issue_comments
14 rows where issue = 1138008042
This data as json, CSV (advanced)
Suggested facets: created_at (date), updated_at (date)
| id ▼ | html_url | issue_url | node_id | user | created_at | updated_at | author_association | body | reactions | issue | performed_via_github_app |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 1192862243 | https://github.com/simonw/datasette/issues/1636#issuecomment-1192862243 | https://api.github.com/repos/simonw/datasette/issues/1636 | IC_kwDOBm6k_c5HGaIj | simonw 9599 | 2022-07-22T19:10:48Z | 2022-07-22T19:11:01Z | OWNER | I keep running into a need for this. Every time I create a new plugin that defines a new permission I wish there was a clean way to grant that permission to new users without installing some other permissions plugin. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | "permissions" propery in metadata for configuring arbitrary permissions 1138008042 | |
| 1192862767 | https://github.com/simonw/datasette/issues/1636#issuecomment-1192862767 | https://api.github.com/repos/simonw/datasette/issues/1636 | IC_kwDOBm6k_c5HGaQv | simonw 9599 | 2022-07-22T19:11:41Z | 2022-07-22T19:11:41Z | OWNER | I keep shipping plugins that set a special hook just so the root user can try them out. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | "permissions" propery in metadata for configuring arbitrary permissions 1138008042 | |
| 1334666806 | https://github.com/simonw/datasette/issues/1636#issuecomment-1334666806 | https://api.github.com/repos/simonw/datasette/issues/1636 | IC_kwDOBm6k_c5PjWY2 | simonw 9599 | 2022-12-02T01:58:40Z | 2022-12-02T02:00:53Z | OWNER | Current design: ```json { "databases": { "private": { "allow": { "id": "*" } } } } ``` This can be applied at the instance, database, table or query level within the nested JSON. https://docs.datasette.io/en/stable/authentication.html#controlling-access-to-specific-databases It's actually controlling the following permissions: - `view-instance` - `view-database` - `view-table` - `view-query` There's also a special case for allowing SQL queries,at the instance and database level: ```json { "databases": { "mydatabase": { "allow_sql": { "id": "root" } } } } ``` | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | "permissions" propery in metadata for configuring arbitrary permissions 1138008042 | |
| 1334673179 | https://github.com/simonw/datasette/issues/1636#issuecomment-1334673179 | https://api.github.com/repos/simonw/datasette/issues/1636 | IC_kwDOBm6k_c5PjX8b | simonw 9599 | 2022-12-02T02:07:20Z | 2022-12-02T04:27:07Z | OWNER | So the new mechanism needs to extend that to handle all of the other permissions as well. The simplest design I can think of is this (here illustrated using YAML): ```yaml # instance-level permissions - give every logged in user the debug menu: permissions: debug-menu: id: * databases: content: # Allow bob to create-table in the content database permissions: create-table: id: bob ``` | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | "permissions" propery in metadata for configuring arbitrary permissions 1138008042 | |
| 1334757597 | https://github.com/simonw/datasette/issues/1636#issuecomment-1334757597 | https://api.github.com/repos/simonw/datasette/issues/1636 | IC_kwDOBm6k_c5Pjsjd | simonw 9599 | 2022-12-02T04:42:35Z | 2022-12-02T04:42:35Z | OWNER | Should I call this key `permissions` or something else? Some options: - `permissions` - `perms` - shorter to type - `allow` - I like the word, but might be confusing to change its meaning since we use it already | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | "permissions" propery in metadata for configuring arbitrary permissions 1138008042 | |
| 1334758766 | https://github.com/simonw/datasette/issues/1636#issuecomment-1334758766 | https://api.github.com/repos/simonw/datasette/issues/1636 | IC_kwDOBm6k_c5Pjs1u | simonw 9599 | 2022-12-02T04:45:16Z | 2022-12-02T04:45:16Z | OWNER | Also, this is another thing which should live in `config.yml` rather than being crammed into `metadata.yml` - but I can fix that when I address: - #493 | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | "permissions" propery in metadata for configuring arbitrary permissions 1138008042 | |
| 1334759315 | https://github.com/simonw/datasette/issues/1636#issuecomment-1334759315 | https://api.github.com/repos/simonw/datasette/issues/1636 | IC_kwDOBm6k_c5Pjs-T | simonw 9599 | 2022-12-02T04:46:32Z | 2022-12-02T04:46:32Z | OWNER | Thankfully all of the logic for this already lives in just one place: https://github.com/simonw/datasette/blob/d7e5e3c9f98d194fdfb12f1ecc60ed5b3afbc464/datasette/default_permissions.py#L23-L59 | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | "permissions" propery in metadata for configuring arbitrary permissions 1138008042 | |
| 1341854373 | https://github.com/simonw/datasette/issues/1636#issuecomment-1341854373 | https://api.github.com/repos/simonw/datasette/issues/1636 | IC_kwDOBm6k_c5P-xKl | simonw 9599 | 2022-12-08T01:43:35Z | 2022-12-08T01:43:35Z | OWNER | I'm going to write the documentation for this first. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | "permissions" propery in metadata for configuring arbitrary permissions 1138008042 | |
