# datasette-current-actor
[![PyPI](https://img.shields.io/pypi/v/datasette-current-actor.svg)](https://pypi.org/project/datasette-current-actor/)
[![Changelog](https://img.shields.io/github/v/release/cldellow/datasette-current-actor?include_prereleases&label=changelog)](https://github.com/cldellow/datasette-current-actor/releases)
[![Tests](https://github.com/cldellow/datasette-current-actor/workflows/Test/badge.svg)](https://github.com/cldellow/datasette-current-actor/actions?query=workflow%3ATest)
[![License](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](https://github.com/cldellow/datasette-current-actor/blob/main/LICENSE)
Adds a `current_actor()` function to SQLite that show's the current actor's ID.
## Installation
Install this plugin in the same environment as Datasette.
datasette install datasette-current-actor
## Usage
- `current_actor()` returns the current actor's ID, or `NULL` if no actor.
- `current_actor('attrs', 'name')` navigates the actor object, returning
the value of the `name` key stored in the `attrs` key, or `NULL` if any
of the intermediate values are absent.
- `current_actor_ip()` returns the current actor's IP address
- `current_actor_user_agent()` returns the current actor's HTTP user agent
### Default values, views and triggers
SQLite is _flexible_. It turns out you can refer to functions that don't exist
when issuing DDL statements. As long as they exist when they're needed, it all
works out.
#### Auditing
Track who added a row:
```sql
CREATE TABLE notes(
created_by text not null default (current_actor()),
created_by_ip text not null default (current_actor_ip()),
note text not null
);
```
Or create an UPDATE trigger on a table that sets the `last_edited_by` column to
`current_actor()`.
#### Row-level security
Restrict the rows that users see:
```sql
CREATE VIEW rls AS
SELECT * FROM sensitive_data WHERE owner = current_actor()
```
You can see a live example at https://dux.fly.dev/cooking/my_questions, which should show you 0 rows.
That instance permits "logging in" by passing a `_whoami` query parameter. If you visit https://dux.fly.dev/cooking/my_questions?_whoami=15, you'll see all of user 15's questions.
## Development
To set up this plugin locally, first checkout the code. Then create a new virtual environment:
cd datasette-current-actor
python3 -m venv venv
source venv/bin/activate
Now install the dependencies and test dependencies:
pip install -e '.[test]'
To run the tests:
pytest
Raw data
{
"_id": null,
"home_page": "https://github.com/cldellow/datasette-current-actor",
"name": "datasette-current-actor",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.7",
"maintainer_email": "",
"keywords": "",
"author": "Colin Dellow",
"author_email": "",
"download_url": "https://files.pythonhosted.org/packages/d7/24/e8fe96695060fc2fc6a3d0f8bc5f820932d80bba8c277072fa39efc69c02/datasette-current-actor-0.3.tar.gz",
"platform": null,
"description": "# datasette-current-actor\n\n[![PyPI](https://img.shields.io/pypi/v/datasette-current-actor.svg)](https://pypi.org/project/datasette-current-actor/)\n[![Changelog](https://img.shields.io/github/v/release/cldellow/datasette-current-actor?include_prereleases&label=changelog)](https://github.com/cldellow/datasette-current-actor/releases)\n[![Tests](https://github.com/cldellow/datasette-current-actor/workflows/Test/badge.svg)](https://github.com/cldellow/datasette-current-actor/actions?query=workflow%3ATest)\n[![License](https://img.shields.io/badge/license-Apache%202.0-blue.svg)](https://github.com/cldellow/datasette-current-actor/blob/main/LICENSE)\n\nAdds a `current_actor()` function to SQLite that show's the current actor's ID.\n\n## Installation\n\nInstall this plugin in the same environment as Datasette.\n\n datasette install datasette-current-actor\n\n## Usage\n\n- `current_actor()` returns the current actor's ID, or `NULL` if no actor.\n- `current_actor('attrs', 'name')` navigates the actor object, returning\n the value of the `name` key stored in the `attrs` key, or `NULL` if any\n of the intermediate values are absent.\n- `current_actor_ip()` returns the current actor's IP address\n- `current_actor_user_agent()` returns the current actor's HTTP user agent\n\n### Default values, views and triggers\n\nSQLite is _flexible_. It turns out you can refer to functions that don't exist\nwhen issuing DDL statements. As long as they exist when they're needed, it all\nworks out.\n\n#### Auditing\n\nTrack who added a row:\n\n```sql\nCREATE TABLE notes(\n created_by text not null default (current_actor()),\n created_by_ip text not null default (current_actor_ip()),\n note text not null\n);\n```\n\nOr create an UPDATE trigger on a table that sets the `last_edited_by` column to\n`current_actor()`.\n\n#### Row-level security\n\nRestrict the rows that users see:\n\n```sql\nCREATE VIEW rls AS\nSELECT * FROM sensitive_data WHERE owner = current_actor()\n```\n\nYou can see a live example at https://dux.fly.dev/cooking/my_questions, which should show you 0 rows.\n\nThat instance permits \"logging in\" by passing a `_whoami` query parameter. If you visit https://dux.fly.dev/cooking/my_questions?_whoami=15, you'll see all of user 15's questions.\n\n\n\n## Development\n\nTo set up this plugin locally, first checkout the code. Then create a new virtual environment:\n\n cd datasette-current-actor\n python3 -m venv venv\n source venv/bin/activate\n\nNow install the dependencies and test dependencies:\n\n pip install -e '.[test]'\n\nTo run the tests:\n\n pytest\n",
"bugtrack_url": null,
"license": "Apache License, Version 2.0",
"summary": "Adds a current_actor() function to SQLite that show's the current actor's ID.",
"version": "0.3",
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "82895d1b614aaa04cf31374d539726ba3df5fca2dffa9e09ca70eafa58424471",
"md5": "34fc6ed55624e1f6c31bf812cb46a1f8",
"sha256": "8b23f56ff674420ce97176a775b11a1ff52e33874d10713bd2768efda5adec9a"
},
"downloads": -1,
"filename": "datasette_current_actor-0.3-py3-none-any.whl",
"has_sig": false,
"md5_digest": "34fc6ed55624e1f6c31bf812cb46a1f8",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.7",
"size": 7968,
"upload_time": "2023-02-07T02:59:06",
"upload_time_iso_8601": "2023-02-07T02:59:06.573238Z",
"url": "https://files.pythonhosted.org/packages/82/89/5d1b614aaa04cf31374d539726ba3df5fca2dffa9e09ca70eafa58424471/datasette_current_actor-0.3-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "d724e8fe96695060fc2fc6a3d0f8bc5f820932d80bba8c277072fa39efc69c02",
"md5": "51c57494452811a15417c94a44be5676",
"sha256": "b8063c1b04079420ae35bb9fd04a6914b44a45d3305db6ec9497298d12efb5ad"
},
"downloads": -1,
"filename": "datasette-current-actor-0.3.tar.gz",
"has_sig": false,
"md5_digest": "51c57494452811a15417c94a44be5676",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.7",
"size": 7465,
"upload_time": "2023-02-07T02:59:08",
"upload_time_iso_8601": "2023-02-07T02:59:08.192173Z",
"url": "https://files.pythonhosted.org/packages/d7/24/e8fe96695060fc2fc6a3d0f8bc5f820932d80bba8c277072fa39efc69c02/datasette-current-actor-0.3.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2023-02-07 02:59:08",
"github": true,
"gitlab": false,
"bitbucket": false,
"github_user": "cldellow",
"github_project": "datasette-current-actor",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "datasette-current-actor"
}