issue_comments: 1343724732
This data as json
html_url | issue_url | id | node_id | user | created_at | updated_at | author_association | body | reactions | issue | performed_via_github_app |
---|---|---|---|---|---|---|---|---|---|---|---|
https://github.com/simonw/datasette/issues/1939#issuecomment-1343724732 | https://api.github.com/repos/simonw/datasette/issues/1939 | 1343724732 | IC_kwDOBm6k_c5QF5y8 | 9599 | 2022-12-09T01:40:44Z | 2022-12-09T01:43:25Z | OWNER | ```python Permission = collections.namedtuple( "Permission", ("name", "abbr", "takes_database", "takes_table", "default") ) ``` I don`t think that design is quite right. - Elsewhere in the code the concept is called an "action" rather than a "permission" - I think I can stick with the `Permission` name here though, it's pretty clear - `takes_database` - is `takes_` the right verb here? - `takes_table` can also refer to a SQL view or a canned named query A question that was raised by the work in #1938 is whether you should be able to grant a permission like `insert-row` at the instance or database level - and if so, what does that look like? I think you should be able to do that, it doesn't make sense to have to grant it explicitly for every single table. So maybe `takes_table` and `takes_database` are the right names here? But `table` is still bad because it doesn't reflect views and canned queries. One thought is to use `resource` - but that will require a bunch of breaking changes to the existing APIs which treat resource as a tuple. Now's the best time to do that though before Datasette 1.0. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | 1485757511 |