datasette

Wykres commitów

Autor	SHA1	Wiadomość	Data
Simon Willison	b26292a458	Test that view-query is respected by query list, refs #811	2020-06-07 20:56:49 -07:00
Simon Willison	9b42e1a4f5	view-database permission Also now using 🔒 to indicate private resources - resources that would not be available to the anonymous user. Refs #811	2020-06-07 20:50:37 -07:00
Simon Willison	613fa551a1	Removed view-row permission, for the moment - refs #811 https://github.com/simonw/datasette/issues/811#issuecomment-640338347	2020-06-07 20:14:27 -07:00
Simon Willison	cd92e4fe2a	Fixed test name, this executes view-query, not execute-sql - refs #811	2020-06-07 14:33:56 -07:00
Simon Willison	8571ce388a	Implemented view-instance permission, refs #811	2020-06-07 14:30:39 -07:00
Simon Willison	ece0ba6f4b	Test + default impl for view-query permission, refs #811	2020-06-07 14:23:16 -07:00
Simon Willison	abc7339124	Nicer pattern for make_app_client() in tests, closes #395	2020-06-07 14:14:10 -07:00
Simon Willison	5ed2853cf3	Fix permissions documenation test	2020-06-07 14:01:22 -07:00
Simon Willison	a1e801453a	Renamed execute-query permission to execute-sql, refs #811	2020-06-07 13:20:59 -07:00
Simon Willison	4340845754	Nested permission checks for all views, refs #811	2020-06-07 13:03:08 -07:00
Simon Willison	86dec9e8ff	Added permission check to every view, closes #808	2020-06-06 22:30:36 -07:00
Simon Willison	bd4de0647d	Improved permissions documentation	2020-06-06 19:09:59 -07:00
Simon Willison	7dc23cd71a	Whitespace	2020-06-06 13:05:09 -07:00
Simon Willison	f1daf64e72	Link to canned query permissions documentation	2020-06-06 12:46:40 -07:00
Simon Willison	415ccd7cbd	Merge pull request #803 from simonw/canned-query-permissions	2020-06-06 12:40:19 -07:00
Simon Willison	3359d54a4e	Use cookies when accessing csrftoken_from	2020-06-06 12:33:08 -07:00
Simon Willison	966eec7f75	Check permissions on canned query page, refs #800	2020-06-06 12:27:00 -07:00
Simon Willison	070838bfa1	Better test for Vary header	2020-06-06 12:26:19 -07:00
Simon Willison	3f83d4632a	Respect query permissions on database page, refs #800	2020-06-06 12:05:22 -07:00
Simon Willison	14f6b4d200	actor_matches_allow utility function, refs #800	2020-06-06 11:39:11 -07:00
Simon Willison	d4c7b85f55	Documentation for "id": "*", refs #800	2020-06-06 11:23:54 -07:00
Simon Willison	30a8132d58	Docs for authentication + canned query permissions, refs #800 Closes #786	2020-06-06 11:18:46 -07:00
Simon Willison	9c563d6aed	Bump asgi-csrf to 0.5.1 for a bug fix Refs https://github.com/simonw/asgi-csrf/issues/10	2020-06-05 17:15:52 -07:00
Simon Willison	75c143a84c	Fixed /-/plugins?all=1, refs #802	2020-06-05 16:55:08 -07:00
Simon Willison	f786033a5f	Fixed 'datasette plugins' command, with tests - closes #802	2020-06-05 16:46:37 -07:00
Simon Willison	033a1bb22c	Removed rogue print() from test	2020-06-05 12:06:43 -07:00
Simon Willison	84a9c4ff75	CSRF protection (#798 ) Closes #793. * Rename RequestParameters to MultiParams, refs #799 * Allow tuples as well as lists in MultiParams, refs #799 * Use csrftokens when running tests, refs #799 * Use new csrftoken() function, refs https://github.com/simonw/asgi-csrf/issues/7 * Check for Vary: Cookie hedaer, refs https://github.com/simonw/asgi-csrf/issues/8	2020-06-05 12:05:57 -07:00
Simon Willison	d96ac1d52c	Allow tuples as well as lists in MultiParams, refs #799	2020-06-05 11:01:06 -07:00
Simon Willison	0da7f49b24	Rename RequestParameters to MultiParams, refs #799	2020-06-05 10:52:50 -07:00
Simon Willison	0c064c5fe2	More things you can do with plugins	2020-06-04 20:10:40 -07:00
Simon Willison	2074efa5a4	Another actor_from_request example	2020-06-04 18:38:32 -07:00
Simon Willison	8524866fdf	Link to authentication docs	2020-06-04 16:58:19 -07:00
Simon Willison	9cb44be42f	Docs and tests for "params", closes #797	2020-06-03 14:04:40 -07:00
Simon Willison	aa82d03704	Basic writable canned queries Refs #698. First working version of this feature. * request.post_vars() no longer discards empty values	2020-06-03 08:16:50 -07:00
Simon Willison	0934844c0b	request.post_vars() no longer discards empty values	2020-06-03 06:48:39 -07:00
Simon Willison	9690ce6068	More efficient modifiation of scope	2020-06-02 17:05:33 -07:00
Simon Willison	3c5e4f266d	Added messages to pattern portfolio, refs #790	2020-06-02 15:34:50 -07:00
Simon Willison	a7137dfe06	/-/plugins now shows details of hooks, closes #794 Also added /-/plugins?all=1 parameter to see default plugins.	2020-06-02 14:49:28 -07:00
Simon Willison	5278c04682	More consistent use of response.text/response.json in tests, closes #792	2020-06-02 14:29:12 -07:00
Simon Willison	4fa7cf6853	Flash messages mechanism, closes #790	2020-06-02 14:12:18 -07:00
Simon Willison	1d0bea157a	New request.cookies property	2020-06-02 14:11:41 -07:00
Simon Willison	b4cd8797b8	permission_checks is now _permission_checks	2020-06-02 14:11:32 -07:00
Simon Willison	dfdbdf378a	Added /-/permissions debug tool, closes #788 Also started the authentication.rst docs page, refs #786. Part of authentication work, refs #699.	2020-05-31 22:00:36 -07:00
Simon Willison	57cf5139c5	Default actor_from_request hook supporting ds_actor signed cookie Refs #784, refs #699	2020-05-31 18:16:42 -07:00
Simon Willison	9f3d4aba31	--root option and /-/auth-token view, refs #784	2020-05-31 18:16:42 -07:00
Simon Willison	7690d5ba40	Docs for --secret/DATASETTE_SECRET - closes #785	2020-05-31 18:16:42 -07:00
Simon Willison	fa27e44fe0	datasette.sign() and datasette.unsign() methods, refs #785	2020-05-31 18:16:42 -07:00
Simon Willison	1fc6ceefb9	Added /-/actor.json - refs #699 Also added JSON highlighting to introspection documentation.	2020-05-31 18:16:42 -07:00
Simon Willison	9315bacf6f	Implemented datasette.permission_allowed(), refs #699	2020-05-31 18:16:42 -07:00
Simon Willison	461c82838d	Implemented actor_from_request with tests, refs #699 Also added datasette argument to permission_allowed hook	2020-05-31 18:16:42 -07:00

... 25 26 27 28 29 ...

2382 Commity (python-3.8-minimum) Wszystkie gałęzie Szukaj

2382 Commity (python-3.8-minimum)

Wszystkie gałęzie