as shortcuts for simple root-level allow or deny rules. These will create SQL snippets that look like this: SELECT NULL AS parent, NULL AS child, 1 AS allow, 'reason goes here' AS reason Or 0 AS allow for denies.","[""Plugin hooks""]",[]