issues: 634139848
This data as json
| id | node_id | number | title | user | state | locked | assignee | milestone | comments | created_at | updated_at | closed_at | author_association | pull_request | body | repo | type | active_lock_reason | performed_via_github_app | reactions | draft | state_reason |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 634139848 | MDU6SXNzdWU2MzQxMzk4NDg= | 813 | Mechanism for specifying allow_sql permission in metadata.json | 9599 | closed | 0 | 5512395 | 6 | 2020-06-08T04:57:19Z | 2020-06-09T00:09:57Z | 2020-06-09T00:07:19Z | OWNER | Split from #811. It would be useful if finely-grained permissions configured in `metadata.json` could be used to specify if a user is allowed to execute arbitrary SQL queries. We have a permission check call for this already: https://github.com/simonw/datasette/blob/9397d718345c4b35d2a5c55bfcbd1468876b5ab9/datasette/views/database.py#L159 But there's currently no way to implement this check without writing a plugin. I think a `"allow_sql": {...}` block at the database level in `metadata.json` (sibling to the current `"allow"` block for that database implemented in #811) would be a good option for this. | 107914493 | issue | {"url": "https://api.github.com/repos/simonw/datasette/issues/813/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | completed |