html_url,issue_url,id,node_id,user,created_at,updated_at,author_association,body,reactions,issue,performed_via_github_app
https://github.com/simonw/datasette/pull/1940#issuecomment-1345701316,https://api.github.com/repos/simonw/datasette/issues/1940,1345701316,IC_kwDOBm6k_c5QNcXE,9599,2022-12-12T00:10:59Z,2022-12-12T00:10:59Z,OWNER,"Here's my first test failure:
```
tests/test_permissions.py .......F
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> traceback >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

allow = {}, expected_anon = 403, expected_auth = 403, path = '/fixtures/compound_three_primary_keys'
padlock_client = <datasette.utils.testing.TestClient object at 0x107c09d20>

    @pytest.mark.parametrize(
        ""allow,expected_anon,expected_auth"",
        [
            (None, 200, 200),
            ({}, 403, 403),
            ({""id"": ""root""}, 403, 200),
        ],
    )
    @pytest.mark.parametrize(
        ""path"",
        (
            ""/"",
            ""/fixtures"",
            ""/fixtures/compound_three_primary_keys"",
            ""/fixtures/compound_three_primary_keys/a,a,a"",
            ""/fixtures/two"",  # Query
        ),
    )
    def test_view_padlock(allow, expected_anon, expected_auth, path, padlock_client):
        padlock_client.ds._metadata_local[""allow""] = allow
        fragment = ""🔒</h1>""
        anon_response = padlock_client.get(path)
>       assert expected_anon == anon_response.status
E       assert 403 == 200
E        +  where 200 = <datasette.utils.testing.TestResponse object at 0x107aea680>.status

/Users/simon/Dropbox/Development/datasette/tests/test_permissions.py:61: AssertionError
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> entering PDB >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>

>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> PDB post_mortem (IO-capturing turned off) >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
> /Users/simon/Dropbox/Development/datasette/tests/test_permissions.py(61)test_view_padlock()
-> assert expected_anon == anon_response.status
(Pdb) anon_response
<datasette.utils.testing.TestResponse object at 0x107aea680>
(Pdb) anon_response.status
200
(Pdb) path
'/fixtures/compound_three_primary_keys'
(Pdb) padlock_client.ds._metadata_
*** AttributeError: 'Datasette' object has no attribute '_metadata_'
(Pdb) padlock_client.ds._metadata_local
{'databases': {'fixtures': {'queries': {'two': {'sql': 'select 1 + 1', 'name': 'two'}, 'from_async_hook': {'sql': 'select 2', 'name': 'from_async_hook'}, 'from_hook': {'sql': ""select 1, 'null' as actor_id"", 'name': 'from_hook'}}, 'source': None, 'source_url': None, 'license': None, 'license_url': None, 'about': None, 'about_url': None}}, 'allow': {}}
(Pdb) allow
{}
```
It looks like I've broken the `allow` logic that notices that if there's an `""allow"": {}` on the root then anonymous users should not be allowed to view any pages.","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1486011362,