PyPI - datasette-secrets - Versions diffs - 0.1a1__tar.gz → 0.1a2__tar.gz - Mend

datasette-secrets 0.1a1tar.gz → 0.1a2tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of datasette-secrets might be problematic. Click here for more details.

Files changed (16) hide show

{datasette_secrets-0.1a1 → datasette_secrets-0.1a2}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: datasette-secrets
-Version: 0.1a1
+Version: 0.1a2
 Summary: Manage secrets such as API keys for use with other Datasette plugins
 Author: Datasette
 License: Apache-2.0
@@ -105,6 +105,8 @@ datasette data.db --internal internal.db \
 users with the `manage-secrets` permission will see a new "Manage secrets" link in the Datasette navigation menu. This interface can also be accessed at `/-/secrets`.
+The page with the list of secrets will show the user who last updated each secret. This will use the [actors_from_ids()](https://docs.datasette.io/en/latest/plugin_hooks.html#actors-from-ids-datasette-actor-ids) mechanism, displaying the actor's `username` if available, otherwise the `name`, otherwise the `id`.
 ## For plugin authors
 Plugins can depend on this plugin if they want to implement secrets.
@@ -121,11 +123,24 @@ from datasette_secrets import Secret
 def register_secrets():
     return [
         Secret(
-            "OPENAI_API_KEY",
-            'An OpenAI API key. Get them from <a href="https://platform.openai.com/api-keys">here</a>.',
+            name="OPENAI_API_KEY",
+            description="An OpenAI API key"
+        ),
+    ]
+```
+You can also provide optional `obtain_url` and `obtain_label` fields to link to a page where a user can obtain an API key:
+```python
+@hookimpl
+def register_secrets():
+    return [
+        Secret(
+            name="OPENAI_API_KEY",
+            obtain_url="https://platform.openai.com/api-keys",
+            obtain_label="Get an OpenAI API key"
         ),
     ]
 ```
 The hook can take an optional `datasette` argument. It can return a list or an `async def` function that, when awaited, returns a list.
 The list should consist of `Secret()` instances, each with a name and an optional description. The description can contain HTML.

{datasette_secrets-0.1a1 → datasette_secrets-0.1a2}/README.md RENAMED Viewed

@@ -84,6 +84,8 @@ datasette data.db --internal internal.db \
 users with the `manage-secrets` permission will see a new "Manage secrets" link in the Datasette navigation menu. This interface can also be accessed at `/-/secrets`.
+The page with the list of secrets will show the user who last updated each secret. This will use the [actors_from_ids()](https://docs.datasette.io/en/latest/plugin_hooks.html#actors-from-ids-datasette-actor-ids) mechanism, displaying the actor's `username` if available, otherwise the `name`, otherwise the `id`.
 ## For plugin authors
 Plugins can depend on this plugin if they want to implement secrets.
@@ -100,11 +102,24 @@ from datasette_secrets import Secret
 def register_secrets():
     return [
         Secret(
-            "OPENAI_API_KEY",
-            'An OpenAI API key. Get them from <a href="https://platform.openai.com/api-keys">here</a>.',
+            name="OPENAI_API_KEY",
+            description="An OpenAI API key"
+        ),
+    ]
+```
+You can also provide optional `obtain_url` and `obtain_label` fields to link to a page where a user can obtain an API key:
+```python
+@hookimpl
+def register_secrets():
+    return [
+        Secret(
+            name="OPENAI_API_KEY",
+            obtain_url="https://platform.openai.com/api-keys",
+            obtain_label="Get an OpenAI API key"
         ),
     ]
 ```
 The hook can take an optional `datasette` argument. It can return a list or an `async def` function that, when awaited, returns a list.
 The list should consist of `Secret()` instances, each with a name and an optional description. The description can contain HTML.

