github
html_url | issue_url | id | node_id | user | created_at | updated_at | author_association | body | reactions | issue | performed_via_github_app |
---|---|---|---|---|---|---|---|---|---|---|---|
https://github.com/simonw/datasette/issues/699#issuecomment-636576603 | https://api.github.com/repos/simonw/datasette/issues/699 | 636576603 | MDEyOklzc3VlQ29tbWVudDYzNjU3NjYwMw== | 9599 | 2020-06-01T02:13:26Z | 2020-06-01T03:13:31Z | OWNER | Debugging tool idea: `/-/permissions` page which shows you the actor and lets you type in the strings for `action`, `resource_type` and `resource_identifier` - then shows you EVERY plugin hook that would have executed and what it would have said, plus when the chain would have terminated. Bonus: if you're logged in as the `root` user (or a user that matches some kind of permission check, maybe a check for `permissions_debug`) you get to see a rolling log of the last 30 permission checks and what the results were across the whole of Datasette. This should make figuring out permissions policies a whole lot easier. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
582526961 | |
https://github.com/simonw/datasette/issues/699#issuecomment-636576252 | https://api.github.com/repos/simonw/datasette/issues/699 | 636576252 | MDEyOklzc3VlQ29tbWVudDYzNjU3NjI1Mg== | 9599 | 2020-06-01T02:11:40Z | 2020-06-01T02:11:40Z | OWNER | Plugin idea: `datasette-allow-all` - really simple plugin which just says "yes" to every permission check. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
582526961 | |
https://github.com/simonw/datasette/issues/699#issuecomment-636566616 | https://api.github.com/repos/simonw/datasette/issues/699 | 636566616 | MDEyOklzc3VlQ29tbWVudDYzNjU2NjYxNg== | 9599 | 2020-06-01T01:23:48Z | 2020-06-01T01:23:48Z | OWNER | https://latest.datasette.io/-/actor is now live (it returns `null` because there's no current way to sign into the `latest.datasette.io` site - not even with a fake `ds_actor` cookie because there's no way to know what that site's random secret is). | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
582526961 | |
https://github.com/simonw/datasette/issues/699#issuecomment-636566433 | https://api.github.com/repos/simonw/datasette/issues/699 | 636566433 | MDEyOklzc3VlQ29tbWVudDYzNjU2NjQzMw== | 9599 | 2020-06-01T01:22:59Z | 2020-06-01T01:22:59Z | OWNER | Some next steps: - Try out a branch of `datasette-auth-github` that builds on these new plugin hooks - Build a `datasette-api-tokens` plugin which implements `Authorization: bearer xxx` token support for API access - Maybe prototype up a `datasette-user-accounts` plugin which supports username/password accounts and allows an admin user to create/delete them - Do more work on writable canned queries in #698 and see what they look like if they take advantage of the permissions hook (to restrict some to only allowing authenticated users) | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
582526961 | |
https://github.com/simonw/datasette/issues/699#issuecomment-636565610 | https://api.github.com/repos/simonw/datasette/issues/699 | 636565610 | MDEyOklzc3VlQ29tbWVudDYzNjU2NTYxMA== | 9599 | 2020-06-01T01:19:45Z | 2020-06-01T01:19:45Z | OWNER | I rebased in #783 so all of this is on master now. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
582526961 | |
https://github.com/simonw/datasette/issues/699#issuecomment-636562999 | https://api.github.com/repos/simonw/datasette/issues/699 | 636562999 | MDEyOklzc3VlQ29tbWVudDYzNjU2Mjk5OQ== | 9599 | 2020-06-01T01:09:47Z | 2020-06-01T01:09:47Z | OWNER | I should add an entire page to the documentation describing Datasette authentication. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
582526961 | |
https://github.com/simonw/datasette/issues/699#issuecomment-636562658 | https://api.github.com/repos/simonw/datasette/issues/699 | 636562658 | MDEyOklzc3VlQ29tbWVudDYzNjU2MjY1OA== | 9599 | 2020-06-01T01:08:20Z | 2020-06-01T01:08:54Z | OWNER | OK, the implementation in PR #783 is in a good state now - it implements the new plugin hooks with tests and documentation, plus it implements this: $ datasette . --root http://127.0.0.1:8001/-/auth-token?token=3ca9ee460a6451142389351d19b147bce27d2a785dfb6b5a74f82211be1ede49 ... That URL, when clicked, will set a cookie for the `{"id": "root"}` user. The cookie is respected and used to populate `scope["actor"]`. I'm going to merge that pull request and continue working on this stuff on master. | { "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0 } |
582526961 |