Nicer display of token permissions, closes #9

datasette_auth_tokens/templates/tokens_index.html

@@ -29,7 +29,7 @@ <h1>API tokens</h1>
 <tr>
   <th>Token</th>
   <th>Actor</th>
-  <th>Status</th>
+  <th>Restrictions</th>
   <th>Created</th>
   <th>Last used</th>
   <th>Expires at</th>
@@ -39,7 +39,7 @@ <h1>API tokens</h1>
 <tr class="token-{{ token.token_status }}">
   <td><a href="tokens/{{ token.id }}">{{ token.id }}&nbsp;-&nbsp;{{ token.status }}</a>{% if token.description %}<br><span class="detail">{{ token.description }}</span>{% endif %}</td>
   <td>{{ token.actor_id }}</td>
-  <td>{{ token.status }}</td>
+  <td>{{ format_permissions(token.permissions) }}</td>
   <td>{{ timestamp(token.created_timestamp) }}<br><span class="detail">{{ ago_difference(token.created_timestamp) }}</span></td>
   <td>{{ timestamp(token.last_used_timestamp) }}<br><span class="detail">{{ ago_difference(token.last_used_timestamp) }}</span></td>
   <td>{% if token.expires_after_seconds %}{{ timestamp(token.created_timestamp + token.expires_after_seconds) }}<br><span class="detail">{{ ago_difference(token.created_timestamp + token.expires_after_seconds) }}{% endif %}</td>

datasette_auth_tokens/utils.py

@@ -42,3 +42,37 @@ def ago_difference(time1: int, time2: Optional[int] = None):
         return "In {}".format(combined)
     else:
         return "{} ago".format(combined)
+
+
+def format_permissions(datasette, permissions_dict):
+    if not permissions_dict:
+        return "All permissions"
+    abbreviations = {}
+    for permission in datasette.permissions.values():
+        if permission.abbr:
+            abbreviations[permission.abbr] = permission.name
+
+    output = []
+
+    # Format permissions for all databases
+    if "a" in permissions_dict:
+        output.append("All databases:")
+        for code in permissions_dict["a"]:
+            output.append(f"- {abbreviations.get(code, code)}")
+
+    # Format permissions for specific databases
+    if "d" in permissions_dict:
+        for db, codes in permissions_dict["d"].items():
+            output.append(f"Database: {db}")
+            for code in codes:
+                output.append(f"- {abbreviations.get(code, code)}")
+
+    # Format permissions for specific tables in specific databases
+    if "r" in permissions_dict:
+        for db, tables in permissions_dict["r"].items():
+            for table, codes in tables.items():
+                output.append(f"Table: {db}/{table}")
+                for code in codes:
+                    output.append(f"- {abbreviations.get(code, code)}")
+
+    return "\n".join(output)

datasette_auth_tokens/views.py

@@ -3,7 +3,7 @@
     tilde_encode,
     tilde_decode,
 )
-from .utils import ago_difference
+from .utils import ago_difference, format_permissions
 import datetime
 import json
 import time
@@ -207,6 +207,9 @@ async def tokens_index(datasette, request):
             token["token_status"], token["token_status"]
         )
 
+    def _format_permissions(json_string):
+        return format_permissions(datasette, json.loads(json_string))
+
     return Response.html(
         await datasette.render_template(
             "tokens_index.html",
@@ -216,6 +219,7 @@ async def tokens_index(datasette, request):
                 "is_first_page": not bool(request.args.get("next")),
                 "timestamp": _timestamp,
                 "ago_difference": ago_difference,
+                "format_permissions": _format_permissions,
             },
             request=request,
         )
@@ -275,7 +279,7 @@ async def fetch_row():
     restrictions = "None"
     permissions = json.loads(row["permissions"])
     if permissions:
-        restrictions = json.dumps(permissions, indent=2)
+        restrictions = format_permissions(datasette, permissions)
 
     return Response.html(
         await datasette.render_template(