github
html_url | issue_url | id | node_id | user | created_at | updated_at | author_association | body | reactions | issue | performed_via_github_app |
---|---|---|---|---|---|---|---|---|---|---|---|
https://github.com/simonw/datasette/issues/1406#issuecomment-890259755 | https://api.github.com/repos/simonw/datasette/issues/1406 | 890259755 | IC_kwDOBm6k_c41EEkr | 9599 | 2021-07-31T00:04:54Z | 2021-07-31T00:04:54Z | OWNER | STILL failing. I'm going to try removing all instances of `isolated_filesystem()` in favour of a different pattern using pytest temporary files, then see if I can get that to work without the serial hack. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
956303470 | |
https://github.com/simonw/datasette/issues/1407#issuecomment-890388200 | https://api.github.com/repos/simonw/datasette/issues/1407 | 890388200 | IC_kwDOBm6k_c41Ej7o | 9599 | 2021-07-31T18:38:41Z | 2021-07-31T18:38:41Z | OWNER | The `path` variable there looked like this: `/private/var/folders/wr/hn3206rs1yzgq3r49bz8nvnh0000gn/T/pytest-of-simon/pytest-696/popen-gw0/uds0/datasette.sock` I think what's happening here is that `pytest-xdist` causes `tmp_path_factory.mktemp("uds")` to create significantly longer paths, which in this case is breaking some limit. So for this code to work with `pytest-xdist` I need to make sure the random path to `datasette.sock` is shorter. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
957298475 | |
https://github.com/simonw/datasette/issues/1407#issuecomment-890388656 | https://api.github.com/repos/simonw/datasette/issues/1407 | 890388656 | IC_kwDOBm6k_c41EkCw | 9599 | 2021-07-31T18:42:41Z | 2021-07-31T18:42:41Z | OWNER | I'll try `tempfile.gettempdir()` - on macOS it returns something like `'/var/folders/wr/hn3206rs1yzgq3r49bz8nvnh0000gn/T'` which is still long but hopefully not too long. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
957298475 | |
https://github.com/simonw/datasette/issues/1406#issuecomment-890390198 | https://api.github.com/repos/simonw/datasette/issues/1406 | 890390198 | IC_kwDOBm6k_c41Eka2 | 9599 | 2021-07-31T18:55:33Z | 2021-07-31T18:55:33Z | OWNER | To clarify: the core problem here is that an error is thrown any time you call `os.getcwd()` but the directory you are currently in has been deleted. `runner.isolated_filesystem()` assumes that the current directory in has not been deleted. But the various temporary directory utilities in `pytest` work by creating directories and then deleting them. Maybe there's a larger problem here that I play a bit fast and loose with `os.chdir()` in both the test suite and in various lines of code in Datasette itself (in particular in the publish commands)? | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
956303470 | |
https://github.com/simonw/datasette/issues/1406#issuecomment-890390342 | https://api.github.com/repos/simonw/datasette/issues/1406 | 890390342 | IC_kwDOBm6k_c41EkdG | 9599 | 2021-07-31T18:56:35Z | 2021-07-31T18:56:35Z | OWNER | But... I've lost enough time to this already, and removing `runner.isolated_filesystem()` has the tests passing again. So I'm not going to work on this any more. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
956303470 | |
https://github.com/simonw/datasette/issues/1408#issuecomment-890390495 | https://api.github.com/repos/simonw/datasette/issues/1408 | 890390495 | IC_kwDOBm6k_c41Ekff | 9599 | 2021-07-31T18:57:39Z | 2021-07-31T18:57:39Z | OWNER | Opening this issue as an optional follow-up to the work I did in #1406. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
957302085 | |
https://github.com/simonw/datasette/issues/1408#issuecomment-890390845 | https://api.github.com/repos/simonw/datasette/issues/1408 | 890390845 | IC_kwDOBm6k_c41Ekk9 | 9599 | 2021-07-31T19:00:32Z | 2021-07-31T19:00:32Z | OWNER | When I revisit this I can also look at dropping the `@pytest.mark.serial` hack, and maybe the `restore_working_directory()` fixture hack too: https://github.com/simonw/datasette/blob/ff253f5242e4b0b5d85d29d38b8461feb5ea997a/pytest.ini#L9-L10 https://github.com/simonw/datasette/blob/ff253f5242e4b0b5d85d29d38b8461feb5ea997a/tests/conftest.py#L62-L75 | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
957302085 | |
https://github.com/simonw/datasette/issues/1409#issuecomment-890397124 | https://api.github.com/repos/simonw/datasette/issues/1409 | 890397124 | IC_kwDOBm6k_c41EmHE | 9599 | 2021-07-31T19:51:10Z | 2021-07-31T19:51:10Z | OWNER | I think I may like `disable_sql` better. Some options: - `--setting allow_sql off` (consistent with `allow_facet` and `allow_download` and `allow_csv_stream` - all which default to `on` already) - `--setting disable_sql on` - `--setting disable_custom_sql on` The existence of three `allow_*` settings does make a strong argument for staying consistent with that. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
957310278 | |
https://github.com/simonw/datasette/issues/1409#issuecomment-890397169 | https://api.github.com/repos/simonw/datasette/issues/1409 | 890397169 | IC_kwDOBm6k_c41EmHx | 9599 | 2021-07-31T19:51:35Z | 2021-07-31T19:51:35Z | OWNER | I'm going to stick with `--setting allow_sql off`. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
957310278 | |