| 1343440504 | https://github.com/simonw/datasette/issues/1636#issuecomment-1343440504 | https://api.github.com/repos/simonw/datasette/issues/1636 | IC_kwDOBm6k_c5QE0Z4 | simonw 9599 | 2022-12-08T22:10:28Z | 2022-12-08T22:10:48Z | OWNER | What if you want to grant `insert-row` to a user for ALL tables in a database, or even for all tables in all databases? You should be able to do that by putting that in the root `permissions:` block. Need to figure out how the implementation will handle that. Also: there are some permissions like `view-instance` or `debug-menu` for which putting them at the `database` or `table` or `query` level doesn't actually make any sense. Ideally the implementation would spot those on startup and refuse to start the server, with a helpful error message. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | "permissions" propery in metadata for configuring arbitrary permissions 1138008042 | |
| 1343446071 | https://github.com/simonw/datasette/issues/1636#issuecomment-1343446071 | https://api.github.com/repos/simonw/datasette/issues/1636 | IC_kwDOBm6k_c5QE1w3 | simonw 9599 | 2022-12-08T22:16:17Z | 2022-12-08T22:16:17Z | OWNER | First draft of documentation: https://datasette--1938.org.readthedocs.build/en/1938/authentication.html#other-permissions-in-metadata | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | "permissions" propery in metadata for configuring arbitrary permissions 1138008042 | |
| 1343715746 | https://github.com/simonw/datasette/issues/1636#issuecomment-1343715746 | https://api.github.com/repos/simonw/datasette/issues/1636 | IC_kwDOBm6k_c5QF3mi | simonw 9599 | 2022-12-09T01:27:41Z | 2022-12-09T01:27:58Z | OWNER | I may need to consult this file to figure out if the permission that is being checked can act at the database/table/instance level: https://github.com/simonw/datasette/blob/e539c1c024bc62d88df91d9107cbe37e7f0fe55f/datasette/permissions.py#L1-L19 | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | "permissions" propery in metadata for configuring arbitrary permissions 1138008042 | |
| 1347647298 | https://github.com/simonw/datasette/issues/1636#issuecomment-1347647298 | https://api.github.com/repos/simonw/datasette/issues/1636 | IC_kwDOBm6k_c5QU3dC | simonw 9599 | 2022-12-13T02:08:46Z | 2022-12-13T02:08:46Z | OWNER | A bunch of the work for this just landed - in particular the new scheme is now documented (even though it doesn't work yet): https://docs.datasette.io/en/latest/authentication.html#other-permissions-in-metadata | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | "permissions" propery in metadata for configuring arbitrary permissions 1138008042 | |
| 1347648326 | https://github.com/simonw/datasette/issues/1636#issuecomment-1347648326 | https://api.github.com/repos/simonw/datasette/issues/1636 | IC_kwDOBm6k_c5QU3tG | simonw 9599 | 2022-12-13T02:10:02Z | 2022-12-13T02:10:02Z | OWNER | The implementation for this will go here: https://github.com/simonw/datasette/blob/8bf06a76b51bc9ace7cf72cf0cca8f1da7704ea7/datasette/default_permissions.py#L81-L83 Here's the start of the tests (currently marked as `xfail`): https://github.com/simonw/datasette/blob/8bf06a76b51bc9ace7cf72cf0cca8f1da7704ea7/tests/test_permissions.py#L652-L689 | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | "permissions" propery in metadata for configuring arbitrary permissions 1138008042 | |
| 1347655074 | https://github.com/simonw/datasette/issues/1636#issuecomment-1347655074 | https://api.github.com/repos/simonw/datasette/issues/1636 | IC_kwDOBm6k_c5QU5Wi | simonw 9599 | 2022-12-13T02:21:04Z | 2022-12-13T02:21:23Z | OWNER | The thing I'm stuck on at the moment is how to implement it such that an `allow` block for `create-table` at the root of the metadata will be checked correctly. Maybe the algorithm when `_resolve_metadata_permissions_blocks(datasette, actor, action, resource)` is called should do this: 1. If a root permission block matching that action exists, test with that 2. Next, if resource has been passed, check at the database level 3. If the resource included a table/query, check at that level too So everything is keyed off the incoming `action` name. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | "permissions" propery in metadata for configuring arbitrary permissions 1138008042 |
Advanced export
JSON shape: default, array, newline-delimited, object
CREATE TABLE [issue_comments] (
[html_url] TEXT,
[issue_url] TEXT,
[id] INTEGER PRIMARY KEY,
[node_id] TEXT,
[user] INTEGER REFERENCES [users]([id]),
[created_at] TEXT,
[updated_at] TEXT,
[author_association] TEXT,
[body] TEXT,
[reactions] TEXT,
[issue] INTEGER REFERENCES [issues]([id])
, [performed_via_github_app] TEXT);
CREATE INDEX [idx_issue_comments_issue]
ON [issue_comments] ([issue]);
CREATE INDEX [idx_issue_comments_user]
ON [issue_comments] ([user]);