issue_comments

I think the next big step for this feature is for me to actually use it to build a few things.

It would be neat not to show write permissions against immutable databases too - and not hard from a performance perspective since it doesn't involve hundreds more permission checks.

That will need permissions to grow a flag for if they need a mutable database though, which is a bigger job.

Maybe I should have kept _memory listed for instances that are running with --crossdb enabled?

Yeah I think I should.

New interface now live at https://latest.datasette.io/-/create-token

It shouldn't be showing _memory though.

Tests can go here:

https://github.com/simonw/datasette/blob/d98a8effb10ce8fe04a03eae42baa8a9cb0ca3f7/tests/test_auth.py#L143-L160

I shipped a working interface. Could still do with some extra tests.

With tilde-encoding for database and table names the HTML looks like this:

html <input type="checkbox" name="table:weird:foo~3Abar:view-table">

Another option: I could set a time limit - say 200ms - on how long I'm willing to spend calculating permissions before displaying this form

First calculate view permissions for tables and databases (and maybe views and canned queries too).

Then see if I can check every permission that I'm going to show as a checkbox on this page. If I get that done within the time limit use that to show the options.

If I run out of time show all options and maybe include a note saying that some of them may not actually be available.

Also: don't show hidden tables.

Another thing to consider in the future: once Datasette can support thousands of tables (see #417) the list on this page will turn into multiple MBs of HTML, which may cause all kinds of problems - not to mention the overhead of all of those table visibility permission checks.

Hopefully by then I'll have a good fix for the permission listings problem: - #1152

And I can apply the same mechanism here.