https://github.com/simonw/datasette/issues/1409#issuecomment-890397261 | https://api.github.com/repos/simonw/datasette/issues/1409 | 890397261 | IC_kwDOBm6k_c41EmJN | 9599 | 2021-07-31T19:52:25Z | 2021-07-31T19:52:25Z | OWNER | I think I can make this modification by teaching the default permissions code here to take the `allow_sql` setting into account: https://github.com/simonw/datasette/blob/ff253f5242e4b0b5d85d29d38b8461feb5ea997a/datasette/default_permissions.py#L38-L45 | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
957310278 | |
https://github.com/simonw/datasette/issues/1409#issuecomment-890397652 | https://api.github.com/repos/simonw/datasette/issues/1409 | 890397652 | IC_kwDOBm6k_c41EmPU | 9599 | 2021-07-31T19:56:48Z | 2021-07-31T19:56:48Z | OWNER | The other option would be to use the setting to pick the `default=` argument when calling `self.ds.permission_allowed( request.actor, "execute-sql", resource=database, default=True)`. The problem with that is that there are actually a few different places which perform that check, so changing all of them raises the risk of missing one in the future: https://github.com/simonw/datasette/blob/a6c8e7fa4cffdeff84e9e755dcff4788fd6154b8/datasette/views/table.py#L436-L444 https://github.com/simonw/datasette/blob/a6c8e7fa4cffdeff84e9e755dcff4788fd6154b8/datasette/views/table.py#L964-L966 https://github.com/simonw/datasette/blob/d23a2671386187f61872b9f6b58e0f80ac61f8fe/datasette/views/database.py#L220-L221 https://github.com/simonw/datasette/blob/d23a2671386187f61872b9f6b58e0f80ac61f8fe/datasette/views/database.py#L343-L345 https://github.com/simonw/datasette/blob/d23a2671386187f61872b9f6b58e0f80ac61f8fe/datasette/views/database.py#L134-L136 | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
957310278 | |
https://github.com/simonw/datasette/issues/1409#issuecomment-890397753 | https://api.github.com/repos/simonw/datasette/issues/1409 | 890397753 | IC_kwDOBm6k_c41EmQ5 | 9599 | 2021-07-31T19:57:56Z | 2021-07-31T19:57:56Z | OWNER | I think the correct solution is for the default permissions logic to take the `allow_sql` setting into account, and to return `False` if that setting is set to `off` AND the current actor fails the `actor_matches_allow` checks. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
957310278 | |
https://github.com/simonw/datasette/issues/1409#issuecomment-890399806 | https://api.github.com/repos/simonw/datasette/issues/1409 | 890399806 | IC_kwDOBm6k_c41Emw- | 9599 | 2021-07-31T20:18:46Z | 2021-07-31T20:18:46Z | OWNER | My rationale for removing it: https://github.com/simonw/datasette/issues/813#issuecomment-640916290 > Naming problem: Datasette already has a config option with this name: > > $ datasette serve data.db --config allow_sql:1 > > https://datasette.readthedocs.io/en/stable/config.html#allow-sql > > It's confusing to have two things called `allow_sql` that do slightly different things. > > I could retire the `--config allow_sql:0` option entirely, since the new `metadata.json` mechanism can be used to achieve the exact same thing. > > I'm going to do that. This is true. The `"allow_sql"` permissions block in `metadata.json` does indeed have a name that is easily confused with `--setting allow_sql off`. So I definitely need to pick a different name from the setting. `--setting default_allow_sql off` is a good option here. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
957310278 | |
https://github.com/simonw/datasette/issues/1409#issuecomment-890400059 | https://api.github.com/repos/simonw/datasette/issues/1409 | 890400059 | IC_kwDOBm6k_c41Em07 | 9599 | 2021-07-31T20:21:51Z | 2021-07-31T20:21:51Z | OWNER | One of these two options: - `--setting default_allow_sql off` - `--setting allow_sql_default off` Existing settings from https://docs.datasette.io/en/0.58.1/settings.html with similar names that I need to be consistent with: - `default_page_size` - `allow_facet` - `default_facet_size` - `allow_download` - `default_cache_ttl` - `default_cache_ttl_hashed` - `allow_csv_stream` | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
957310278 | |
https://github.com/simonw/datasette/issues/1409#issuecomment-890400121 | https://api.github.com/repos/simonw/datasette/issues/1409 | 890400121 | IC_kwDOBm6k_c41Em15 | 9599 | 2021-07-31T20:22:21Z | 2021-07-31T20:23:34Z | OWNER | I think `default_allow_sql` is more consistent with the current naming conventions, because both `allow` and `default` are used as prefixes at the moment but neither of them are ever used as a suffix. Plus `default_allow_sql off` makes sense to me but `allow_default_sql off` does not - what is "default SQL"? | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
957310278 | |
https://github.com/simonw/datasette/issues/1409#issuecomment-890400425 | https://api.github.com/repos/simonw/datasette/issues/1409 | 890400425 | IC_kwDOBm6k_c41Em6p | 9599 | 2021-07-31T20:25:16Z | 2021-07-31T20:26:25Z | OWNER | If I was prone to over-thinking (which I am) I'd note that `allow_facet` and `allow_download` and `allow_csv_stream` are all settings that do NOT have an equivalent in the newer permissions system, which is itself a little weird and inconsistent. So maybe there's a future task where I introduce those as both permissions and metadata `"allow_x"` blocks, then rename the settings themselves to be called `default_allow_facet` and `default_allow_download` and `default_allow_csv_stream`. If I was going to do that I should get it in before Datasette 1.0. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
957310278 |