issue_comments
22 rows where issue = 1493390939
This data as json, CSV (advanced)
Suggested facets: created_at (date), updated_at (date)
| id ▼ | html_url | issue_url | node_id | user | created_at | updated_at | author_association | body | reactions | issue | performed_via_github_app |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 1347760109 | https://github.com/simonw/datasette/issues/1947#issuecomment-1347760109 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5QVS_t | simonw 9599 | 2022-12-13T05:12:00Z | 2022-12-13T05:12:00Z | OWNER | For the UI: I think I'm going to dump a whole bunch of form elements on the page (so you can set up to 3 of each category of limit without any JavaScript), then add JavaScript that hides all but one of the options and gives you a "add another" widget that adds multiple more. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 | |
| 1347768328 | https://github.com/simonw/datasette/issues/1947#issuecomment-1347768328 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5QVVAI | simonw 9599 | 2022-12-13T05:25:31Z | 2022-12-13T22:25:46Z | OWNER | https://latest.datasette.io/-/create-token currently looks like this:  As a reminder, the CLI options that this needs to provide an alternative to are: https://github.com/simonw/datasette/blob/d4b98d3924dec625a99236e65b1b169ff957381f/docs/cli-reference.rst#L619-L638 | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 | |
| 1347768549 | https://github.com/simonw/datasette/issues/1947#issuecomment-1347768549 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5QVVDl | simonw 9599 | 2022-12-13T05:25:56Z | 2022-12-13T22:29:12Z | OWNER | - [x] I should add a `--database` example to that help text. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 | |
| 1347775760 | https://github.com/simonw/datasette/issues/1947#issuecomment-1347775760 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5QVW0Q | simonw 9599 | 2022-12-13T05:38:47Z | 2022-12-13T05:38:47Z | OWNER | I'm going to hide the options for reducing the scope of the token inside a details/summary element. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 | |
| 1349972480 | https://github.com/simonw/datasette/issues/1947#issuecomment-1349972480 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5QdvIA | simonw 9599 | 2022-12-13T22:58:51Z | 2022-12-13T22:58:51Z | OWNER | I'm experimenting with a `<select multiple>` for this. The usability for keyboards is still pretty awful, but it's a niche enough feature that maybe that's OK for the moment? ```javascript var select = document.querySelector('select'); var selected = Array.from(temp0.options).filter(o => o.selected).map(o => o.value) ``` | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 | |
| 1349974287 | https://github.com/simonw/datasette/issues/1947#issuecomment-1349974287 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5QdvkP | simonw 9599 | 2022-12-13T22:59:44Z | 2022-12-13T22:59:44Z | OWNER | Got an option group thing working: <img width="445" alt="image" src="https://user-images.githubusercontent.com/9599/207463308-15268283-a0e9-4c05-b5e5-952def0f3ef1.png"> But... it strikes me that any time you're considering a `<select multiple>` like this a nested list of checkboxes would actually be better - easier for people to use. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 | |
| 1349975255 | https://github.com/simonw/datasette/issues/1947#issuecomment-1349975255 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5QdvzX | simonw 9599 | 2022-12-13T23:00:11Z | 2022-12-13T23:00:11Z | OWNER | My `<select multiple>` prototype: ```diff diff --git a/datasette/templates/create_token.html b/datasette/templates/create_token.html index a94881ed..5bd641cc 100644 --- a/datasette/templates/create_token.html +++ b/datasette/templates/create_token.html @@ -6,7 +6,7 @@ <h1>Create an API token</h1> -<p>This token will allow API access with the same abilities as your current user.</p> +<p>This token will allow API access with the same abilities as your current user, <strong>{{ request.actor.id }}</strong></p> {% if errors %} {% for error in errors %} @@ -28,6 +28,36 @@ <input type="hidden" name="csrftoken" value="{{ csrftoken() }}"> <input type="submit" value="Create token"> </div> + + <details style="margin-top: 1em" open> + <summary style="cursor: pointer;">Restrict actions that can be performed using this token</summary> + <p style="margin-top: 1em">Restrict actions that can be performed using this token:</p> + <p><label="all_permissions">All databases and tables:</label></p> + <p><select multiple id="all_permissions" size="{{ all_permissions|length * 4 }}"> + <optgroup label="All databases and tables"> + {% for permission in all_permissions %} + <option value="all:{{ permission }}">{{ permission }}</option> + {% endfor %} + </optgroup> + {% for database in databases %} + <optgroup label="All tables in database: {{ database }}"> + {% for permission in database_permissions %} + <option value="db:{{ database }}:{{ permission }}">{{ permission }}</option> + {% endfor %} + </optgroup> + {% endfor %} + {% for dbt in database_with_tables %} + {% for table in dbt.tables %} + <optgroup label="Table {{ dbt.database }}.{{ table }}"> + {% for permission in table_permissions %} + <option value="table:{{ dbt.database }}:{{ permission }}">{{ permission }}</option> + {% endfor %} + </optgroup> + {% endfor %} + {% endfor %} + … | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 | |
