id,node_id,number,title,user,state,locked,assignee,milestone,comments,created_at,updated_at,closed_at,author_association,pull_request,body,repo,type,active_lock_reason,performed_via_github_app,reactions,draft,state_reason
634139848,MDU6SXNzdWU2MzQxMzk4NDg=,813,Mechanism for specifying allow_sql permission in metadata.json,9599,closed,0,,5512395,6,2020-06-08T04:57:19Z,2020-06-09T00:09:57Z,2020-06-09T00:07:19Z,OWNER,,"Split from #811. It would be useful if finely-grained permissions configured in `metadata.json` could be used to specify if a user is allowed to execute arbitrary SQL queries.

We have a permission check call for this already: https://github.com/simonw/datasette/blob/9397d718345c4b35d2a5c55bfcbd1468876b5ab9/datasette/views/database.py#L159

But there's currently no way to implement this check without writing a plugin.

I think a `""allow_sql"": {...}` block at the database level in `metadata.json` (sibling to the current `""allow""` block for that database implemented in #811) would be a good option for this.",107914493,issue,,,"{""url"": ""https://api.github.com/repos/simonw/datasette/issues/813/reactions"", ""total_count"": 0, ""+1"": 0, ""-1"": 0, ""laugh"": 0, ""hooray"": 0, ""confused"": 0, ""heart"": 0, ""rocket"": 0, ""eyes"": 0}",,completed