issue_comments
11 rows where "updated_at" is on date 2020-06-30 sorted by updated_at
This data as json, CSV (advanced)
Suggested facets: issue_url, issue, created_at (date)
id | html_url | issue_url | node_id | user | created_at | updated_at ▼ | author_association | body | reactions | issue | performed_via_github_app |
---|---|---|---|---|---|---|---|---|---|---|---|
651984355 | https://github.com/simonw/datasette/issues/877#issuecomment-651984355 | https://api.github.com/repos/simonw/datasette/issues/877 | MDEyOklzc3VlQ29tbWVudDY1MTk4NDM1NQ== | simonw 9599 | 2020-06-30T19:02:15Z | 2020-06-30T19:02:15Z | OWNER | https://cheatsheetseries.owasp.org/cheatsheets/Cross-Site_Request_Forgery_Prevention_Cheat_Sheet.html#login-csrf > Login CSRF can be mitigated by creating pre-sessions (sessions before a user is authenticated) and including tokens in login form. Sounds like regular CSRF protection to me. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Consider dropping explicit CSRF protection entirely? 648421105 | |
651984989 | https://github.com/simonw/datasette/issues/877#issuecomment-651984989 | https://api.github.com/repos/simonw/datasette/issues/877 | MDEyOklzc3VlQ29tbWVudDY1MTk4NDk4OQ== | simonw 9599 | 2020-06-30T19:03:25Z | 2020-06-30T19:03:25Z | OWNER | Relevant: #835 | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Consider dropping explicit CSRF protection entirely? 648421105 | |
651992737 | https://github.com/simonw/datasette/issues/832#issuecomment-651992737 | https://api.github.com/repos/simonw/datasette/issues/832 | MDEyOklzc3VlQ29tbWVudDY1MTk5MjczNw== | simonw 9599 | 2020-06-30T19:19:33Z | 2020-06-30T19:20:02Z | OWNER | I already have this method on Datasette: ```python async def permission_allowed(self, actor, action, resource=None, default=False): ``` What would be a good method name that complements that and indicates "check a list of permissions in order"? Should it even run against the request or should you have to hand it `request.actor`? | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Having view-table permission but NOT view-database should still grant access to /db/table 636722501 | |
651993537 | https://github.com/simonw/datasette/issues/832#issuecomment-651993537 | https://api.github.com/repos/simonw/datasette/issues/832 | MDEyOklzc3VlQ29tbWVudDY1MTk5MzUzNw== | simonw 9599 | 2020-06-30T19:21:15Z | 2020-06-30T19:21:15Z | OWNER | I could rename `permission_allowed()` to `check_permission()` and have a complementary `check_permissions()` method. This is a breaking change but we're pre-1.0 so I think that's OK. I could even set up a temporary `permission_allowed()` alias which prints a deprecation warning to the console, then remove that at 1.0. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Having view-table permission but NOT view-database should still grant access to /db/table 636722501 | |
651993977 | https://github.com/simonw/datasette/issues/832#issuecomment-651993977 | https://api.github.com/repos/simonw/datasette/issues/832 | MDEyOklzc3VlQ29tbWVudDY1MTk5Mzk3Nw== | simonw 9599 | 2020-06-30T19:22:06Z | 2020-06-30T19:22:06Z | OWNER | `permission_allowed` is already the name of the pugin hook. It's actually a bit confusing that it's also the name of a method on `datasette.`. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Having view-table permission but NOT view-database should still grant access to /db/table 636722501 | |
651994978 | https://github.com/simonw/datasette/issues/832#issuecomment-651994978 | https://api.github.com/repos/simonw/datasette/issues/832 | MDEyOklzc3VlQ29tbWVudDY1MTk5NDk3OA== | simonw 9599 | 2020-06-30T19:24:12Z | 2020-06-30T19:24:12Z | OWNER | Hah... but check_permission` is a method on `BaseView`. Here are the various permission methods at the moment: https://github.com/simonw/datasette/blob/6c2634583627bfab750c115cb13850252821d637/datasette/default_permissions.py#L5-L14 And on BaseView: https://github.com/simonw/datasette/blob/a8a5f813722f72703a7aae41135ccc40635cc02f/datasette/views/base.py#L65-L70 | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Having view-table permission but NOT view-database should still grant access to /db/table 636722501 | |
