--default-deny returns 500 on index pages when no config file is present #2644
Description
Running datasette --default-deny --root without a datasette.yaml config file causes a 500 Internal Server Error on the instance index (/) and database index pages.
Steps to reproduce
In a fresh datasette install, with some test db, and without a config file.
datasette test.db --default-deny --root
Log in as root using the token link. Visit /.
Expected
403 Forbidden or the normal index page (root is authenticated).
Actual
Cause
Not sure about this cause, but generated by my model:
In datasette/utils/actions_sql.py, the anon_rules CTE is conditionally defined (only when anon_sqls_rewritten is non-empty) but unconditionally referenced by anon_child_lvl, anon_parent_lvl, and anon_global_lvl.
When there's no config file, default_action_permissions_sql(actor=None) returns None under --default-deny, all other hooks return empty for anonymous users, anon_sqls_rewritten stays empty, and the CTE is never created.
A config file with allow: blocks avoids this because it generates deny rules for anonymous users, populating anon_sqls_rewritten.
#2593 assumes that the anon rules is always populated.