ENH: meta command - Add Permissions + fix version read on encrypted PDFs

[iamrishu11]

Fixes #19

Description

What’s new

• pdfly meta now shows a compact, single-line Permissions field in the PDF Data table.
• Unencrypted PDFs show n/a (unencrypted).
• Encrypted PDFs show a comma-separated list of the allowed permissions (e.g., print, modify, annotate, fill-forms).
  If none are allowed, it shows none (all denied).

Why

• Addresses the feature request to display document permissions and follows the maintainer’s suggestion to keep it on a single line.
  Fixes Feature request: display pdf permissions in pdfly meta output #19.

How

• Uses PdfReader.user_access_permissions from pypdf.
• New helper _format_permissions(...)
• Also fixes header reading for encrypted PDFs by seeking to position 0 before reading the %PDF-… version.

Tests

• Manual verification included (screenshots in this PR)

For an encrypted pdf

For a normal file

Notes

• Output order of permissions is alphabetical for stability.

Checklist:

• A unit test is covering the code added / modified by this PR

• In case of a new feature, docstrings have been added, with also some documentation in the docs/ folder

• A mention of the change is present in CHANGELOG.md

• This PR is ready to be merged

By submitting this pull request, I confirm that my contribution is made under the terms of the BSD 3-Clause license.

[Lucas-C]

This looks really great!

There are those items in the PR checklist that you need to add though:

• Unit tests for all 2 possible cases: unencrypted & encrypted
• A mention of the new feature added to CHANGELOG.md

[Lucas-C]

I'm not sure if this 2nd table visible in your screenshot is needed, given that the same information is visible in the 1st table:

[iamrishu11]

alr, removing the diff table and adding unittest and changelogs

[iamrishu11]

Quick sanity check on the test fixture paths

I’m planning to use the following in the tests:

from pathlib import Path

rel = Path("sample-files/002-trivial-libre-office-writer/002-trivial-libre-office-writer.pdf")
input_pdf = RESOURCES_ROOT / rel

Assuming RESOURCES_ROOT points to the repo root (as in tests/conftest.py), this resolves to:

/sample-files/002-trivial-libre-office-writer/002-trivial-libre-office-writer.pdf

…which is the expected location in the sample-files submodule. If RESOURCES_ROOT already points inside sample-files/, I’ll drop the leading sample-files/ from rel.

The test also pytest.skip(...)s if the file isn’t present, and the submodule can be initialized with:

git submodule update --init --recursive

Shout if you prefer me to reference it as:

rel = Path("002-trivial-libre-office-writer/002-trivial-libre-office-writer.pdf")
input_pdf = RESOURCES_ROOT / "sample-files" / rel

Either style works; just want to match the project’s convention.

[Lucas-C]

Quick sanity check on the test fixture paths
[...]
Either style works; just want to match the project’s convention.

Let's got for this:

SAMPLE_FILES = RESOURCES_ROOT / "sample-files"
input_pdf = SAMPLE_FILES / rel

[Lucas-C]

This should be known, given that we test a specific PDF file, right?

Maybe it would be better to have 2 distinct test cases/methods:

• one that checks that none (all denied) is displayed
• one that checks that the expected permissions are displayed

[iamrishu11]

so instead of running that test on only those two file i can run that on all the files in the sample-files/, would that be cool?

[Lucas-C]

That would be cool, yes.
However I tested your code, and the assert act_set == exp_set assertion is never evaluated.
Which means that we don't have any test covering this case...

With which PDF test file have you been able to test pdfly meta behaviour, where it displays a list of permissions?

[iamrishu11]

You're right, it seems like the test case isn't fully covered, and I don't have a PDF with the permissions metadata behavior to fully test it yet. I tried generating a sample PDF with permissions using PyPDF2, but I wasn't able to achieve the desired result. Honestly, I don't have a lot of experience with unittest and pytest yet, so I'm still getting familiar with some of the testing patterns. If you have any advice or pointers on how to create or detect PDFs with specific permissions metadata, it would be really helpful!

[Lucas-C]

sample-files/005-libreoffice-writer-password/libreoffice-writer-password.pdf has some permissions set:

$ qpdf --show-encryption sample-files/005-libreoffice-writer-password/libreoffice-writer-password.pdf --password=openpassword
R = 3
P = -1028
User password = openpassword
Supplied password is user password
extract for accessibility: allowed
extract for any purpose: allowed
print low resolution: allowed
print high resolution: allowed
modify document assembly: not allowed
modify forms: allowed
modify annotations: allowed
modify other: allowed
modify anything: not allowed

So there is probably an issue somewhere in the code...

[Lucas-C]

Maybe the password need to be provided to read the permissions, as with qpdf?

[Lucas-C]

I made a final feedback comment, but appart from that everything looks really good! 👍

I'll merge your PR once you have addressed that last point and the CI pipeline is passing.

[iamrishu11]

Hey lucas, can u check now?

[Lucas-C]

The unit tests are failing:

ERROR tests/test_metadata.py - ValueError: tests/test_metadata.py::test_meta_command_on_all_sample_pdfs: error raised while trying to determine id of parameter 'input_pdf' at position 0

[Lucas-C]

Hi @iamrishu11 🙂 👋
We are close to the end of the month, I was just curious to know if you were willing to finish this PR as part of Hacktoberfest?