issues: 665403403
This data as json
| id | node_id | number | title | user | state | locked | assignee | milestone | comments | created_at | updated_at | closed_at | author_association | pull_request | body | repo | type | active_lock_reason | performed_via_github_app | reactions | draft | state_reason |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 665403403 | MDU6SXNzdWU2NjU0MDM0MDM= | 907 | Allow documentation doesn't explain what happens with multiple allow keys | 9599 | closed | 0 | 5607421 | 2 | 2020-07-24T20:34:40Z | 2020-07-24T22:53:07Z | 2020-07-24T22:53:07Z | OWNER | Documentation here: https://datasette.readthedocs.io/en/0.45/authentication.html#defining-permissions-with-allow-blocks Doesn't explain that with the following "allow" block: ```json { "allow": { "id": "simonw", "role": "staff" } } ``` The rule will match if EITHER the id is simonw OR the role includes staff. The tests are missing this case too: https://github.com/simonw/datasette/blob/028f193dd6233fa116262ab4b07b13df7dcec9be/tests/test_utils.py#L504 Related to #906 | 107914493 | issue | {"url": "https://api.github.com/repos/simonw/datasette/issues/907/reactions", "total_count": 0, "+1": 0, "-1": 0, "laugh": 0, "hooray": 0, "confused": 0, "heart": 0, "rocket": 0, "eyes": 0} | completed |