{datasette_secrets-0.1a1 → datasette_secrets-0.1a2}/datasette_secrets/__init__.py RENAMED Viewed

@@ -55,7 +55,9 @@ async def get_secret(datasette, secret_name, actor_id=None):
 @dataclasses.dataclass
 class Secret:
     name: str
-    description_html: Optional[str] = None
+    description: Optional[str] = None
+    obtain_url: Optional[str] = None
+    obtain_label: Optional[str] = None
 SCHEMA = """
@@ -114,25 +116,20 @@ def register_permissions(datasette):
 async def get_secrets(datasette):
     secrets = []
+    seen = set()
     for result in pm.hook.register_secrets(datasette=datasette):
         result = await await_me_maybe(result)
-        secrets.extend(result)
+        for secret in result:
+            if secret.name in seen:
+                continue  # Skip duplicates
+            seen.add(secret.name)
+            secrets.append(secret)
     # if not secrets:
     secrets.append(Secret("EXAMPLE_SECRET", "An example secret"))
     return secrets
-@hookimpl
-def register_secrets():
-    return [
-        Secret(
-            "OPENAI_API_KEY",
-            'An OpenAI API key. Get them from <a href="https://platform.openai.com/api-keys">here</a>.',
-        ),
-    ]
 @hookimpl
 def register_commands(cli):
     @cli.group()
@@ -183,6 +180,16 @@ async def secrets_index(datasette, request):
         list(environment_secrets_names),
     )
     existing_secrets = {row["name"]: dict(row) for row in existing_secrets_result.rows}
+    # Try to turn updated_by into actors
+    actors = await datasette.actors_from_ids(
+        {row["updated_by"] for row in existing_secrets.values() if row["updated_by"]}
+    )
+    for secret in existing_secrets.values():
+        if secret["updated_by"]:
+            actor = actors.get(secret["updated_by"])
+            if actor:
+                display = actor.get("username") or actor.get("name") or actor.get("id")
+                secret["updated_by"] = display
     unset_secrets = [
         secret
         for secret in all_secrets

{datasette_secrets-0.1a1 → datasette_secrets-0.1a2}/datasette_secrets/templates/secrets_index.html RENAMED Viewed

@@ -25,7 +25,10 @@
 <ul>
   {% for secret in unset_secrets %}
     <li><strong><a href="{{ urls.path("/-/secrets/") }}{{ secret.name }}">{{ secret.name }}</a></strong>
-    {% if secret.description_html %} - {{ secret.description_html|safe }}{% endif %}</li>
+    {% if secret.description or secret.obtain_label %}
+      - {{ secret.description or "" }}{% if secret.description and secret.obtain_label %}, {% endif %}
+      {% if secret.obtain_label %}<a href="{{ secret.obtain_url }}">{{ secret.obtain_label }}</a>{% endif %}
+    {% endif %}</li>
   {% endfor %}
 </ul>
 {% endif %}
@@ -34,7 +37,7 @@
 <p style="margin-top: 2em">The following secret{% if environment_secrets|length == 1 %} is{% else %}s are{% endif %} set using environment variables:</p>
 <ul>
   {% for secret in environment_secrets %}
-    <li><strong>{{ secret.name }}</a></strong>- {{ secret.description_html|safe }}<br>
+    <li><strong>{{ secret.name }}</a></strong>{% if secret.description %} - {{ secret.description }}{% endif %}<br>
       <span style="font-size: 0.8 em">Set by <code>DATASETTE_SECRETS_{{ secret.name }}</code></span></li>
   {% endfor %}
 </ul>

{datasette_secrets-0.1a1 → datasette_secrets-0.1a2}/datasette_secrets/templates/secrets_update.html RENAMED Viewed

@@ -9,8 +9,10 @@
 {% block content %}
 <h1>{% if current_secret %}Update{% else %}Add{% endif %} secret: {{ secret_name }}</h1>
-{% if secret_details and secret_details.description_html %}
-  <p>{{ secret_details.description_html|safe }}</p>
+{% if secret_details.description or secret_details.obtain_label %}
+  <p>{{ secret_details.description or "" }}{% if secret_details.description and secret_details.obtain_label %}. {% endif %}
+  {% if secret_details.obtain_label %}<a href="{{ secret_details.obtain_url }}">{{ secret_details.obtain_label }}</a>{% endif %}
+  </p>
 {% endif %}
 {% if error %}

