github
id | node_id | number | title | user | state | locked | assignee | milestone | comments | created_at | updated_at | closed_at | author_association | pull_request | body | repo | type | active_lock_reason | performed_via_github_app | reactions | draft | state_reason |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1876353656 | I_kwDOBm6k_c5v1uJ4 | 2168 | Consider a request/response wrapping hook slightly higher level than asgi_wrapper() | 9599 | open | 0 | 6 | 2023-08-31T21:42:04Z | 2023-09-10T17:54:08Z | OWNER | There's a long justification for why this might be needed here: - https://github.com/simonw/datasette-auth-tokens/issues/10#issuecomment-1701820001 Short version: it would be neat if it was possible to stash some data on the `request` object such that a later plugin/middleware-type-thing could use that to influence the final returned response - similar to the kinds of things you can do with Django middleware. The `asgi_wrapper()` mechanism doesn't have access to the request or response objects - it gets `scope` and can mess around with `receive` and `send`, but those are pretty low-level primitives. Since Datasette has well-defined `request` and `response` objects now it might be nice to have a middleware layer that can manipulate those directly. | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/2168/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
||||||||
1876407598 | I_kwDOBm6k_c5v17Uu | 2169 | execute-sql on a database should imply view-database/view-permission | 9599 | closed | 0 | 0 | 2023-08-31T22:45:56Z | 2023-08-31T22:46:28Z | 2023-08-31T22:46:28Z | OWNER | I noticed that a token with `execute-sql` permission alone did not work, because it was not allowed to view the instance of the database. | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/2169/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
completed | ||||||
1875739055 | I_kwDOBm6k_c5vzYGv | 2167 | Document return type of await ds.permission_allowed() | 9599 | open | 0 | 0 | 2023-08-31T15:14:23Z | 2023-08-31T15:14:23Z | OWNER | The return type isn't documented here: https://github.com/simonw/datasette/blob/4c3ef033110407f3b3dbce501659d523724985e0/docs/internals.rst#L327-L350 On inspecting the code I'm not 100% sure if it's possible for this. method to return `None`, or if it can only return `True` or `False`. Need to confirm that. https://github.com/simonw/datasette/blob/4c3ef033110407f3b3dbce501659d523724985e0/datasette/app.py#L822C15-L853 | 107914493 | issue | { "url": "https://api.github.com/repos/simonw/datasette/issues/2167/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |