github
id | node_id | number | title | user | state | locked | assignee | milestone | comments | created_at | updated_at | closed_at | author_association | pull_request | body | repo | type | active_lock_reason | performed_via_github_app | reactions | draft | state_reason |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
629541395 | MDU6SXNzdWU2Mjk1NDEzOTU= | 795 | response.set_cookie() method | 9599 | closed | 0 | 5512395 | 2 | 2020-06-02T21:57:05Z | 2020-06-09T22:33:33Z | 2020-06-09T22:19:48Z | OWNER | Mainly to clean up this code: https://github.com/simonw/datasette/blob/4fa7cf68536628344356d3ef8c92c25c249067a0/datasette/app.py#L439-L454 | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/795/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
635077656 | MDU6SXNzdWU2MzUwNzc2NTY= | 822 | request.url_vars helper property | 9599 | closed | 0 | 5512395 | 2 | 2020-06-09T03:15:53Z | 2020-06-09T03:40:07Z | 2020-06-09T03:40:06Z | OWNER | This example: https://github.com/simonw/datasette/blob/f5e79adf26d0daa3831e3fba022f1b749a9efdee/docs/plugins.rst#register_routes ```python from datasette.utils.asgi import Response import html async def hello_from(scope): name = scope["url_route"]["kwargs"]["name"] return Response.html("Hello from {}".format( html.escape(name) )) @hookimpl def register_routes(): return [ (r"^/hello-from/(?P<name>.*)$"), hello_from) ] ``` Would be nicer if you could easily get `scope["url_route"]["kwargs"]["name"]` directly from the request object, without looking at the `scope`. | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/822/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
634783573 | MDU6SXNzdWU2MzQ3ODM1NzM= | 816 | Come up with a new example for extra_template_vars plugin | 9599 | closed | 0 | 5512395 | 2 | 2020-06-08T16:57:59Z | 2020-06-08T19:06:44Z | 2020-06-08T19:06:11Z | OWNER | This example is obsolete, it's from a time before `request.actor` and authentication as a built-in concept (#699): https://github.com/simonw/datasette/blob/0c064c5fe220b7b3d8dcf85b02b4e60452c47232/docs/plugins.rst#L696-L700 https://github.com/simonw/datasette/blob/0c064c5fe220b7b3d8dcf85b02b4e60452c47232/docs/plugins.rst#extra_template_varstemplate-database-table-view_name-request-datasette | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/816/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
632918799 | MDU6SXNzdWU2MzI5MTg3OTk= | 808 | Permission check for every view in Datasette (plus docs) | 9599 | closed | 0 | 5512395 | 2 | 2020-06-07T01:59:23Z | 2020-06-07T05:30:49Z | 2020-06-07T05:30:49Z | OWNER | Every view in Datasette should perform a permission check to see if the current user/actor is allowed to view that page. This permission check will default to allowed, but having this check will allow plugins to lock down access selectively or even to everything in a Datasette instance. | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/808/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
628087971 | MDU6SXNzdWU2MjgwODc5NzE= | 786 | Documentation page describing Datasette's authentication system | 9599 | closed | 0 | 5512395 | 2 | 2020-06-01T01:10:06Z | 2020-06-06T19:40:20Z | 2020-06-06T19:40:20Z | OWNER | _Originally posted by @simonw in https://github.com/simonw/datasette/issues/699#issuecomment-636562999_ | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/786/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | |||||
628121234 | MDU6SXNzdWU2MjgxMjEyMzQ= | 788 | /-/permissions debugging tool | 9599 | closed | 0 | 5512395 | 2 | 2020-06-01T03:13:47Z | 2020-06-06T00:43:40Z | 2020-06-01T05:01:01Z | OWNER | > Debugging tool idea: `/-/permissions` page which shows you the actor and lets you type in the strings for `action`, `resource_type` and `resource_identifier` - then shows you EVERY plugin hook that would have executed and what it would have said, plus when the chain would have terminated. > > Bonus: if you're logged in as the `root` user (or a user that matches some kind of permission check, maybe a check for `permissions_debug`) you get to see a rolling log of the last 30 permission checks and what the results were across the whole of Datasette. This should make figuring out permissions policies a whole lot easier. _Originally posted by @simonw in https://github.com/simonw/datasette/issues/699#issuecomment-636576603_ | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/788/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed |