html_url,issue_url,id,node_id,user,created_at,updated_at,author_association,body,reactions,issue,performed_via_github_app
https://github.com/simonw/datasette/issues/1636#issuecomment-1347655074,https://api.github.com/repos/simonw/datasette/issues/1636,1347655074,IC_kwDOBm6k_c5QU5Wi,9599,2022-12-13T02:21:04Z,2022-12-13T02:21:23Z,OWNER,"The thing I'm stuck on at the moment is how to implement it such that an `allow` block for `create-table` at the root of the metadata will be checked correctly.

Maybe the algorithm when `_resolve_metadata_permissions_blocks(datasette, actor, action, resource)` is called should do this:

1. If a root permission block matching that action exists, test with that
2. Next, if resource has been passed, check at the database level
3. If the resource included a table/query, check at that level too

So everything is keyed off the incoming `action` name.","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1138008042,
https://github.com/simonw/datasette/issues/1636#issuecomment-1347648326,https://api.github.com/repos/simonw/datasette/issues/1636,1347648326,IC_kwDOBm6k_c5QU3tG,9599,2022-12-13T02:10:02Z,2022-12-13T02:10:02Z,OWNER,"The implementation for this will go here: https://github.com/simonw/datasette/blob/8bf06a76b51bc9ace7cf72cf0cca8f1da7704ea7/datasette/default_permissions.py#L81-L83

Here's the start of the tests (currently marked as `xfail`):

https://github.com/simonw/datasette/blob/8bf06a76b51bc9ace7cf72cf0cca8f1da7704ea7/tests/test_permissions.py#L652-L689","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1138008042,
https://github.com/simonw/datasette/issues/1636#issuecomment-1347647298,https://api.github.com/repos/simonw/datasette/issues/1636,1347647298,IC_kwDOBm6k_c5QU3dC,9599,2022-12-13T02:08:46Z,2022-12-13T02:08:46Z,OWNER,"A bunch of the work for this just landed - in particular the new scheme is now documented (even though it doesn't work yet):

https://docs.datasette.io/en/latest/authentication.html#other-permissions-in-metadata","{""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",1138008042,