mirror
/
datasette
kopia lustrzana https://github.com/simonw/datasette
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność
1 120 Commity
131 Gałęzie
148 Tagi
75 MiB
Wykres commitów

1120 Commity (008e2f63c217aa066027a872ee706b07bd084857)

Autor SHA1 Wiadomość Data
Simon Willison 7dc23cd71a Whitespace 2020-06-06 13:05:09 -07:00
Simon Willison f1daf64e72 Link to canned query permissions documentation 2020-06-06 12:46:40 -07:00
Simon Willison 415ccd7cbd
Merge pull request #803 from simonw/canned-query-permissions 2020-06-06 12:40:19 -07:00
Simon Willison 3359d54a4e Use cookies when accessing csrftoken_from 2020-06-06 12:33:08 -07:00
Simon Willison 966eec7f75 Check permissions on canned query page, refs #800 2020-06-06 12:27:00 -07:00
Simon Willison 070838bfa1 Better test for Vary header 2020-06-06 12:26:19 -07:00
Simon Willison 3f83d4632a Respect query permissions on database page, refs #800 2020-06-06 12:05:22 -07:00
Simon Willison 14f6b4d200 actor_matches_allow utility function, refs #800 2020-06-06 11:39:11 -07:00
Simon Willison d4c7b85f55 Documentation for "id": "*", refs #800 2020-06-06 11:23:54 -07:00
Simon Willison 30a8132d58 Docs for authentication + canned query permissions, refs #800 
Closes #786
 2020-06-06 11:18:46 -07:00
Simon Willison 9c563d6aed Bump asgi-csrf to 0.5.1 for a bug fix 
Refs https://github.com/simonw/asgi-csrf/issues/10
 2020-06-05 17:15:52 -07:00
Simon Willison 75c143a84c Fixed /-/plugins?all=1, refs #802 2020-06-05 16:55:08 -07:00
Simon Willison f786033a5f Fixed 'datasette plugins' command, with tests - closes #802 2020-06-05 16:46:37 -07:00
Simon Willison 033a1bb22c Removed rogue print() from test 2020-06-05 12:06:43 -07:00
Simon Willison 84a9c4ff75
CSRF protection (#798) 
Closes #793.

* Rename RequestParameters to MultiParams, refs #799
* Allow tuples as well as lists in MultiParams, refs #799
* Use csrftokens when running tests, refs #799
* Use new csrftoken() function, refs https://github.com/simonw/asgi-csrf/issues/7
* Check for Vary: Cookie hedaer, refs https://github.com/simonw/asgi-csrf/issues/8
 2020-06-05 12:05:57 -07:00
Simon Willison d96ac1d52c Allow tuples as well as lists in MultiParams, refs #799 2020-06-05 11:01:06 -07:00
Simon Willison 0da7f49b24 Rename RequestParameters to MultiParams, refs #799 2020-06-05 10:52:50 -07:00
Simon Willison 0c064c5fe2 More things you can do with plugins 2020-06-04 20:10:40 -07:00
Simon Willison 2074efa5a4 Another actor_from_request example 2020-06-04 18:38:32 -07:00
Simon Willison 8524866fdf Link to authentication docs 2020-06-04 16:58:19 -07:00
Simon Willison 9cb44be42f Docs and tests for "params", closes #797 2020-06-03 14:04:40 -07:00
Simon Willison aa82d03704
Basic writable canned queries 
Refs #698. First working version of this feature.

* request.post_vars() no longer discards empty values
 2020-06-03 08:16:50 -07:00
Simon Willison 0934844c0b request.post_vars() no longer discards empty values 2020-06-03 06:48:39 -07:00
Simon Willison 9690ce6068 More efficient modifiation of scope 2020-06-02 17:05:33 -07:00
Simon Willison 3c5e4f266d Added messages to pattern portfolio, refs #790 2020-06-02 15:34:50 -07:00
Simon Willison a7137dfe06 /-/plugins now shows details of hooks, closes #794 
Also added /-/plugins?all=1 parameter to see default plugins.
 2020-06-02 14:49:28 -07:00
Simon Willison 5278c04682 More consistent use of response.text/response.json in tests, closes #792 2020-06-02 14:29:12 -07:00
Simon Willison 4fa7cf6853 Flash messages mechanism, closes #790 2020-06-02 14:12:18 -07:00
Simon Willison 1d0bea157a New request.cookies property 2020-06-02 14:11:41 -07:00
Simon Willison b4cd8797b8 permission_checks is now _permission_checks 2020-06-02 14:11:32 -07:00
Simon Willison dfdbdf378a Added /-/permissions debug tool, closes #788 
Also started the authentication.rst docs page, refs #786.

Part of authentication work, refs #699.
 2020-05-31 22:00:36 -07:00
Simon Willison 57cf5139c5 Default actor_from_request hook supporting ds_actor signed cookie 
Refs #784, refs #699
 2020-05-31 18:16:42 -07:00
Simon Willison 9f3d4aba31 --root option and /-/auth-token view, refs #784 2020-05-31 18:16:42 -07:00
Simon Willison 7690d5ba40 Docs for --secret/DATASETTE_SECRET - closes #785 2020-05-31 18:16:42 -07:00
Simon Willison fa27e44fe0 datasette.sign() and datasette.unsign() methods, refs #785 2020-05-31 18:16:42 -07:00
Simon Willison 1fc6ceefb9 Added /-/actor.json - refs #699 
Also added JSON highlighting to introspection documentation.
 2020-05-31 18:16:42 -07:00
Simon Willison 9315bacf6f Implemented datasette.permission_allowed(), refs #699 2020-05-31 18:16:42 -07:00
Simon Willison 461c82838d Implemented actor_from_request with tests, refs #699 
Also added datasette argument to permission_allowed hook
 2020-05-31 18:16:42 -07:00
Simon Willison 060a56735c actor_from_request and permission_allowed hookspecs, refs #699 2020-05-31 18:16:42 -07:00
Simon Willison c4fbe50676 Documentation for Database introspection methods, closes #684 
Refs #576
 2020-05-30 11:40:30 -07:00
Simon Willison 124acf34a6 Removed db.get_outbound_foreign_keys method 
It duplicated the functionality of db.foreign_keys_for_table.
 2020-05-30 11:39:46 -07:00
Simon Willison 4d798ca0e3 Added test for db.mtime_ns 2020-05-30 11:17:20 -07:00
Simon Willison 3c5afaeb23 Re-arranged internals documentation 
Request is more useful to most people than Database.
 2020-05-30 11:06:13 -07:00
Simon Willison 5ae14c9f20 Improved documentation for RequestParameters class 2020-05-30 10:54:22 -07:00
Simon Willison de1cde65a6 Moved request tests to test_internals_request.py 2020-05-30 10:45:11 -07:00
Simon Willison 012c76901a _ prefix for many private methods of Datasette, refs #576 2020-05-30 07:38:46 -07:00
Simon Willison ca56c226a9 Renamed test_database.py to test_internals_database.py 
Also added a db fixture to remove some boilerplate.
 2020-05-30 07:33:02 -07:00
Simon Willison 31fb006a9b Added datasette.get_database() method 
Refs #576
 2020-05-30 07:29:59 -07:00
Simon Willison 81be31322a New implementation for RequestParams 
- no longer subclasses dict
- request.args[key] now returns first item, not all items
- removed request.raw_args entirely

Closes #774
 2020-05-29 16:22:22 -07:00
Simon Willison f272cbc65f Use request.args.getlist instead of request.args[...], refs #774 2020-05-29 15:57:46 -07:00