{"id": 637365801, "node_id": "MDU6SXNzdWU2MzczNjU4MDE=", "number": 836, "title": "actor_matches_allow fails to consider all keys", "user": {"value": 9599, "label": "simonw"}, "state": "closed", "locked": 0, "assignee": null, "milestone": {"value": 5512395, "label": "Datasette 0.44"}, "comments": 0, "created_at": "2020-06-11T22:46:34Z", "updated_at": "2020-06-11T22:47:25Z", "closed_at": "2020-06-11T22:47:25Z", "author_association": "OWNER", "pull_request": null, "body": "actor: `{\"id\": \"root\"}`\r\n\r\nallow block: `{\"bot_id\": \"my-bot\", \"id\": [\"root\"]}`\r\n\r\nThis should pass, because the `id` matches - but it fails.", "repo": {"value": 107914493, "label": "datasette"}, "type": "issue", "active_lock_reason": null, "performed_via_github_app": null, "reactions": "{\"url\": \"https://api.github.com/repos/simonw/datasette/issues/836/reactions\", \"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "draft": null, "state_reason": "completed"}
{"id": 637253789, "node_id": "MDU6SXNzdWU2MzcyNTM3ODk=", "number": 833, "title": "/-/metadata and so on should respect view-instance permission", "user": {"value": 9599, "label": "simonw"}, "state": "closed", "locked": 0, "assignee": null, "milestone": {"value": 5512395, "label": "Datasette 0.44"}, "comments": 4, "created_at": "2020-06-11T19:07:21Z", "updated_at": "2020-06-11T22:15:32Z", "closed_at": "2020-06-11T22:14:59Z", "author_association": "OWNER", "pull_request": null, "body": "The only URLs that should be available without authentication at all times are the `/-/static/` prefix, to allow for HTTP caching.", "repo": {"value": 107914493, "label": "datasette"}, "type": "issue", "active_lock_reason": null, "performed_via_github_app": null, "reactions": "{\"url\": \"https://api.github.com/repos/simonw/datasette/issues/833/reactions\", \"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "draft": null, "state_reason": "completed"}
{"id": 314847571, "node_id": "MDU6SXNzdWUzMTQ4NDc1NzE=", "number": 220, "title": "Investigate syntactic sugar for plugins", "user": {"value": 9599, "label": "simonw"}, "state": "closed", "locked": 0, "assignee": null, "milestone": null, "comments": 2, "created_at": "2018-04-16T23:01:39Z", "updated_at": "2020-06-11T21:50:06Z", "closed_at": "2020-06-11T21:49:55Z", "author_association": "OWNER", "pull_request": null, "body": "Suggested by @andrewhayward on Twitter: https://twitter.com/arhayward/status/986015118965268480?s=21\r\n\r\n> Have you considered a basic abstraction on top of that, for standard hook features?\r\n\r\n```\r\n@sql_function\r\nrandom_integer(a,b):\r\n    return random.randint(a,b)\r\n\r\n@template_filter\r\nuppercase(str):\r\n    return str.upper()\r\n```\r\n\r\nMaybe `from datasette.plugins import template_filter`?\r\n\r\nWould have to work out how to get this to play well with pluggy", "repo": {"value": 107914493, "label": "datasette"}, "type": "issue", "active_lock_reason": null, "performed_via_github_app": null, "reactions": "{\"url\": \"https://api.github.com/repos/simonw/datasette/issues/220/reactions\", \"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "draft": null, "state_reason": "completed"}
