datasette-secrets 0.1a3__tar.gz → 0.2__tar.gz

{datasette_secrets-0.1a3 → datasette_secrets-0.2}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: datasette-secrets
-Version: 0.1a3
+Version: 0.2
 Summary: Manage secrets such as API keys for use with other Datasette plugins
 Author: Datasette
 License: Apache-2.0
@@ -13,11 +13,12 @@ Classifier: License :: OSI Approved :: Apache Software License
 Requires-Python: >=3.8
 Description-Content-Type: text/markdown
 License-File: LICENSE
-Requires-Dist: datasette>=1.0a13
+Requires-Dist: datasette
 Requires-Dist: cryptography
 Provides-Extra: test
 Requires-Dist: pytest; extra == "test"
 Requires-Dist: pytest-asyncio; extra == "test"
+Requires-Dist: datasette-test>=0.3.2; extra == "test"
 
 # datasette-secrets
 

{datasette_secrets-0.1a3 → datasette_secrets-0.2}/datasette_secrets/__init__.py

@@ -1,7 +1,7 @@
 import click
 from cryptography.fernet import Fernet
 import dataclasses
-from datasette import hookimpl, Forbidden, Permission, Response
+from datasette import hookimpl, Forbidden, Response
 from datasette.plugins import pm
 from datasette.utils import await_me_maybe, sqlite3
 import os
@@ -23,6 +23,9 @@ async def get_secret(datasette, secret_name, actor_id=None):
         return os.environ[env_var]
     # Now look it up in the database
     config = get_config(datasette)
+    if config is None:
+        return None
+    encryption_key = config["encryption_key"]
     db = get_database(datasette)
     try:
         db_secret = (
@@ -35,7 +38,7 @@ async def get_secret(datasette, secret_name, actor_id=None):
         return None
     if not db_secret:
         return None
-    key = Fernet(config["encryption_key"].encode("utf-8"))
+    key = Fernet(encryption_key.encode("utf-8"))
     decrypted = key.decrypt(db_secret["encrypted"])
     # Update the last used timestamp and actor_id
     params = (actor_id, db_secret["id"])
@@ -86,7 +89,7 @@ create table if not exists datasette_secrets (
 def get_database(datasette):
     plugin_config = datasette.plugin_config("datasette-secrets") or {}
     database = plugin_config.get("database") or "_internal"
-    if database == "_internal":
+    if database == "_internal" and hasattr(datasette, "get_internal_database"):
         return datasette.get_internal_database()
     return datasette.get_database(database)
 
@@ -105,6 +108,8 @@ def get_config(datasette):
 
 @hookimpl
 def register_permissions(datasette):
+    from datasette import Permission
+
     return [
         Permission(
             name="manage-secrets",
@@ -184,15 +189,22 @@ async def secrets_index(datasette, request):
     )
     existing_secrets = {row["name"]: dict(row) for row in existing_secrets_result.rows}
     # Try to turn updated_by into actors
-    actors = await datasette.actors_from_ids(
-        {row["updated_by"] for row in existing_secrets.values() if row["updated_by"]}
-    )
-    for secret in existing_secrets.values():
-        if secret["updated_by"]:
-            actor = actors.get(secret["updated_by"])
-            if actor:
-                display = actor.get("username") or actor.get("name") or actor.get("id")
-                secret["updated_by"] = display
+    if hasattr(datasette, "actors_from_ids"):
+        actors = await datasette.actors_from_ids(
+            {
+                row["updated_by"]
+                for row in existing_secrets.values()
+                if row["updated_by"]
+            }
+        )
+        for secret in existing_secrets.values():
+            if secret["updated_by"]:
+                actor = actors.get(secret["updated_by"])
+                if actor:
+                    display = (
+                        actor.get("username") or actor.get("name") or actor.get("id")
+                    )
+                    secret["updated_by"] = display
     unset_secrets = [
         secret
         for secret in all_secrets

{datasette_secrets-0.1a3 → datasette_secrets-0.2}/datasette_secrets.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: datasette-secrets
-Version: 0.1a3
+Version: 0.2
 Summary: Manage secrets such as API keys for use with other Datasette plugins
 Author: Datasette
 License: Apache-2.0
@@ -13,11 +13,12 @@ Classifier: License :: OSI Approved :: Apache Software License
 Requires-Python: >=3.8
 Description-Content-Type: text/markdown
 License-File: LICENSE
-Requires-Dist: datasette>=1.0a13
+Requires-Dist: datasette
 Requires-Dist: cryptography
 Provides-Extra: test
 Requires-Dist: pytest; extra == "test"
 Requires-Dist: pytest-asyncio; extra == "test"
+Requires-Dist: datasette-test>=0.3.2; extra == "test"
 
 # datasette-secrets
 

{datasette_secrets-0.1a3 → datasette_secrets-0.2}/datasette_secrets.egg-info/requires.txt

@@ -1,6 +1,7 @@
-datasette>=1.0a13
+datasette
 cryptography
 
 [test]
 pytest
 pytest-asyncio
+datasette-test>=0.3.2

{datasette_secrets-0.1a3 → datasette_secrets-0.2}/pyproject.toml

@@ -1,6 +1,6 @@
 [project]
 name = "datasette-secrets"
-version = "0.1a3"
+version = "0.2"
 description = "Manage secrets such as API keys for use with other Datasette plugins"
 readme = "README.md"
 authors = [{name = "Datasette"}]
@@ -11,7 +11,7 @@ classifiers=[
 ]
 requires-python = ">=3.8"
 dependencies = [
-    "datasette>=1.0a13",
+    "datasette",
     "cryptography"
 ]
 
