search

datasette / datasette-debug-permissions

A Datasette plugin that outputs debug information about permission checks
Apache License 2.0
1 stars 0 forks source link

Include a short stacktrace #2

Closed simonw closed 1 year ago

simonw commented 1 year ago

So I can see what piece of code requested the permission check.

simonw commented 1 year ago

The three frames up to the one with the call to permission_allowed() look to be about right:

permission_allowed: action=view-instance, resource=<None>, actor=<None>

  File "/Users/simon/Dropbox/Development/datasette/datasette/views/base.py", line 184, in view
    return await self.dispatch_request(request)

  File "/Users/simon/Dropbox/Development/datasette/datasette/views/base.py", line 139, in dispatch_request
    response = await handler(request)

  File "/Users/simon/Dropbox/Development/datasette/datasette/views/index.py", line 142, in get
    "private": not await self.ds.permission_allowed(

permission_allowed: action=view-instance, resource=<None>, actor=<None>

  File "/Users/simon/.local/share/virtualenvs/datasette-AWNrQs95/lib/python3.10/site-packages/jinja2/runtime.py", line 766, in _async_invoke
    rv = await self._func(*arguments)  # type: ignore

  File "/Users/simon/Dropbox/Development/datasette/datasette/templates/_crumbs.html", line 34, in macro

  File "/Users/simon/.local/share/virtualenvs/datasette-AWNrQs95/lib/python3.10/site-packages/jinja2/async_utils.py", line 65, in auto_await
    return await t.cast("t.Awaitable[V]", value)

permission_allowed: action=debug-menu, resource=<None>, actor=<None>

  File "/Users/simon/Dropbox/Development/datasette/datasette/app.py", line 1195, in menu_links
    extra_links = await await_me_maybe(hook)

  File "/Users/simon/Dropbox/Development/datasette/datasette/utils/__init__.py", line 111, in await_me_maybe
    value = await value

  File "/Users/simon/Dropbox/Development/datasette/datasette/default_menu_links.py", line 7, in inner
    if not await datasette.permission_allowed(actor, "debug-menu"):
simonw commented 1 year ago

I can do better by stripping out the site-packages bit, if it's there.

simonw commented 1 year ago

Output now looks like this:

INFO:     Uvicorn running on http://127.0.0.1:8434 (Press CTRL+C to quit)
permission_allowed: action=view-instance, resource=<None>, actor=<None>

  File "/datasette/views/base.py", line 134, in view
    return await self.dispatch_request(request)

  File "/datasette/views/base.py", line 91, in dispatch_request
    return await handler(request)

  File "/datasette/views/index.py", line 23, in get
    await self.ds.ensure_permissions(request.actor, ["view-instance"])

permission_allowed: action=view-database, resource=_memory, actor=<None>

  File "/datasette/views/base.py", line 91, in dispatch_request
    return await handler(request)

  File "/datasette/views/index.py", line 26, in get
    database_visible, database_private = await self.ds.check_visibility(

  File "/datasette/app.py", line 760, in check_visibility
    await self.ensure_permissions(actor, permissions)

permission_allowed: action=view-database, resource=_memory, actor=<None>

  File "/datasette/views/base.py", line 91, in dispatch_request
    return await handler(request)

  File "/datasette/views/index.py", line 26, in get
    database_visible, database_private = await self.ds.check_visibility(

  File "/datasette/app.py", line 765, in check_visibility
    await self.ensure_permissions(None, permissions)

permission_allowed: action=view-database, resource=_internal, actor=<None>

  File "/datasette/views/base.py", line 91, in dispatch_request
    return await handler(request)

  File "/datasette/views/index.py", line 26, in get
    database_visible, database_private = await self.ds.check_visibility(

  File "/datasette/app.py", line 760, in check_visibility
    await self.ensure_permissions(actor, permissions)

permission_allowed: action=view-instance, resource=<None>, actor=<None>

  File "/datasette/views/base.py", line 134, in view
    return await self.dispatch_request(request)

  File "/datasette/views/base.py", line 91, in dispatch_request
    return await handler(request)

  File "/datasette/views/index.py", line 144, in get
    "private": not await self.ds.permission_allowed(

permission_allowed: action=view-instance, resource=<None>, actor=<None>

  File "/jinja2/runtime.py", line 766, in _async_invoke
    rv = await self._func(*arguments)  # type: ignore

  File "/datasette/templates/_crumbs.html", line 34, in macro

  File "/jinja2/async_utils.py", line 65, in auto_await
    return await t.cast("t.Awaitable[V]", value)

permission_allowed: action=debug-menu, resource=<None>, actor=<None>

  File "/datasette/app.py", line 1061, in menu_links
    extra_links = await await_me_maybe(hook)

  File "/datasette/utils/__init__.py", line 111, in await_me_maybe
    value = await value

  File "/datasette/default_menu_links.py", line 7, in inner
    if not await datasette.permission_allowed(actor, "debug-menu"):