github
id | node_id | number | title | user | state | locked | assignee | milestone | comments | created_at | updated_at | closed_at | author_association | pull_request | body | repo | type | active_lock_reason | performed_via_github_app | reactions | draft | state_reason |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
582517965 | MDU6SXNzdWU1ODI1MTc5NjU= | 698 | Ability for a canned query to write to the database | 9599 | closed | 0 | 5512395 | 26 | 2020-03-16T18:31:59Z | 2020-06-06T19:43:49Z | 2020-06-06T19:43:48Z | OWNER | Canned queries are currently read-only: https://datasette.readthedocs.io/en/0.38/sql_queries.html#canned-queries Add a `"write": true` option to their definition in `metadata.json` which turns them into queries that are submitted via POST and send their queries to the write queue. Then they can be used as a really quick way to define a writable interface and JSON API! | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/698/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
582526961 | MDU6SXNzdWU1ODI1MjY5NjE= | 699 | Authentication (and permissions) as a core concept | 9599 | closed | 0 | 5512395 | 40 | 2020-03-16T18:48:00Z | 2020-06-06T19:42:11Z | 2020-06-06T19:42:11Z | OWNER | Right now Datasette authentication is provided exclusively by plugins: * https://github.com/simonw/datasette-auth-github * https://github.com/simonw/datasette-auth-existing-cookies This is an all-or-nothing approach: either your Datasette instance requires authentication at the top level or it does not. But... as I build new plugins like https://github.com/simonw/datasette-configure-fts and https://github.com/simonw/datasette-edit-tables I increasingly have individual features which should be reserved for logged-in users while still wanting other parts of Datasette to be open to all. This is too much for plugins to own independently of Datasette core. Datasette needs to ship a single "user is authenticated" concept (independent of how users actually sign in) so that different plugins can integrate with it. | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/699/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
632645865 | MDExOlB1bGxSZXF1ZXN0NDI5MzY2NjQx | 803 | Canned query permissions | 9599 | closed | 0 | 0 | 2020-06-06T18:20:00Z | 2020-06-06T19:40:21Z | 2020-06-06T19:40:20Z | OWNER | simonw/datasette/pulls/803 | Refs #800. Closes #786 | 107914493 | pull | { "url": "https://api.github.com/repos/simonw/datasette/issues/803/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
0 | |||||
628087971 | MDU6SXNzdWU2MjgwODc5NzE= | 786 | Documentation page describing Datasette's authentication system | 9599 | closed | 0 | 5512395 | 2 | 2020-06-01T01:10:06Z | 2020-06-06T19:40:20Z | 2020-06-06T19:40:20Z | OWNER | _Originally posted by @simonw in https://github.com/simonw/datasette/issues/699#issuecomment-636562999_ | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/786/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
629524205 | MDU6SXNzdWU2Mjk1MjQyMDU= | 793 | CSRF protection for /-/messages tool and writable canned queries | 9599 | closed | 0 | 5512395 | 3 | 2020-06-02T21:22:21Z | 2020-06-06T00:43:41Z | 2020-06-05T19:05:59Z | OWNER | > The `/-/messages` debug tool will need CSRF protection or people will be able to add messages using a hidden form on another website. _Originally posted by @simonw in https://github.com/simonw/datasette/issues/790#issuecomment-637790860_ | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/793/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
631300342 | MDExOlB1bGxSZXF1ZXN0NDI4MjEyNDIx | 798 | CSRF protection | 9599 | closed | 0 | 5512395 | 5 | 2020-06-05T04:22:35Z | 2020-06-06T00:43:41Z | 2020-06-05T19:05:58Z | OWNER | simonw/datasette/pulls/798 | Refs #793 | 107914493 | pull | { "url": "https://api.github.com/repos/simonw/datasette/issues/798/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
0 | ||||
628025100 | MDU6SXNzdWU2MjgwMjUxMDA= | 785 | Datasette secret mechanism - initially for signed cookies | 9599 | closed | 0 | 5512395 | 11 | 2020-05-31T19:14:52Z | 2020-06-06T00:43:40Z | 2020-06-01T00:18:40Z | OWNER | See comment in https://github.com/simonw/datasette/issues/784#issuecomment-636514974 Datasette needs to be able to set signed cookies - which means it needs a mechanism for safely handling a signing secret. Since Datasette is a long-running process the default behaviour here can be to create a random secret on startup. This means that if the server restarts any signed cookies will be invalidated. If the user wants a persistent secret they'll have to generate it themselves - maybe by setting an environment variable? | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/785/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
628121234 | MDU6SXNzdWU2MjgxMjEyMzQ= | 788 | /-/permissions debugging tool | 9599 | closed | 0 | 5512395 | 2 | 2020-06-01T03:13:47Z | 2020-06-06T00:43:40Z | 2020-06-01T05:01:01Z | OWNER | > Debugging tool idea: `/-/permissions` page which shows you the actor and lets you type in the strings for `action`, `resource_type` and `resource_identifier` - then shows you EVERY plugin hook that would have executed and what it would have said, plus when the chain would have terminated. > > Bonus: if you're logged in as the `root` user (or a user that matches some kind of permission check, maybe a check for `permissions_debug`) you get to see a rolling log of the last 30 permission checks and what the results were across the whole of Datasette. This should make figuring out permissions policies a whole lot easier. _Originally posted by @simonw in https://github.com/simonw/datasette/issues/699#issuecomment-636576603_ | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/788/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed |