{"html_url": "https://github.com/simonw/datasette/issues/800#issuecomment-640160487", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/800", "id": 640160487, "node_id": "MDEyOklzc3VlQ29tbWVudDY0MDE2MDQ4Nw==", "user": {"value": 9599, "label": "simonw"}, "created_at": "2020-06-07T05:34:07Z", "updated_at": "2020-06-07T05:34:07Z", "author_association": "OWNER", "body": "See #810 for work to finish this.", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 631931408, "label": "Canned query permissions mechanism"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/issues/800#issuecomment-640123488", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/800", "id": 640123488, "node_id": "MDEyOklzc3VlQ29tbWVudDY0MDEyMzQ4OA==", "user": {"value": 9599, "label": "simonw"}, "created_at": "2020-06-06T21:59:14Z", "updated_at": "2020-06-06T21:59:14Z", "author_association": "OWNER", "body": "I didn't build this quite right: it should be using the permissions plugin hook.", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 631931408, "label": "Canned query permissions mechanism"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/issues/800#issuecomment-640108835", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/800", "id": 640108835, "node_id": "MDEyOklzc3VlQ29tbWVudDY0MDEwODgzNQ==", "user": {"value": 9599, "label": "simonw"}, "created_at": "2020-06-06T19:42:46Z", "updated_at": "2020-06-06T19:42:46Z", "author_association": "OWNER", "body": "This is implemented and documented: https://datasette.readthedocs.io/en/latest/authentication.html", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 631931408, "label": "Canned query permissions mechanism"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/issues/800#issuecomment-640103204", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/800", "id": 640103204, "node_id": "MDEyOklzc3VlQ29tbWVudDY0MDEwMzIwNA==", "user": {"value": 9599, "label": "simonw"}, "created_at": "2020-06-06T18:52:56Z", "updated_at": "2020-06-06T18:52:56Z", "author_association": "OWNER", "body": "I'm also going to add an indicator to the UI next to queries that you can only execute because you are signed in:\r\n\r\n<img width=\"502\" alt=\"data\" src=\"https://user-images.githubusercontent.com/9599/83952232-403bc200-a7ec-11ea-94dc-f9b87ad3fb67.png\">\r\n", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 631931408, "label": "Canned query permissions mechanism"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/issues/800#issuecomment-640102200", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/800", "id": 640102200, "node_id": "MDEyOklzc3VlQ29tbWVudDY0MDEwMjIwMA==", "user": {"value": 9599, "label": "simonw"}, "created_at": "2020-06-06T18:45:11Z", "updated_at": "2020-06-06T18:45:11Z", "author_association": "OWNER", "body": "In the code that's:\r\n\r\nhttps://github.com/simonw/datasette/blob/9c563d6aed072f14d3d25f58e84659f9caa1a243/datasette/views/database.py#L56-L64\r\n\r\nAnd:\r\n\r\nhttps://github.com/simonw/datasette/blob/9c563d6aed072f14d3d25f58e84659f9caa1a243/datasette/views/database.py#L98-L112\r\n", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 631931408, "label": "Canned query permissions mechanism"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/issues/800#issuecomment-640101762", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/800", "id": 640101762, "node_id": "MDEyOklzc3VlQ29tbWVudDY0MDEwMTc2Mg==", "user": {"value": 9599, "label": "simonw"}, "created_at": "2020-06-06T18:41:20Z", "updated_at": "2020-06-06T18:41:20Z", "author_association": "OWNER", "body": "Now the actual permission checks. I need these in two places: the code that generates the list of available queries on https://latest.datasette.io/fixtures#queries and the query page itself at https://latest.datasette.io/fixtures/pragma_cache_size", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 631931408, "label": "Canned query permissions mechanism"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/issues/800#issuecomment-640101625", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/800", "id": 640101625, "node_id": "MDEyOklzc3VlQ29tbWVudDY0MDEwMTYyNQ==", "user": {"value": 9599, "label": "simonw"}, "created_at": "2020-06-06T18:40:09Z", "updated_at": "2020-06-06T18:40:09Z", "author_association": "OWNER", "body": "Documentation for `actor_matches_allow`: https://github.com/simonw/datasette/blob/14f6b4d200f24940a795ddc0825319ab2891bde2/docs/authentication.rst#actor_matches_allow", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 