{datasette_secrets-0.1a1 → datasette_secrets-0.1a2}/datasette_secrets.egg-info/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: datasette-secrets
-Version: 0.1a1
+Version: 0.1a2
 Summary: Manage secrets such as API keys for use with other Datasette plugins
 Author: Datasette
 License: Apache-2.0
@@ -105,6 +105,8 @@ datasette data.db --internal internal.db \
 users with the `manage-secrets` permission will see a new "Manage secrets" link in the Datasette navigation menu. This interface can also be accessed at `/-/secrets`.
+The page with the list of secrets will show the user who last updated each secret. This will use the [actors_from_ids()](https://docs.datasette.io/en/latest/plugin_hooks.html#actors-from-ids-datasette-actor-ids) mechanism, displaying the actor's `username` if available, otherwise the `name`, otherwise the `id`.
 ## For plugin authors
 Plugins can depend on this plugin if they want to implement secrets.
@@ -121,11 +123,24 @@ from datasette_secrets import Secret
 def register_secrets():
     return [
         Secret(
-            "OPENAI_API_KEY",
-            'An OpenAI API key. Get them from <a href="https://platform.openai.com/api-keys">here</a>.',
+            name="OPENAI_API_KEY",
+            description="An OpenAI API key"
+        ),
+    ]
+```
+You can also provide optional `obtain_url` and `obtain_label` fields to link to a page where a user can obtain an API key:
+```python
+@hookimpl
+def register_secrets():
+    return [
+        Secret(
+            name="OPENAI_API_KEY",
+            obtain_url="https://platform.openai.com/api-keys",
+            obtain_label="Get an OpenAI API key"
         ),
     ]
 ```
 The hook can take an optional `datasette` argument. It can return a list or an `async def` function that, when awaited, returns a list.
 The list should consist of `Secret()` instances, each with a name and an optional description. The description can contain HTML.

{datasette_secrets-0.1a1 → datasette_secrets-0.1a2}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [project]
 name = "datasette-secrets"
-version = "0.1a1"
+version = "0.1a2"
 description = "Manage secrets such as API keys for use with other Datasette plugins"
 readme = "README.md"
 authors = [{name = "Datasette"}]

{datasette_secrets-0.1a1 → datasette_secrets-0.1a2}/tests/test_secrets.py RENAMED Viewed

@@ -1,8 +1,10 @@
 from click.testing import CliRunner
 from cryptography.fernet import Fernet
+from datasette import hookimpl
 from datasette.app import Datasette
 from datasette.cli import cli
-from datasette_secrets import get_secret
+from datasette.plugins import pm
+from datasette_secrets import get_secret, Secret
 import pytest
 from unittest.mock import ANY
@@ -21,6 +23,69 @@ def test_generate_command():
     assert key.decrypt(key.encrypt(message)) == message
+@pytest.fixture
+def use_actors_plugin():
+    class ActorPlugin:
+        __name__ = "ActorPlugin"
+        @hookimpl
+        def actors_from_ids(self, actor_ids):
+            return {
+                id: {
+                    "id": id,
+                    "username": id.upper(),
+                }
+                for id in actor_ids
+            }
+    pm.register(ActorPlugin(), name="ActorPlugin")
+    yield
+    pm.unregister(name="ActorPlugin")
+@pytest.fixture
+def register_multiple_secrets():
+    class SecretOnePlugin:
+        __name__ = "SecretOnePlugin"
+        @hookimpl
+        def register_secrets(self):
+            return [
+                Secret(
+                    name="OPENAI_API_KEY",
+                    obtain_url="https://platform.openai.com/api-keys",
+                    obtain_label="Get an OpenAI API key",
+                ),
+                Secret(
+                    name="ANTHROPIC_API_KEY", description="A key for Anthropic's API"