| 1350002434 | https://github.com/simonw/datasette/issues/1947#issuecomment-1350002434 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5Qd2cC | simonw 9599 | 2022-12-13T23:11:50Z | 2022-12-13T23:11:59Z | OWNER | I think checkboxes will work well. Here's the data I get back from them (as `post_vars()`): ``` {'all:debug-menu': 'on', 'all:insert-row': 'on', 'expire_duration': '', 'expire_type': '', 'table:fixtures:delete-row': 'on', 'table:fixtures:drop-table': 'on', 'table:fixtures:view-query': 'on'} ``` | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 | |
| 1350008636 | https://github.com/simonw/datasette/issues/1947#issuecomment-1350008636 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5Qd388 | simonw 9599 | 2022-12-13T23:14:33Z | 2022-12-13T23:14:33Z | OWNER | Checkbox interface looks like this. It's not beautiful but it's good enough for the moment: <img width="598" alt="image" src="https://user-images.githubusercontent.com/9599/207465391-78b6e440-65b0-4a02-9911-0b948e65c357.png"> | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 | |
| 1350013016 | https://github.com/simonw/datasette/issues/1947#issuecomment-1350013016 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5Qd5BY | simonw 9599 | 2022-12-13T23:16:24Z | 2022-12-13T23:17:17Z | OWNER | Slightly tricky thing here is that it should only show permissions that the user themselves has - on databases and tables that they have permission to access. I have a nasty feeling this may require looping through _everything_ and running every permission check, which could get very expensive if there are plugins involved that do their own storage check to resolve a permission. It's that classic permission system problem: how to efficiently iterate through everything the user has permission to do in one go? Might be that I have to punt on that, and show the user a list of permissions to select that they might not actually have ability for. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 | |
| 1350019528 | https://github.com/simonw/datasette/issues/1947#issuecomment-1350019528 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5Qd6nI | simonw 9599 | 2022-12-13T23:19:16Z | 2022-12-13T23:19:16Z | OWNER | Here's the checkbox prototype: ```diff diff --git a/datasette/templates/create_token.html b/datasette/templates/create_token.html index a94881ed..1795ebaf 100644 --- a/datasette/templates/create_token.html +++ b/datasette/templates/create_token.html @@ -2,11 +2,20 @@ {% block title %}Create an API token{% endblock %} +{% block extra_head %} +<style type="text/css"> +#restrict-permissions label { + display: inline; + width: 90%; +} +</style> +{% endblock %} + {% block content %} <h1>Create an API token</h1> -<p>This token will allow API access with the same abilities as your current user.</p> +<p>This token will allow API access with the same abilities as your current user, <strong>{{ request.actor.id }}</strong></p> {% if errors %} {% for error in errors %} @@ -27,8 +36,39 @@ <input type="text" name="expire_duration" style="width: 10%"> <input type="hidden" name="csrftoken" value="{{ csrftoken() }}"> <input type="submit" value="Create token"> - </div> + + <details style="margin-top: 1em" open id="restrict-permissions"> + <summary style="cursor: pointer;">Restrict actions that can be performed using this token</summary> + <h2>All databases and tables</h2> + <ul> + {% for permission in all_permissions %} + <li><label><input type="checkbox" name="all:{{ permission }}"> {{ permission }}</label></li> + {% endfor %} + </ul> + + {% for database in databases %} + <h2>All tables in database: {{ database }}</h2> + <ul> + {% for permission in database_permissions %} + <li><label><input type="checkbox" name="db:{{ database }}:{{ permission }}"> {{ permission }}</label></li> + {% endfor %} + </ul> + {% endfor %} + <h2>Specific tables</h2> + {% for dbt in database_with_tables %} + {% for table in dbt.tables %} + <h3>{{ dbt.database }}: {{ table }}</h3> + <ul> + {% for permission in table_permissions %} + <li><label><inp… | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 | |
| 1350037572 | https://github.com/simonw/datasette/issues/1947#issuecomment-1350037572 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5Qd_BE | simonw 9599 | 2022-12-13T23:27:32Z | 2022-12-13T23:27:32Z | OWNER | I'm going to ignore the permissions issue for the moment - I'll allow people to select any permissions they like in any of the databases or tables that are visible to them (don't want to leak the existence of databases/tables to users who shouldn't be able to see them). I think the value of getting this working outweights any potential confusion from not using finely grained permission checks to decide if the user should be able to apply a permission or not. The tokens themselves won't be able to perform `insert-row` or similar if the user doesn't have the ability to do that, even if they selected that checkbox. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 | |