{"id": 631932926, "node_id": "MDU6SXNzdWU2MzE5MzI5MjY=", "number": 801, "title": "allow_by_query setting for configuring permissions with a SQL statement", "user": {"value": 9599, "label": "simonw"}, "state": "closed", "locked": 0, "assignee": null, "milestone": {"value": 3268330, "label": "Datasette 1.0"}, "comments": 6, "created_at": "2020-06-05T20:30:19Z", "updated_at": "2020-06-11T18:58:56Z", "closed_at": "2020-06-11T18:58:49Z", "author_association": "OWNER", "pull_request": null, "body": "> Idea: an `\"allow_sql\"` key with a SQL query that gets passed the actor JSON as `:actor` and can extract the relevant keys from it and return 1 or 0.\r\n\r\n_Originally posted by @simonw in https://github.com/simonw/datasette/issues/698#issuecomment-639787304_\r\n\r\nSee also #800", "repo": {"value": 107914493, "label": "datasette"}, "type": "issue", "active_lock_reason": null, "performed_via_github_app": null, "reactions": "{\"url\": \"https://api.github.com/repos/simonw/datasette/issues/801/reactions\", \"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "draft": null, "state_reason": "completed"}
{"id": 632919570, "node_id": "MDExOlB1bGxSZXF1ZXN0NDI5NjEzODkz", "number": 809, "title": "Publish secrets", "user": {"value": 9599, "label": "simonw"}, "state": "closed", "locked": 0, "assignee": null, "milestone": {"value": 5512395, "label": "Datasette 0.44"}, "comments": 4, "created_at": "2020-06-07T02:00:31Z", "updated_at": "2020-06-11T16:02:13Z", "closed_at": "2020-06-11T16:02:03Z", "author_association": "OWNER", "pull_request": "simonw/datasette/pulls/809", "body": "Refs #787. Will need quite a bit of manual testing since this involves code which runs against Heroku and Cloud Run.", "repo": {"value": 107914493, "label": "datasette"}, "type": "pull", "active_lock_reason": null, "performed_via_github_app": null, "reactions": "{\"url\": \"https://api.github.com/repos/simonw/datasette/issues/809/reactions\", \"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "draft": 0, "state_reason": null}
{"id": 628089318, "node_id": "MDU6SXNzdWU2MjgwODkzMTg=", "number": 787, "title": "\"datasette publish\" should bake in a random --secret", "user": {"value": 9599, "label": "simonw"}, "state": "closed", "locked": 0, "assignee": null, "milestone": {"value": 5512395, "label": "Datasette 0.44"}, "comments": 1, "created_at": "2020-06-01T01:15:26Z", "updated_at": "2020-06-11T16:02:05Z", "closed_at": "2020-06-11T16:02:05Z", "author_association": "OWNER", "pull_request": null, "body": "To allow signed cookies etc to work reliably (see #785) all of the `datasette publish` commands should generate a random secret on publish and bake it into the configuration - probably by setting the `DATASETTE_SECRET` environment variable.\r\n\r\n- [ ] Cloud Run\r\n- [ ] Heroku\r\n- [ ] https://github.com/simonw/datasette-publish-now\r\n- [ ] https://github.com/simonw/datasette-publish-fly", "repo": {"value": 107914493, "label": "datasette"}, "type": "issue", "active_lock_reason": null, "performed_via_github_app": null, "reactions": "{\"url\": \"https://api.github.com/repos/simonw/datasette/issues/787/reactions\", \"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "draft": null, "state_reason": "completed"}
{"id": 634917088, "node_id": "MDU6SXNzdWU2MzQ5MTcwODg=", "number": 818, "title": "Example permissions plugin", "user": {"value": 9599, "label": "simonw"}, "state": "closed", "locked": 0, "assignee": null, "milestone": {"value": 5512395, "label": "Datasette 0.44"}, "comments": 9, "created_at": "2020-06-08T20:35:56Z", "updated_at": "2020-06-11T05:40:07Z", "closed_at": "2020-06-11T05:40:07Z", "author_association": "OWNER", "pull_request": null, "body": "To show how they work. Also useful to confirm how they interact with the default permissions.", "repo": {"value": 107914493, "label": "datasette"}, "type": "issue", "active_lock_reason": null, "performed_via_github_app": null, "reactions": "{\"url\": \"https://api.github.com/repos/simonw/datasette/issues/818/reactions\", \"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "draft": null, "state_reason": "completed"}