github
id | node_id | number | title | user | state | locked | assignee | milestone | comments | created_at | updated_at | closed_at | author_association | pull_request | body | repo | type | active_lock_reason | performed_via_github_app | reactions | draft | state_reason |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1421552095 | I_kwDOBm6k_c5Uuynf | 1852 | Default API token authentication mechanism | 9599 | closed | 0 | 8658075 | 30 | 2022-10-24T22:31:07Z | 2022-11-15T19:57:00Z | 2022-10-26T02:19:54Z | OWNER | API authentication will be via `Authorization: Bearer XXX` request headers. I'm inclined to add a default token mechanism to Datasette based on tokens that are signed with the `DATASETTE_SECRET`. Maybe the root user can access `/-/create-token` which provides a UI for generating a time-limited signed token? Could also have a `datasette token` command for creating such tokens at the command-line. Plugins can then define alternative ways of creating tokens, such as the existing https://datasette.io/plugins/datasette-auth-tokens plugin. _Originally posted by @simonw in https://github.com/simonw/datasette/issues/1850#issuecomment-1289706439_ | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/1852/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
1423347412 | I_kwDOBm6k_c5U1o7U | 1857 | Prevent API tokens from using /-/create-token to create more tokens | 9599 | closed | 0 | 8658075 | 1 | 2022-10-26T02:38:09Z | 2022-11-15T19:57:11Z | 2022-10-26T02:57:26Z | OWNER | > It strikes me that users should NOT be able to use a token to create additional tokens. > > The current design actually does allow that, since the `dstok_` Bearer token can be used to authenticate calls to the `/-/create-token` page. > > So I think I need a mechanism whereby that page can only allow access to users authenticated by cookie. > > Not obvious how to do that though, since Datasette's authentication actor system is designed to abstract that detail away! _Originally posted by @simonw in https://github.com/simonw/datasette/issues/1850#issuecomment-1291417100_ | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/1857/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
1423336122 | I_kwDOBm6k_c5U1mK6 | 1856 | allow_signed_tokens setting for disabling API signed token mechanism | 9599 | closed | 0 | 8658075 | 3 | 2022-10-26T02:20:55Z | 2022-11-15T19:57:05Z | 2022-10-26T02:58:35Z | OWNER | Had some design thoughts here: https://github.com/simonw/datasette/issues/1852#issuecomment-1291272280 I liked this option the most: --setting allow_create_tokens off | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/1856/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
1423369494 | I_kwDOBm6k_c5U1uUW | 1859 | datasette create-token CLI command | 9599 | closed | 0 | 8658075 | 3 | 2022-10-26T03:12:59Z | 2022-11-15T19:59:00Z | 2022-10-26T04:31:39Z | OWNER | The CLI equivalent of the `/-/create-token` page. | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/1859/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
1423364990 | I_kwDOBm6k_c5U1tN- | 1858 | `max_signed_tokens_ttl` setting for a maximum duration on API tokens | 9599 | closed | 0 | 8658075 | 4 | 2022-10-26T03:05:53Z | 2022-11-15T19:58:52Z | 2022-10-27T03:15:05Z | OWNER | It's currently possible to use `/-/create-token` to create a token that lasts forever. Some administrators may wish to have a maximum expiry instead. I should support that with a setting. | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/1858/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
1426195437 | I_kwDOBm6k_c5VAgPt | 1868 | Design URLs for the write API | 9599 | closed | 0 | 8658075 | 5 | 2022-10-27T19:55:30Z | 2022-11-15T19:59:14Z | 2022-10-27T20:07:01Z | OWNER | My original design for this issue: - #1851 Was `POST /db/table` with JSON of `{"insert": {...}}`. | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/1868/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
1421544654 | I_kwDOBm6k_c5UuwzO | 1851 | API to insert a single record into an existing table | 9599 | closed | 0 | 8658075 | 22 | 2022-10-24T22:24:21Z | 2022-11-15T19:59:18Z | 2022-10-28T00:59:25Z | OWNER | Controlled by a new `insert-row` permission. | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/1851/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
1426001541 | I_kwDOBm6k_c5U_w6F | 1866 | API for bulk inserting records into a table | 9599 | closed | 0 | 8658075 | 12 | 2022-10-27T17:19:25Z | 2022-11-15T19:59:34Z | 2022-10-30T06:04:07Z | OWNER | Similar to https://github.com/simonw/datasette-insert/blob/0.8/README.md#inserting-data-and-creating-tables I expect this to become by far the most common way that data gets into a Datasette instance - more so than the individual row API in: - #1851 | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/1866/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
1427293909 | I_kwDOBm6k_c5VEsbV | 1871 | API explorer tool | 9599 | closed | 0 | 8658075 | 24 | 2022-10-28T13:49:11Z | 2022-11-15T19:59:05Z | 2022-11-14T04:59:59Z | OWNER | The API will be much easier to develop if there's a page that helps you execute JSON POSTs against it. | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/1871/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
1447388809 | I_kwDOBm6k_c5WRWaJ | 1887 | Add a confirm step to the drop table API | 9599 | closed | 0 | 8658075 | 2 | 2022-11-14T04:59:53Z | 2022-11-15T19:59:59Z | 2022-11-14T05:18:51Z | OWNER | > In playing with the API explorer just now I realized it's way too easy to accidentally drop a table using it. _Originally posted by @simonw in https://github.com/simonw/datasette/issues/1871#issuecomment-1313097057_ Added drop table API in: - #1874 | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/1887/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
1429030341 | I_kwDOBm6k_c5VLUXF | 1874 | API to drop a table | 9599 | closed | 0 | 8658075 | 4 | 2022-10-30T21:55:11Z | 2022-11-15T19:59:53Z | 2022-11-14T05:45:06Z | OWNER | `POST /db/table/-/drop` Require `drop-table` permission. | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/1874/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
1447439985 | I_kwDOBm6k_c5WRi5x | 1888 | API explorer should take immutability into account | 9599 | closed | 0 | 8658075 | 1 | 2022-11-14T06:00:14Z | 2022-11-15T19:59:10Z | 2022-11-14T06:04:48Z | OWNER | Refs: - #1871 I noticed the API explorer doesn't show any links on https://latest-1-0-dev.datasette.io/-/api because the `fixtures` database is immutable. It should still show read examples there. | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/1888/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
1435294468 | I_kwDOBm6k_c5VjNsE | 1882 | `/db/-/create` API for creating tables | 9599 | closed | 0 | 8658075 | 12 | 2022-11-03T21:44:32Z | 2022-11-15T19:59:43Z | 2022-11-15T06:00:41Z | OWNER | > It really feels like this should be accompanied by a `/db/-/create` API for creating tables. I had to add that to `sqlite-utils` eventually (initially it only supported creating by passing in an example document): > > https://sqlite-utils.datasette.io/en/stable/cli.html#cli-create-table _Originally posted by @simonw in https://github.com/simonw/datasette/issues/1862#issuecomment-1299073433_ | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/1882/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
1425011030 | I_kwDOBm6k_c5U7_FW | 1862 | Create a new table from one or more records, `sqlite-utils` style | 9599 | closed | 0 | 8658075 | 5 | 2022-10-27T04:25:02Z | 2022-11-15T19:59:47Z | 2022-11-15T06:42:09Z | OWNER | It's interesting to also think about what the form-based UI for this could look like - since that would involve users creating new columns of different types on the fly. Will need the `create-table` permission. | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/1862/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed |