{"html_url": "https://github.com/simonw/datasette/issues/2178#issuecomment-1710565268", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/2178", "id": 1710565268, "node_id": "IC_kwDOBm6k_c5l9SeU", "user": {"value": 9599, "label": "simonw"}, "created_at": "2023-09-07T17:58:04Z", "updated_at": "2023-09-07T17:59:06Z", "author_association": "OWNER", "body": "Relevant code: https://github.com/simonw/datasette/blob/fbcb103c0cb6668018ace539a01a6a1f156e8d6a/datasette/views/table.py#L1132-L1149\r\n\r\nWhich calls this undocumented method:\r\n\r\nhttps://github.com/simonw/datasette/blob/fbcb103c0cb6668018ace539a01a6a1f156e8d6a/datasette/app.py#L938-L973", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 1886350562, "label": "Don't show foreign key links to tables the user cannot access"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/issues/2178#issuecomment-1710567329", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/2178", "id": 1710567329, "node_id": "IC_kwDOBm6k_c5l9S-h", "user": {"value": 9599, "label": "simonw"}, "created_at": "2023-09-07T17:59:59Z", "updated_at": "2023-09-07T17:59:59Z", "author_association": "OWNER", "body": "Should I put the permission check in that undocumented `datasette.expand_foreign_keys()` method? I think so - it should accept `request.actor` as one of its arguments.", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 1886350562, "label": "Don't show foreign key links to tables the user cannot access"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/issues/2178#issuecomment-1710871095", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/2178", "id": 1710871095, "node_id": "IC_kwDOBm6k_c5l-dI3", "user": {"value": 9599, "label": "simonw"}, "created_at": "2023-09-07T23:07:16Z", "updated_at": "2023-09-07T23:07:16Z", "author_association": "OWNER", "body": "I ran this:\r\n\r\n    datasette content.db -p 8043 -m fk-auth.yml --root\r\n\r\nAgainst this YAML:\r\n```yaml\r\ndatabases:\r\n  content:\r\n    tables:\r\n      users:\r\n        allow:\r\n          id: root\r\n```\r\nAnd it worked as it should - here's a screenshot of an anonymous user and a root user viewing the same page:\r\n\r\n![CleanShot 2023-09-07 at 16 05 34@2x](https://github.com/simonw/datasette/assets/9599/3e91da08-107c-421c-8a00-aa650b960c58)\r\n", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 1886350562, "label": "Don't show foreign key links to tables the user cannot access"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/issues/2178#issuecomment-1710878391", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/2178", "id": 1710878391, "node_id": "IC_kwDOBm6k_c5l-e63", "user": {"value": 9599, "label": "simonw"}, "created_at": "2023-09-07T23:19:05Z", "updated_at": "2023-09-07T23:19:05Z", "author_association": "OWNER", "body": "This fix didn't work on Datasette Cloud. I used `/-/permissions` to debug it and saw this:\r\n\r\n![image](https://github.com/simonw/datasette/assets/9599/61d2bc5f-1f96-41ea-8658-91dfbcb6610c)\r\n\r\nOnly checking `view-table` is not enough: for my instance on Datasette Cloud the view permission check that should have failed was for the database or instance.", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 1886350562, "label": "Don't show foreign key links to tables the user cannot access"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/issues/2178#issuecomment-1710879239", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/2178", "id": 1710879239, "node_id": "IC_kwDOBm6k_c5l-fIH", "user": {"value": 9599, "label": "simonw"}, "created_at": "2023-09-07T23:20:32Z", "updated_at": "2023-09-07T23:20:32Z", "author_association": "OWNER", "body": "To test that locally, use this YAML instead:\r\n```yaml\r\ndatabases:\r\n  content:\r\n    allow:\r\n      id: root\r\n    tables:\r\n      releases:\r\n        allow: true\r\n```\r\nAnd:\r\n```yaml\r\nallow:\r\n  id: root\r\ndatabases:\r\n  content:\r\n    tables:\r\n      releases:\r\n        allow: true", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 1886350562, "label": "Don't show foreign key links to tables the user cannot access"}, "performed_via_github_app": null}