github
html_url | issue_url | id | node_id | user | created_at | updated_at | author_association | body | reactions | issue | performed_via_github_app |
---|---|---|---|---|---|---|---|---|---|---|---|
https://github.com/simonw/datasette/issues/831#issuecomment-642324847 | https://api.github.com/repos/simonw/datasette/issues/831 | 642324847 | MDEyOklzc3VlQ29tbWVudDY0MjMyNDg0Nw== | 9599 | 2020-06-10T23:50:55Z | 2020-06-10T23:50:55Z | OWNER | Actually I'm not sure about this. If `"allow": null` means "no-one can do this", what's the allow block syntax for "everyone can do this"? It could be `"allow": {}` - but that's not intuitive because normally the allow block shows keys that need to match. `{}` suggests to me that no matches are possible. So I think I'm going to stick with the current mechanism, which is that `"allow": null` means "anyone can do this" and `"allow": {}` means "no-one can do this". | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
636614868 | |
https://github.com/simonw/datasette/issues/818#issuecomment-642231871 | https://api.github.com/repos/simonw/datasette/issues/818 | 642231871 | MDEyOklzc3VlQ29tbWVudDY0MjIzMTg3MQ== | 9599 | 2020-06-10T20:11:50Z | 2020-06-10T20:11:50Z | OWNER | `datasette-permissions-sql` ```yaml plugins: datasette-permissions-sql: view-instance: |- select count(*) from users where admin = 1 and id = :id ``` | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
634917088 | |
https://github.com/simonw/datasette/issues/818#issuecomment-642230499 | https://api.github.com/repos/simonw/datasette/issues/818 | 642230499 | MDEyOklzc3VlQ29tbWVudDY0MjIzMDQ5OQ== | 9599 | 2020-06-10T20:08:46Z | 2020-06-10T20:09:26Z | OWNER | What's a simple but useful plugin I could release that exercises this hook? Ideally one which executes permission checks against the database somehow. I could do a simplest-possible implementation of the idea in #801 (allow-by-query). | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
634917088 | |
https://github.com/simonw/datasette/issues/818#issuecomment-642229899 | https://api.github.com/repos/simonw/datasette/issues/818 | 642229899 | MDEyOklzc3VlQ29tbWVudDY0MjIyOTg5OQ== | 9599 | 2020-06-10T20:07:36Z | 2020-06-10T20:07:36Z | OWNER | New policy in 9f236c4 dictates that this should be in Milestone 0.44 after all: > * **New plugin hooks** should only be shipped if accompanied by a separate release of a non-demo plugin that uses them. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
634917088 | |
https://github.com/simonw/datasette/issues/829#issuecomment-642217520 | https://api.github.com/repos/simonw/datasette/issues/829 | 642217520 | MDEyOklzc3VlQ29tbWVudDY0MjIxNzUyMA== | 9599 | 2020-06-10T19:41:35Z | 2020-06-10T19:41:35Z | OWNER | I didn't bother with the alternative epoch - it only shaves off two or three bytes from the cookie. Documentation for the new `ds_actor` cookie shape is here: https://datasette.readthedocs.io/en/latest/authentication.html#the-ds-actor-cookie | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
636426530 | |
https://github.com/simonw/datasette/issues/829#issuecomment-642178604 | https://api.github.com/repos/simonw/datasette/issues/829 | 642178604 | MDEyOklzc3VlQ29tbWVudDY0MjE3ODYwNA== | 9599 | 2020-06-10T18:18:36Z | 2020-06-10T18:20:19Z | OWNER | Even shorter: encode an integer that is the difference between that expiry timestamp and a more recent epoch - June 1st 2020 will do. ``` >>> import datetime, calendar >>> calendar.timegm(datetime.date(2020, 6, 1).timetuple()) 1590969600 >>> import baseconv >>> baseconv.base62.encode(int(time.time() - 1590969600)) '3XST' ``` | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
636426530 | |
