issue_comments
29 rows where author_association = "OWNER" and issue = 1421552095 sorted by updated_at descending
This data as json, CSV (advanced)
Suggested facets: created_at (date), updated_at (date)
issue 1
- Default API token authentication mechanism · 29 ✖
id | html_url | issue_url | node_id | user | created_at | updated_at ▲ | author_association | body | reactions | issue | performed_via_github_app |
---|---|---|---|---|---|---|---|---|---|---|---|
1291406219 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291406219 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M-UuL | simonw 9599 | 2022-10-26T02:19:54Z | 2022-10-26T02:59:52Z | OWNER | I'm going to split the remaining work into separate issues:
|
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291431132 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291431132 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M-azc | simonw 9599 | 2022-10-26T02:59:50Z | 2022-10-26T02:59:50Z | OWNER | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | ||
1291397623 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291397623 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M-Sn3 | simonw 9599 | 2022-10-26T02:11:40Z | 2022-10-26T02:11:40Z | OWNER | Built a prototype of the
|
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291392887 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291392887 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M-Rd3 | simonw 9599 | 2022-10-26T02:04:48Z | 2022-10-26T02:04:48Z | OWNER | Implemented that |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291290451 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291290451 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M94dT | simonw 9599 | 2022-10-26T00:49:56Z | 2022-10-26T00:49:56Z | OWNER | Prefix: |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291289369 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291289369 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M94MZ | simonw 9599 | 2022-10-26T00:47:46Z | 2022-10-26T00:47:46Z | OWNER | The tokens also need something that can be used to differentiate them from alternative token mechanisms that other plugins might provide. Maybe a prefix before the signed value. Prefixes are also useful for scanning to check they were not accidentally committed to source control. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291272280 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291272280 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M90BY | simonw 9599 | 2022-10-26T00:16:09Z | 2022-10-26T00:46:21Z | OWNER | Other options:
These feel inconsistent because they don't use the I like that last one. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291281243 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291281243 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M92Nb | simonw 9599 | 2022-10-26T00:32:21Z | 2022-10-26T00:32:21Z | OWNER | Rather than duplicating the entire actor into the "a" field, maybe just copy the actor ID? Would need to restrict token creation to just actors with an ID set. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291274835 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291274835 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M90pT | simonw 9599 | 2022-10-26T00:20:48Z | 2022-10-26T00:22:26Z | OWNER | Tests failed because I added a view without also adding documentation! I forgot that the deploy still goes out for branches other than |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291273609 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291273609 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M90WJ | simonw 9599 | 2022-10-26T00:18:40Z | 2022-10-26T00:18:40Z | OWNER | Another thought about tokens that can act on behalf of the user. Imagine a user has permission to access a table. They create a token that can create that table... but then their permission is revoked. It would be bad if they could still use that token they created earlier to access that table! On that basis, I think the model described above where tokens mainly work to provide an "act on behalf of this actor" - but with optional additional constraints - is a good one. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291272612 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291272612 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M90Gk | simonw 9599 | 2022-10-26T00:16:53Z | 2022-10-26T00:16:53Z | OWNER | Next step: make these tokens actually do something. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291272414 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291272414 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M90De | simonw 9599 | 2022-10-26T00:16:28Z | 2022-10-26T00:16:28Z | OWNER | If I'm going to change the naming conventions for settings I should do it before Datasette 1.0. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291271580 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291271580 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M9z2c | simonw 9599 | 2022-10-26T00:14:49Z | 2022-10-26T00:15:06Z | OWNER | If I'm going to have a setting to disable this feature I need to decide what it will be called. Closest existing setting is this one, since it's for a feature that is turned on by default:
So maybe this?
I like
|
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291270227 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291270227 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M9zhT | simonw 9599 | 2022-10-26T00:12:18Z | 2022-10-26T00:12:18Z | OWNER | Demo is now live at https://latest-1-0-dev.datasette.io/-/create-token - visit https://latest-1-0-dev.datasette.io/login-as-root first to sign in. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291269607 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291269607 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M9zXn | simonw 9599 | 2022-10-26T00:11:15Z | 2022-10-26T00:11:15Z | OWNER | If you click "Create token" for "Token never expires" multiple times you currently get exactly the same token each time, since it's just a signed token containing a copy of your actor dictionary. I'm not sure if I like that. I could give each token a random ID (maybe using |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291268380 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291268380 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M9zEc | simonw 9599 | 2022-10-26T00:09:06Z | 2022-10-26T00:09:06Z | OWNER | Demo: |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291243333 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291243333 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M9s9F | simonw 9599 | 2022-10-25T23:25:13Z | 2022-10-25T23:25:13Z | OWNER | A |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291234262 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291234262 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M9qvW | simonw 9599 | 2022-10-25T23:11:23Z | 2022-10-25T23:11:23Z | OWNER | I'm going to build an initial |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291233652 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291233652 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M9ql0 | simonw 9599 | 2022-10-25T23:10:20Z | 2022-10-25T23:10:44Z | OWNER | In which case the token would need to duplicate the current |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291232589 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291232589 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M9qVN | simonw 9599 | 2022-10-25T23:08:37Z | 2022-10-25T23:08:37Z | OWNER | ... so maybe there's a way to create a token that inherits the exact permissions of the actor that created the token? That could even be a default mode for tokens, with an option to then further restrict permissions if desired. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291231651 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291231651 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M9qGj | simonw 9599 | 2022-10-25T23:07:17Z | 2022-10-25T23:07:17Z | OWNER | Interesting challenge: what permissions should users be allowed to grant to tokens? Clearly a user should not be able to create a token with a permission that the user themselves does not have. And should there be a permission that allows people to create tokens? I think so. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1291227942 | https://github.com/simonw/datasette/issues/1852#issuecomment-1291227942 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M9pMm | simonw 9599 | 2022-10-25T23:01:18Z | 2022-10-25T23:01:18Z | OWNER | Datasette currently defaults to having everything public-readable by default, unless a permission plugin changes that default. In thinking more about this API mechanism, I realized that it might be good to have a mode where Datasette doesn't default to public everything. Maybe Might even be an opportunity to get rid of the current slightly confusing mechanism where permission checks can announce that they should default to true: |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1289776707 | https://github.com/simonw/datasette/issues/1852#issuecomment-1289776707 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M4G5D | simonw 9599 | 2022-10-24T23:29:03Z | 2022-10-24T23:29:03Z | OWNER | I'm going to implement the first version of this token mechanism using permissions that exist already. Right now that's: https://docs.datasette.io/en/0.62/authentication.html#built-in-permissions Here are the shortcuts I'll use for them:
|
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1289775162 | https://github.com/simonw/datasette/issues/1852#issuecomment-1289775162 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M4Gg6 | simonw 9599 | 2022-10-24T23:27:00Z | 2022-10-24T23:27:00Z | OWNER | Might be neat for API tokens to be signed with an additional secret than can be rotated independently of But again, I don't want to implement something like that until I see an actual need for it. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1289774183 | https://github.com/simonw/datasette/issues/1852#issuecomment-1289774183 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M4GRn | simonw 9599 | 2022-10-24T23:25:52Z | 2022-10-24T23:25:52Z | OWNER | ... also, maybe there should be a UI (perhaps on that page) for resetting the Datasette secret? Useful for emergency invalidation of all tokens. No, I'm not going to build that unless someone asks for it. Restarting the server with a fresh secret should be easy enough. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1289773634 | https://github.com/simonw/datasette/issues/1852#issuecomment-1289773634 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M4GJC | simonw 9599 | 2022-10-24T23:25:06Z | 2022-10-24T23:25:06Z | OWNER | If you start Datasette without providing a This means any signed API tokens you create will stop working if the server restarts. I think the |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1289766513 | https://github.com/simonw/datasette/issues/1852#issuecomment-1289766513 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M4EZx | simonw 9599 | 2022-10-24T23:16:00Z | 2022-10-24T23:16:00Z | OWNER | Here's what that example looks like signed:
Note that Datasette doesn't have its own mechanism for signing things for a specific duration yet: https://docs.datasette.io/en/stable/internals.html#sign-value-namespace-default So I'll need to add a |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1289733483 | https://github.com/simonw/datasette/issues/1852#issuecomment-1289733483 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M38Vr | simonw 9599 | 2022-10-24T22:54:37Z | 2022-10-24T23:12:10Z | OWNER | Token design concept:
Minified version of the above looks like this (101 characters):
The
Then the permissions themselves are two character codes which are shortened versions - so:
|
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 | |
1289718660 | https://github.com/simonw/datasette/issues/1852#issuecomment-1289718660 | https://api.github.com/repos/simonw/datasette/issues/1852 | IC_kwDOBm6k_c5M34uE | simonw 9599 | 2022-10-24T22:35:01Z | 2022-10-24T22:35:01Z | OWNER | Maybe these tokens can be restricted to specific databases and tables when they are first created? Since they're signed tokens, I could bundle a bunch of extra stuff in them - this token is allowed to do these permissions against these tables/rows for example. General wisdom seems to be that 8KB is a sensible maximum length for this kind of token, which is easily long enough to fit in a bunch of database / table / permissions. |
{ "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
Default API token authentication mechanism 1421552095 |
Advanced export
JSON shape: default, array, newline-delimited, object
CREATE TABLE [issue_comments] ( [html_url] TEXT, [issue_url] TEXT, [id] INTEGER PRIMARY KEY, [node_id] TEXT, [user] INTEGER REFERENCES [users]([id]), [created_at] TEXT, [updated_at] TEXT, [author_association] TEXT, [body] TEXT, [reactions] TEXT, [issue] INTEGER REFERENCES [issues]([id]) , [performed_via_github_app] TEXT); CREATE INDEX [idx_issue_comments_issue] ON [issue_comments] ([issue]); CREATE INDEX [idx_issue_comments_user] ON [issue_comments] ([user]);
user 1