issue_comments: 1350019528
This data as json
html_url | issue_url | id | node_id | user | created_at | updated_at | author_association | body | reactions | issue | performed_via_github_app |
---|---|---|---|---|---|---|---|---|---|---|---|
https://github.com/simonw/datasette/issues/1947#issuecomment-1350019528 | https://api.github.com/repos/simonw/datasette/issues/1947 | 1350019528 | IC_kwDOBm6k_c5Qd6nI | 9599 | 2022-12-13T23:19:16Z | 2022-12-13T23:19:16Z | OWNER | Here's the checkbox prototype: ```diff diff --git a/datasette/templates/create_token.html b/datasette/templates/create_token.html index a94881ed..1795ebaf 100644 --- a/datasette/templates/create_token.html +++ b/datasette/templates/create_token.html @@ -2,11 +2,20 @@ {% block title %}Create an API token{% endblock %} +{% block extra_head %} +<style type="text/css"> +#restrict-permissions label { + display: inline; + width: 90%; +} +</style> +{% endblock %} + {% block content %} Create an API token- This token will allow API access with the same abilities as your current user. +This token will allow API access with the same abilities as your current user, {{ request.actor.id }} {% if errors %} {% for error in errors %} @@ -27,8 +36,39 @@ - + +
+
+
</form>
+
Restrict actions that can be performed using this token+All databases and tables+
All tables in database: {{ database }}+
Specific tables+ {% for dbt in database_with_tables %} + {% for table in dbt.tables %} +{{ dbt.database }}: {{ table }}+
{% if token %}
diff --git a/datasette/views/special.py b/datasette/views/special.py
index 30345d14..48357f87 100644
--- a/datasette/views/special.py
+++ b/datasette/views/special.py
@@ -231,12 +231,37 @@ class CreateTokenView(BaseView):
return await self.render(
["create_token.html"],
request,
- {"actor": request.actor},
+ {
+ "actor": request.actor,
+ "all_permissions": self.ds.permissions.keys(),
+ "database_permissions": [
+ key
+ for key, value in self.ds.permissions.items()
+ if value.takes_database
+ ],
+ "table_permissions": [
+ key
+ for key, value in self.ds.permissions.items()
+ if value.takes_resource
+ ],
+ "databases": [k for k in self.ds.databases.keys() if k != "_internal"],
+ "database_with_tables": [
+ {
+ "database": db.name,
+ "tables": await db.table_names(),
+ }
+ for db in self.ds.databases.values()
+ if db.name != "_internal"
+ ],
+ },
)
async def post(self, request):
self.check_permission(request)
post = await request.post_vars()
+ from pprint import pprint
+
+ pprint(post)
errors = []
duration = None
if post.get("expire_type"):
```
|
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
1493390939 |