diff --git a/datasette/templates/table.html b/datasette/templates/table.html
index fa6766a89c..1289e12580 100644
--- a/datasette/templates/table.html
+++ b/datasette/templates/table.html
@@ -26,7 +26,7 @@
{% block content %}
-{{ metadata.title or table }}{% if is_view %} (view){% endif %}
+{{ metadata.title or table }}{% if is_view %} (view){% endif %}{% if private %} 🔒{% endif %}
{% block description_source_license %}{% include "_description_source_license.html" %}{% endblock %}
diff --git a/datasette/views/table.py b/datasette/views/table.py
index 935fed3dd7..cd95256861 100644
--- a/datasette/views/table.py
+++ b/datasette/views/table.py
@@ -271,6 +271,10 @@ async def data(
await self.check_permission(request, "view-database", "database", database)
await self.check_permission(request, "view-table", "table", (database, table))
+ private = not await self.ds.permission_allowed(
+ None, "view-table", "table", (database, table), default=True
+ )
+
pks = await db.primary_keys(table)
table_columns = await db.table_columns(table)
@@ -834,6 +838,7 @@ async def extra_template():
"suggested_facets": suggested_facets,
"next": next_value and str(next_value) or None,
"next_url": next_url,
+ "private": private,
},
extra_template,
(
diff --git a/tests/test_permissions.py b/tests/test_permissions.py
index d76d1e1578..733afd5fb5 100644
--- a/tests/test_permissions.py
+++ b/tests/test_permissions.py
@@ -90,11 +90,16 @@ def test_view_table(allow, expected_anon, expected_auth):
) as client:
anon_response = client.get("/fixtures/compound_three_primary_keys")
assert expected_anon == anon_response.status
+ if allow and anon_response.status == 200:
+ # Should be no padlock
+ assert ">compound_three_primary_keys 🔒" not in anon_response.text
auth_response = client.get(
"/fixtures/compound_three_primary_keys",
cookies={"ds_actor": client.ds.sign({"id": "root"}, "actor")},
)
assert expected_auth == auth_response.status
+ if allow and expected_anon == 403 and expected_auth == 200:
+ assert ">compound_three_primary_keys 🔒" in auth_response.text
def test_table_list_respects_view_table():