631931408, "label": "Canned query permissions mechanism"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/issues/800#issuecomment-640099707", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/800", "id": 640099707, "node_id": "MDEyOklzc3VlQ29tbWVudDY0MDA5OTcwNw==", "user": {"value": 9599, "label": "simonw"}, "created_at": "2020-06-06T18:24:54Z", "updated_at": "2020-06-06T18:24:54Z", "author_association": "OWNER", "body": "Next step: a utility function and tests for matching actors to allow blocks.", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 631931408, "label": "Canned query permissions mechanism"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/issues/800#issuecomment-640099404", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/800", "id": 640099404, "node_id": "MDEyOklzc3VlQ29tbWVudDY0MDA5OTQwNA==", "user": {"value": 9599, "label": "simonw"}, "created_at": "2020-06-06T18:22:10Z", "updated_at": "2020-06-06T18:24:26Z", "author_association": "OWNER", "body": "Docs here: https://github.com/simonw/datasette/blob/d4c7b85f556230923d37ff327a068ed08aa9b62b/docs/authentication.rst#setting-permissions-for-canned-queries", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 631931408, "label": "Canned query permissions mechanism"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/issues/800#issuecomment-640099434", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/800", "id": 640099434, "node_id": "MDEyOklzc3VlQ29tbWVudDY0MDA5OTQzNA==", "user": {"value": 9599, "label": "simonw"}, "created_at": "2020-06-06T18:22:29Z", "updated_at": "2020-06-06T18:22:29Z", "author_association": "OWNER", "body": "I should add the '*' bit to the docs.", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 631931408, "label": "Canned query permissions mechanism"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/issues/800#issuecomment-640090575", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/800", "id": 640090575, "node_id": "MDEyOklzc3VlQ29tbWVudDY0MDA5MDU3NQ==", "user": {"value": 9599, "label": "simonw"}, "created_at": "2020-06-06T17:06:28Z", "updated_at": "2020-06-06T17:06:28Z", "author_association": "OWNER", "body": "I'm going to implement this documentation-first.", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 631931408, "label": "Canned query permissions mechanism"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/issues/800#issuecomment-640090343", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/800", "id": 640090343, "node_id": "MDEyOklzc3VlQ29tbWVudDY0MDA5MDM0Mw==", "user": {"value": 9599, "label": "simonw"}, "created_at": "2020-06-06T17:04:36Z", "updated_at": "2020-06-06T17:04:36Z", "author_association": "OWNER", "body": "I like this mechanism better than the SQL query one. Constructing SQL queries that return true if a particular string is embedded inside a JSON list in a larger object is decidedly non-trivial.", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 631931408, "label": "Canned query permissions mechanism"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/issues/800#issuecomment-639803719", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/800", "id": 639803719, "node_id": "MDEyOklzc3VlQ29tbWVudDYzOTgwMzcxOQ==", "user": {"value": 9599, "label": "simonw"}, "created_at": "2020-06-05T20:40:34Z", "updated_at": "2020-06-05T20:40:34Z", "author_association": "OWNER", "body": "It's a bit obscure though. I'll try building both and see how they feel in practice.", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 631931408, "label": "Canned query permissions mechanism"}, "performed_via_github_app": null}
{"html_url": "https://github.com/simonw/datasette/issues/800#issuecomment-639803099", "issue_url": "https://api.github.com/repos/simonw/datasette/issues/800", "id": 639803099, "node_id": "MDEyOklzc3VlQ29tbWVudDYzOTgwMzA5OQ==", "user": {"value": 9599, "label": "simonw"}, "created_at": "2020-06-05T20:39:34Z", "updated_at": "2020-06-05T20:39:34Z", "author_association": "OWNER", "body": "Maybe #801 (configuring permissions with a SQL query) is enough here - might not need this mechanism at all, since that mechanism covers it.", "reactions": "{\"total_count\": 0, \"+1\": 0, \"-1\": 0, \"laugh\": 0, \"hooray\": 0, \"confused\": 0, \"heart\": 0, \"rocket\": 0, \"eyes\": 0}", "issue": {"value": 631931408, "label": "Canned query permissions mechanism"}, "performed_via_github_app": null}