| 1350124381 | https://github.com/simonw/datasette/issues/1947#issuecomment-1350124381 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5QeUNd | simonw 9599 | 2022-12-14T00:07:51Z | 2022-12-14T00:07:51Z | OWNER | Another thing to consider in the future: once Datasette can support thousands of tables (see #417) the list on this page will turn into multiple MBs of HTML, which may cause all kinds of problems - not to mention the overhead of all of those table visibility permission checks. Hopefully by then I'll have a good fix for the permission listings problem: - #1152 And I can apply the same mechanism here. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 | |
| 1350125018 | https://github.com/simonw/datasette/issues/1947#issuecomment-1350125018 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5QeUXa | simonw 9599 | 2022-12-14T00:08:09Z | 2022-12-14T00:08:09Z | OWNER | Also: don't show hidden tables. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 | |
| 1350148192 | https://github.com/simonw/datasette/issues/1947#issuecomment-1350148192 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5QeaBg | simonw 9599 | 2022-12-14T00:19:06Z | 2022-12-14T00:19:06Z | OWNER | Another option: I could set a time limit - say 200ms - on how long I'm willing to spend calculating permissions before displaying this form First calculate view permissions for tables and databases (and maybe views and canned queries too). Then see if I can check every permission that I'm going to show as a checkbox on this page. If I get that done within the time limit use that to show the options. If I run out of time show all options and maybe include a note saying that some of them may not actually be available. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 | |
| 1350215936 | https://github.com/simonw/datasette/issues/1947#issuecomment-1350215936 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5QeqkA | simonw 9599 | 2022-12-14T01:23:42Z | 2022-12-14T01:23:42Z | OWNER | With tilde-encoding for database and table names the HTML looks like this: ```html <input type="checkbox" name="table:weird:foo~3Abar:view-table"> ``` | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 | |
| 1350401651 | https://github.com/simonw/datasette/issues/1947#issuecomment-1350401651 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5QfX5z | simonw 9599 | 2022-12-14T05:03:59Z | 2022-12-14T05:03:59Z | OWNER | I shipped a working interface. Could still do with some extra tests. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 | |
| 1350402667 | https://github.com/simonw/datasette/issues/1947#issuecomment-1350402667 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5QfYJr | simonw 9599 | 2022-12-14T05:05:10Z | 2022-12-14T05:05:10Z | OWNER | Tests can go here: https://github.com/simonw/datasette/blob/d98a8effb10ce8fe04a03eae42baa8a9cb0ca3f7/tests/test_auth.py#L143-L160 | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 | |
| 1350409537 | https://github.com/simonw/datasette/issues/1947#issuecomment-1350409537 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5QfZ1B | simonw 9599 | 2022-12-14T05:14:16Z | 2022-12-14T05:14:16Z | OWNER | New interface now live at https://latest.datasette.io/-/create-token <img width="957" alt="image" src="https://user-images.githubusercontent.com/9599/207511688-f5366522-ff45-4175-82db-ed48474c3ac6.png"> It shouldn't be showing `_memory` though. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 | |
| 1350413555 | https://github.com/simonw/datasette/issues/1947#issuecomment-1350413555 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5Qfazz | simonw 9599 | 2022-12-14T05:19:52Z | 2022-12-14T05:19:52Z | OWNER | Maybe I should have kept `_memory` listed for instances that are running with `--crossdb` enabled? Yeah I think I should. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 | |
| 1350414402 | https://github.com/simonw/datasette/issues/1947#issuecomment-1350414402 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5QfbBC | simonw 9599 | 2022-12-14T05:21:07Z | 2022-12-14T05:21:07Z | OWNER | It would be neat not to show write permissions against immutable databases too - and not hard from a performance perspective since it doesn't involve hundreds more permission checks. That will need permissions to grow a flag for if they need a mutable database though, which is a bigger job. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 | |
| 1350414961 | https://github.com/simonw/datasette/issues/1947#issuecomment-1350414961 | https://api.github.com/repos/simonw/datasette/issues/1947 | IC_kwDOBm6k_c5QfbJx | simonw 9599 | 2022-12-14T05:22:00Z | 2022-12-14T05:22:00Z | OWNER | I think the next big step for this feature is for me to actually use it to build a few things. | {"total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | UI to create reduced scope tokens from the `/-/create-token` page 1493390939 |
Advanced export
JSON shape: default, array, newline-delimited, object
CREATE TABLE [issue_comments] (
[html_url] TEXT,
[issue_url] TEXT,
[id] INTEGER PRIMARY KEY,
[node_id] TEXT,
[user] INTEGER REFERENCES [users]([id]),
[created_at] TEXT,
[updated_at] TEXT,
[author_association] TEXT,
[body] TEXT,
[reactions] TEXT,
[issue] INTEGER REFERENCES [issues]([id])
, [performed_via_github_app] TEXT);
CREATE INDEX [idx_issue_comments_issue]
ON [issue_comments] ([issue]);
CREATE INDEX [idx_issue_comments_user]
ON [issue_comments] ([user]);