@@ -25,7 +25,7 @@ CI = "https://github.com/datasette/datasette-secrets/actions"
 secrets = "datasette_secrets"
 
 [project.optional-dependencies]
-test = ["pytest", "pytest-asyncio"]
+test = ["pytest", "pytest-asyncio", "datasette-test>=0.3.2"]
 
 [tool.pytest.ini_options]
 asyncio_mode = "strict"

{datasette_secrets-0.1a3 → datasette_secrets-0.2}/tests/test_secrets.py

@@ -1,16 +1,23 @@
 from click.testing import CliRunner
 from cryptography.fernet import Fernet
 from datasette import hookimpl
-from datasette.app import Datasette
 from datasette.cli import cli
 from datasette.plugins import pm
-from datasette_secrets import get_secret, Secret, startup
+from datasette_test import Datasette, actor_cookie
+from datasette_secrets import get_secret, Secret, startup, get_config
 import pytest
 from unittest.mock import ANY
 
 TEST_ENCRYPTION_KEY = "-LujHtwFWGaBpznrV1zduoZBmCnMOW7J0H5hmeXgAVo="
 
 
+def get_internal_database(ds):
+    if hasattr(ds, "get_internal_database"):
+        return ds.get_internal_database()
+    else:
+        return ds.get_database("_internal")
+
+
 def test_generate_command():
     runner = CliRunner()
     result = runner.invoke(cli, ["secrets", "generate-encryption-key"])
@@ -89,15 +96,13 @@ def register_multiple_secrets():
 @pytest.fixture
 def ds():
     return Datasette(
-        config={
-            "plugins": {
-                "datasette-secrets": {
-                    "database": "_internal",
-                    "encryption-key": TEST_ENCRYPTION_KEY,
-                }
-            },
-            "permissions": {"manage-secrets": {"id": "admin"}},
-        }
+        plugin_config={
+            "datasette-secrets": {
+                "database": "_internal",
+                "encryption-key": TEST_ENCRYPTION_KEY,
+            }
+        },
+        permissions={"manage-secrets": {"id": "admin"}},
     )
 
 
@@ -115,7 +120,7 @@ async def test_permissions(ds, path, verb, data, user):
     kwargs = {}
     if user:
         kwargs["cookies"] = {
-            "ds_actor": ds.client.actor_cookie({"id": user}),
+            "ds_actor": actor_cookie(ds, {"id": user}),
         }
     if data:
         kwargs["data"] = data
@@ -131,7 +136,7 @@ async def test_permissions(ds, path, verb, data, user):
 
 @pytest.mark.asyncio
 async def test_set_secret(ds, use_actors_plugin):
-    cookies = {"ds_actor": ds.client.actor_cookie({"id": "admin"})}
+    cookies = {"ds_actor": actor_cookie(ds, {"id": "admin"})}
     get_response = await ds.client.get("/-/secrets/EXAMPLE_SECRET", cookies=cookies)
     csrftoken = get_response.cookies["ds_csrftoken"]
     cookies["ds_csrftoken"] = csrftoken
@@ -142,7 +147,7 @@ async def test_set_secret(ds, use_actors_plugin):
     )
     assert post_response.status_code == 302
     assert post_response.headers["Location"] == "/-/secrets"
-    internal_db = ds.get_internal_database()
+    internal_db = get_internal_database(ds)
     secrets = await internal_db.execute("select * from datasette_secrets")
     rows = [dict(r) for r in secrets.rows]
     assert rows == [
@@ -174,7 +179,12 @@ async def test_set_secret(ds, use_actors_plugin):
     assert response.status_code == 200
     assert "EXAMPLE_SECRET" in response.text
     assert "new-note" in response.text
-    assert "<td>ADMIN</td>" in response.text
+
+    if hasattr(ds, "actors_from_ids"):
+        assert "<td>ADMIN</td>" in response.text
+    else:
+        # Pre 1.0, so can't use that mechanism
+        assert "<td>admin</td>" in response.text
 
     # Now let's edit it
     post_response2 = await ds.client.post(
@@ -213,11 +223,11 @@ async def test_set_secret(ds, use_actors_plugin):
 @pytest.mark.asyncio
 async def test_get_secret(ds, monkeypatch):
     # First set it manually
-    cookies = {"ds_actor": ds.client.actor_cookie({"id": "admin"})}
+    cookies = {"ds_actor": actor_cookie(ds, {"id": "admin"})}
     get_response = await ds.client.get("/-/secrets/EXAMPLE_SECRET", cookies=cookies)
     csrftoken = get_response.cookies["ds_csrftoken"]
     cookies["ds_csrftoken"] = csrftoken
-    db = ds.get_internal_database()
+    db = get_internal_database(ds)
     # Reset state
     await db.execute_write(
         "update datasette_secrets set last_used_at = null, last_used_by = null"
@@ -275,12 +285,20 @@ async def test_get_secret(ds, monkeypatch):
     assert await get_secret(ds, "EXAMPLE_SECRET") is None
 
 
+@pytest.mark.asyncio
+async def test_if_not_configured(register_multiple_secrets):
+    ds = Datasette()
+    config = get_config(ds)
+    assert config is None
+    assert await get_secret(ds, "OPENAI_API_KEY") is None
+
+
 @pytest.mark.asyncio
 async def test_secret_index_page(ds, register_multiple_secrets):
     response = await ds.client.get(
         "/-/secrets",
         cookies={
-            "ds_actor": ds.client.actor_cookie({"id": "admin"}),
+            "ds_actor": actor_cookie(ds, {"id": "admin"}),
         },
     )
     assert response.status_code == 200