https://github.com/simonw/datasette/issues/829#issuecomment-642176180 | https://api.github.com/repos/simonw/datasette/issues/829 | 642176180 | MDEyOklzc3VlQ29tbWVudDY0MjE3NjE4MA== | 9599 | 2020-06-10T18:14:02Z | 2020-06-10T18:14:15Z | OWNER | And the `e` key can be `null`or missing for "never expires". | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
636426530 | |
https://github.com/simonw/datasette/issues/829#issuecomment-642175892 | https://api.github.com/repos/simonw/datasette/issues/829 | 642175892 | MDEyOklzc3VlQ29tbWVudDY0MjE3NTg5Mg== | 9599 | 2020-06-10T18:13:26Z | 2020-06-10T18:13:26Z | OWNER | I'm going with `expires_at` - except to keep the cookies shorter the key will be called `e` and the actor will go in `a`, like this: ```json { "e": "1UuHoo", "a": {"id": "root"} } ``` That `e` value is a base64 encoded expiry integer timestamp (again for a shorter cookie) - using https://pypi.org/project/python-baseconv/ | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
636426530 | |
https://github.com/simonw/datasette/issues/829#issuecomment-642174272 | https://api.github.com/repos/simonw/datasette/issues/829 | 642174272 | MDEyOklzc3VlQ29tbWVudDY0MjE3NDI3Mg== | 9599 | 2020-06-10T18:10:13Z | 2020-06-10T18:10:13Z | OWNER | Some options: - Redesign the `ds_actor` cookie to be `{"expires_at": 1591811250, "actor": ...}` - check if it has expired in that default `actor_from_request` hook - Let plugins set an additional cookie of some sort - Expect plugins that care about this to set a cookie with a different name and implement their own `actor_from_request` against that | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
636426530 | |
https://github.com/simonw/datasette/issues/829#issuecomment-642161210 | https://api.github.com/repos/simonw/datasette/issues/829 | 642161210 | MDEyOklzc3VlQ29tbWVudDY0MjE2MTIxMA== | 9599 | 2020-06-10T17:45:58Z | 2020-06-10T17:45:58Z | OWNER | `itsdangerous` has this ability but you specify the max-age when you call unsign: https://itsdangerous.palletsprojects.com/en/1.1.x/timed/ > s.unsign(string, max_age=5) > Traceback (most recent call last): > ... > itsdangerous.exc.SignatureExpired: Signature age 15 > 5 seconds I currently only decode the `ds_actor` cookie in one place: https://github.com/simonw/datasette/blob/d828abaddec0dce3ec4b4eeddc3a74384e52cf34/datasette/actor_auth_cookie.py#L5-L12 If plugins want to be able to set their own policies on how long the `ds_actor` cookie should remain valid, how do I know to listen to them when decoding the cookie here? | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
636426530 | |
https://github.com/simonw/datasette/issues/828#issuecomment-641713087 | https://api.github.com/repos/simonw/datasette/issues/828 | 641713087 | MDEyOklzc3VlQ29tbWVudDY0MTcxMzA4Nw== | 9599 | 2020-06-10T04:28:17Z | 2020-06-10T04:28:17Z | OWNER | Fixed. https://datasette.readthedocs.io/en/latest/changelog.html <img width="473" alt="Changelog_—_Datasette_documentation" src="https://user-images.githubusercontent.com/9599/84226994-20c8c180-aa98-11ea-8b28-3d00d1254d9a.png"> | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
635914822 | |
https://github.com/simonw/datasette/issues/828#issuecomment-641710745 | https://api.github.com/repos/simonw/datasette/issues/828 | 641710745 | MDEyOklzc3VlQ29tbWVudDY0MTcxMDc0NQ== | 9599 | 2020-06-10T04:19:31Z | 2020-06-10T04:19:31Z | OWNER | https://docs.readthedocs.io/en/stable/guides/adding-custom-css.html | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
635914822 | |
https://github.com/simonw/datasette/issues/828#issuecomment-641710670 | https://api.github.com/repos/simonw/datasette/issues/828 | 641710670 | MDEyOklzc3VlQ29tbWVudDY0MTcxMDY3MA== | 9599 | 2020-06-10T04:19:17Z | 2020-06-10T04:19:17Z | OWNER | This CSS seems to fix it: ```css a.external {overflow-wrap: anywhere;} ``` | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
635914822 |