Make selected Datasette databases and tables visible to the public

Navigation

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for simonw from gravatar.com simonw

Unverified details

These details have not been verified by PyPI
Meta
Classifiers
Report project as malware

Project description

datasette-public

PyPI Changelog Tests License

Make selected Datasette databases, tables and queries visible to the public

Installation

Install this plugin in the same environment as Datasette.

datasette install datasette-public

Usage

This plugin can only be used with Datasette 1.0a22+ and requires Datasette to be run with both --default-deny and a persistent internal database:

datasette --internal internal.db --default-deny data.db

The --default-deny flag is required because datasette-public is designed to work in an environment where everything is private by default, and specific databases, tables and queries are then made public by users with the datasette-public permission.

Users with the datasette-public permission will see action menu items on database, table and query pages that allow them to toggle visibility between public and private.

How visibility works

Databases: When a database is made public, all tables and views within it are automatically public. Users can also choose whether to allow public execution of arbitrary SQL queries against the database. Note that canned queries are NOT automatically public when a database is made public - they must be made public individually.

Tables: Individual tables can be made public while keeping the rest of their database private. In this case, users will not be able to use the ?_where= parameter on those tables (to prevent data exfiltration via crafted queries).

Queries: Named canned queries must always be made public individually, even if their parent database is public. This allows fine-grained control over which queries are exposed.

The action menu items only appear when they would be useful:

  • Database visibility toggle appears when the database is private (can be made public) or was made public via this plugin (can be made private)
  • Table visibility toggle only appears when the parent database is private
  • Query visibility toggle appears when the parent database is private OR was made public via this plugin (since queries require explicit public status)

The interfaces for managing visibility include an audit log showing the history of changes.

Internals

This plugin uses four tables in the internal database:

  • public_databases - stores the public status of databases and if execute SQL is enabled
  • public_tables - stores the public status of tables
  • public_queries - stores the public status of queries
  • public_audit_log - stores the history of changes to the public status of databases, tables and queries

Development

To set up this plugin locally, first checkout the code. Then run the tests using uv:

cd datasette-public
uv run pytest

In local development it's useful to run Datasette like this:

uv run datasette data.db \
  --internal internal.db \
  --default-deny \
  --root \
  --secret fixed \
  --reload

Project details

Verified details

These details have been verified by PyPI
Project links
GitHub Statistics
Maintainers
Avatar for simonw from gravatar.com simonw

Unverified details

These details have not been verified by PyPI
Meta
Classifiers

Release history Release notifications | RSS feed

0.4a1 pre-release

This version

0.4a0 pre-release

0.3a5 pre-release

0.3a4 pre-release

0.3a3 pre-release

0.3a2 pre-release

0.3a1 pre-release

0.3a0 pre-release

0.2.3

0.2.2

0.2.1

0.2

0.1

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

datasette_public-0.4a0.tar.gz (18.4 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

datasette_public-0.4a0-py3-none-any.whl (14.4 kB view details)

Uploaded Python 3

File details

Details for the file datasette_public-0.4a0.tar.gz.

File metadata

  • Download URL: datasette_public-0.4a0.tar.gz
  • Upload date:
  • Size: 18.4 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for datasette_public-0.4a0.tar.gz
Algorithm Hash digest
SHA256 75bf0704cb75a65c7f371ad0fbed4a1b94e67bc4757a474c6cec08feed94c46e
MD5 574d0a41789daa0f37bcbeb63ef70f02
BLAKE2b-256 12c500a9237700b39a9d53c99c5c0a16f0bf6d418e3cf88dc3248d8daeae1de9

See more details on using hashes here.

Provenance

The following attestation bundles were made for datasette_public-0.4a0.tar.gz:

Publisher: publish.yml on datasette/datasette-public

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file datasette_public-0.4a0-py3-none-any.whl.

File metadata

File hashes

Hashes for datasette_public-0.4a0-py3-none-any.whl
Algorithm Hash digest
SHA256 61c29c009cbafa256d195891d5581244710bf09fb665544bf39daae1c5e1bbf9
MD5 ad489ddfa283291cfb2fa14a8e535b3f
BLAKE2b-256 7b11c50e77f9d6e2b9ca0a5b86e0fc64c26b18dda908825267e0d4947daedf47

See more details on using hashes here.

Provenance

The following attestation bundles were made for datasette_public-0.4a0-py3-none-any.whl:

Publisher: publish.yml on datasette/datasette-public

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page