651995453 | https://github.com/simonw/datasette/issues/832#issuecomment-651995453 | https://api.github.com/repos/simonw/datasette/issues/832 | MDEyOklzc3VlQ29tbWVudDY1MTk5NTQ1Mw== | simonw 9599 | 2020-06-30T19:25:13Z | 2020-06-30T19:25:26Z | OWNER | I'm going to put the new `check_permissions()` method on `BaseView` as well. If I want that method to be available to plugins I can do so by turning that `BaseView` class into a documented API that plugins are encouraged to use themselves. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Having view-table permission but NOT view-database should still grant access to /db/table 636722501 | |
651999516 | https://github.com/simonw/datasette/issues/832#issuecomment-651999516 | https://api.github.com/repos/simonw/datasette/issues/832 | MDEyOklzc3VlQ29tbWVudDY1MTk5OTUxNg== | simonw 9599 | 2020-06-30T19:33:49Z | 2020-06-30T21:34:59Z | OWNER | Tests needed for this: - If a user has view table but NOT view database / view instance, can they view the table page? - If a user has view canned query but NOT view database / view instance, can they view the canned query page? - If a user has view database but NOT view instance, can they view the database page? | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Having view-table permission but NOT view-database should still grant access to /db/table 636722501 | |
652103895 | https://github.com/simonw/datasette/issues/832#issuecomment-652103895 | https://api.github.com/repos/simonw/datasette/issues/832 | MDEyOklzc3VlQ29tbWVudDY1MjEwMzg5NQ== | simonw 9599 | 2020-06-30T23:41:22Z | 2020-06-30T23:41:22Z | OWNER | I don't think this needs any additional documentation - the new behaviour matches how the permissions are documented here: https://datasette.readthedocs.io/en/0.44/authentication.html#built-in-permissions | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Having view-table permission but NOT view-database should still grant access to /db/table 636722501 | |
652105722 | https://github.com/simonw/datasette/issues/879#issuecomment-652105722 | https://api.github.com/repos/simonw/datasette/issues/879 | MDEyOklzc3VlQ29tbWVudDY1MjEwNTcyMg== | simonw 9599 | 2020-06-30T23:48:06Z | 2020-06-30T23:48:06Z | OWNER | Updated documentation: https://datasette.readthedocs.io/en/latest/pages.html | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Database page documentation still talks about hashes in URLs 648569227 | |
652106227 | https://github.com/simonw/datasette/issues/876#issuecomment-652106227 | https://api.github.com/repos/simonw/datasette/issues/876 | MDEyOklzc3VlQ29tbWVudDY1MjEwNjIyNw== | simonw 9599 | 2020-06-30T23:49:55Z | 2020-06-30T23:50:04Z | OWNER | Done: https://latest.datasette.io/-/patterns <img width="1004" alt="Datasette__Pattern_Portfolio" src="https://user-images.githubusercontent.com/9599/86187862-b680cb00-baf1-11ea-8905-8c257dd67665.png"> | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | Add log out link to the pattern portfolio 647879783 |
Advanced export
JSON shape: default, array, newline-delimited, object
CREATE TABLE [issue_comments] ( [html_url] TEXT, [issue_url] TEXT, [id] INTEGER PRIMARY KEY, [node_id] TEXT, [user] INTEGER REFERENCES [users]([id]), [created_at] TEXT, [updated_at] TEXT, [author_association] TEXT, [body] TEXT, [reactions] TEXT, [issue] INTEGER REFERENCES [issues]([id]) , [performed_via_github_app] TEXT); CREATE INDEX [idx_issue_comments_issue] ON [issue_comments] ([issue]); CREATE INDEX [idx_issue_comments_user] ON [issue_comments] ([user]);
updated_at (date) 1 ✖