sections: authentication:permissions-plugins
This data as json
| id | page | ref | title | content | breadcrumbs | references |
|---|---|---|---|---|---|---|
| authentication:permissions-plugins | authentication | permissions-plugins | Checking permissions in plugins | Datasette plugins can check if an actor has permission to perform an action using await .allowed(*, action, resource, actor=None) —for example: from datasette.resources import TableResource can_edit = await datasette.allowed( action="update-row", resource=TableResource(database="fixtures", table="facetable"), actor=request.actor, ) Use await .ensure_permission(action, resource=None, actor=None) when you need to enforce a permission and raise a Forbidden error automatically. Plugins that define new operations should return Action objects from register_actions(datasette) and can supply additional allow/deny rules by returning PermissionSQL objects from the permission_resources_sql(datasette, actor, action) hook. Those rules are merged with configuration allow blocks and actor restrictions to determine the final result for each check. | ["Authentication and permissions"] | [] |