+                ),
+            ]
+    class SecretTwoPlugin:
+        __name__ = "SecretTwoPlugin"
+        @hookimpl
+        def register_secrets(self):
+            return [
+                Secret(
+                    name="OPENAI_API_KEY",
+                    description="Just a description but should be ignored",
+                ),
+                Secret(
+                    name="OPENCAGE_API_KEY",
+                    description="The OpenCage Geocoder",
+                    obtain_url="https://opencagedata.com/dashboard",
+                    obtain_label="Get an OpenCage API key",
+                ),
+            ]
+    pm.register(SecretTwoPlugin(), name="SecretTwoPlugin")
+    pm.register(SecretOnePlugin(), name="SecretOnePlugin")
+    yield
+    pm.unregister(name="SecretOnePlugin")
+    pm.unregister(name="SecretTwoPlugin")
 @pytest.fixture
 def ds():
     return Datasette(
@@ -65,7 +130,7 @@ async def test_permissions(ds, path, verb, data, user):
 @pytest.mark.asyncio
-async def test_set_secret(ds):
+async def test_set_secret(ds, use_actors_plugin):
     cookies = {"ds_actor": ds.client.actor_cookie({"id": "admin"})}
     get_response = await ds.client.get("/-/secrets/EXAMPLE_SECRET", cookies=cookies)
     csrftoken = get_response.cookies["ds_csrftoken"]
@@ -104,6 +169,13 @@ async def test_set_secret(ds):
     decrypted = key.decrypt(encrypted)
     assert decrypted == b"new-secret-value"
+    # Check that the listing is as expected, including showing the actor username
+    response = await ds.client.get("/-/secrets", cookies=cookies)
+    assert response.status_code == 200
+    assert "EXAMPLE_SECRET" in response.text
+    assert "new-note" in response.text
+    assert "<td>ADMIN</td>" in response.text
     # Now let's edit it
     post_response2 = await ds.client.post(
         "/-/secrets/EXAMPLE_SECRET",
@@ -187,3 +259,47 @@ async def test_get_secret(ds, monkeypatch):
     monkeypatch.setenv("DATASETTE_SECRETS_EXAMPLE_SECRET", "from env")
     assert await get_secret(ds, "EXAMPLE_SECRET") == "from env"
+    # And check that it's shown that way on the /-/secrets page
+    response = await ds.client.get("/-/secrets", cookies=cookies)
+    assert response.status_code == 200
+    expected_html = """
+    <li><strong>EXAMPLE_SECRET</a></strong> - An example secret<br>
+      <span style="font-size: 0.8 em">Set by <code>DATASETTE_SECRETS_EXAMPLE_SECRET</code></span></li>
+    """
+    assert remove_whitespace(expected_html) in remove_whitespace(response.text)
+@pytest.mark.asyncio
+async def test_secret_index_page(ds, register_multiple_secrets):
+    response = await ds.client.get(
+        "/-/secrets",
+        cookies={
+            "ds_actor": ds.client.actor_cookie({"id": "admin"}),
+        },
+    )
+    assert response.status_code == 200
+    expected_html = """
+    <p style="margin-top: 2em">The following secrets have not been set:</p>
+    <ul>
+        <li><strong><a href="/-/secrets/OPENAI_API_KEY">OPENAI_API_KEY</a></strong>
+        -
+        <a href="https://platform.openai.com/api-keys">Get an OpenAI API key</a>
+        </li>
+        <li><strong><a href="/-/secrets/ANTHROPIC_API_KEY">ANTHROPIC_API_KEY</a></strong>
+        - A key for Anthropic&#39;s API
+        </li>
+        <li><strong><a href="/-/secrets/OPENCAGE_API_KEY">OPENCAGE_API_KEY</a></strong>
+        - The OpenCage Geocoder,
+        <a href="https://opencagedata.com/dashboard">Get an OpenCage API key</a>
+        </li>
+        <li><strong><a href="/-/secrets/EXAMPLE_SECRET">EXAMPLE_SECRET</a></strong>
+        - An example secret
+        </li>
+    </ul>
+    """
+    assert remove_whitespace(expected_html) in remove_whitespace(response.text)
+def remove_whitespace(s):
+    return " ".join(s.split())