sections: internals:datasette-allowed
This data as json
| id | page | ref | title | content | breadcrumbs | references |
|---|---|---|---|---|---|---|
| internals:datasette-allowed | internals | datasette-allowed | await .allowed(*, action, resource, actor=None) | action - string The name of the action that is being permission checked. resource - Resource object A Resource object representing the database, table, or other resource. Must be an instance of a Resource class such as TableResource , DatabaseResource , QueryResource , or InstanceResource . actor - dictionary, optional The authenticated actor. This is usually request.actor . Defaults to None for unauthenticated requests. This method checks if the given actor has permission to perform the given action on the given resource. All parameters must be passed as keyword arguments. Example usage: from datasette.resources import ( TableResource, DatabaseResource, ) # Check if actor can view a specific table can_view = await datasette.allowed( action="view-table", resource=TableResource( database="fixtures", table="facetable" ), actor=request.actor, ) # Check if actor can execute SQL on a database can_execute = await datasette.allowed( action="execute-sql", resource=DatabaseResource(database="fixtures"), actor=request.actor, ) The method returns True if the permission is granted, False if denied. | ["Internals for plugins", "Datasette class"] | [] |