mirror
/
datasette
kopia lustrzana https://github.com/simonw/datasette
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność
2 521 Commity
131 Gałęzie
149 Tagi
75 MiB
Wykres commitów

40 Commity (900d15bcb81c90d26cfebc3fe463c4b0465832c2)

Autor SHA1 Wiadomość Data
Simon Willison 900d15bcb8 alter table support for /db/-/create API, refs #2101 2024-02-08 13:36:17 -08:00
Alex Garcia 35deaabcb1
Move non-metadata configuration from metadata.yaml to datasette.yaml 
* Allow and permission blocks moved to datasette.yaml
* Documentation updates, initial framework for configuration reference
 2023-10-12 09:16:37 -07:00
Simon Willison 98ffad9aed execute-sql now implies can view instance/database, closes #2169 2023-08-31 15:46:26 -07:00
Simon Willison 50da908213
Cascade for restricted token view-table/view-database/view-instance operations (#2154) 
Closes #2102

* Permission is now a dataclass, not a namedtuple - refs https://github.com/simonw/datasette/pull/2154/#discussion_r1308087800
* datasette.get_permission() method
 2023-08-29 09:32:34 -07:00
Alex Garcia 92b8bf38c0
Add new `--internal internal.db` option, deprecate legacy `_internal` database 
Refs:
- #2157 
---------

Co-authored-by: Simon Willison <swillison@gmail.com>
 2023-08-28 20:24:23 -07:00
Simon Willison c41278b46f default_allow_sql setting, closes #1409 
Refs #1410
 2023-01-04 16:51:26 -08:00
Simon Willison e238df3959 Handle non-initials in permission_allowed_actor_restrictions, closes #1956 2022-12-14 12:04:23 -08:00
Simon Willison 34ad574bac Don't hard-code permissions in permission_allowed_actor_restrictions, refs #1855 2022-12-12 21:14:40 -08:00
Simon Willison e95b490d88 Move create-token command into cli.py, refs #1855 2022-12-12 20:18:42 -08:00
Simon Willison 9cc1a7c4c8 create-token command can now create restricted tokens, refs #1855 2022-12-12 20:15:56 -08:00
Simon Willison 3e6a208ba3 Rename 't' to 'r' in '_r' actor format, refs #1855 2022-12-12 19:27:34 -08:00
Simon Willison c5d30b58a1 Implemented metadata permissions: property, closes #1636 2022-12-12 18:40:45 -08:00
Simon Willison 8bf06a76b5
register_permissions() plugin hook (#1940) 
* Docs for permissions: in metadata, refs #1636
* Refactor default_permissions.py to help with implementation of #1636
* register_permissions() plugin hook, closes #1939 - also refs #1938
* Tests for register_permissions() hook, refs #1939
* Documentation for datasette.permissions, refs #1939
* permission_allowed() falls back on Permission.default, refs #1939
* Raise StartupError on duplicate permissions
* Allow dupe permisisons if exact matches
 2022-12-12 18:05:54 -08:00
Simon Willison 272982e8a6
/db/table/-/upsert API 
Close #1878

Also made a few tweaks to how _r works in tokens and actors,
refs #1855 - I needed that mechanism for the tests.
 2022-12-07 17:12:15 -08:00
Simon Willison 484bef0d3b /db/table/pk/-/update endpoint, closes #1863 2022-11-29 10:06:19 -08:00
Simon Willison 187d91d686 /db/-/create API endpoint, closes #1882 2022-11-14 21:57:28 -08:00
Simon Willison bcc781f4c5 Implementation and tests for _r field on actor, refs #1855 
New mechanism for restricting permissions further for a given actor.

This still needs documentation. It will eventually be used by the mechanism to issue
signed API tokens that are only able to perform a subset of actions.

This also adds tests that exercise the POST /-/permissions tool, refs #1881
 2022-11-03 17:12:23 -07:00
Simon Willison 00632ded30 Initial attempt at /db/table/row/-/delete, refs #1864 2022-10-30 16:16:00 -07:00
Simon Willison 2865d3956f /db/table/-/drop API, closes #1874 2022-10-30 15:17:21 -07:00
Simon Willison 9eb9ffae3d Drop API token requirement from API explorer, refs #1871 2022-10-30 13:09:55 -07:00
Simon Willison 51c436fed2 First draft of insert row write API, refs #1851 2022-10-26 20:57:02 -07:00
Simon Willison 382a871583 max_signed_tokens_ttl setting, closes #1858 
Also redesigned token format to include creation time and optional duration.
 2022-10-26 20:14:59 -07:00
Simon Willison c7956eed77 datasette create-token command, refs #1859 2022-10-25 21:26:12 -07:00
Simon Willison c23fa850e7 allow_signed_tokens setting, closes #1856 2022-10-25 19:55:47 -07:00
Simon Willison 0f013ff497 Mechanism to prevent tokens creating tokens, closes #1857 2022-10-25 19:43:55 -07:00
Simon Willison b29e487bc3 actor_from_request for dstok_ tokens, refs #1852 2022-10-25 19:18:41 -07:00
Simon Willison dcdfb2c301 Rename _schemas to _internal, closes #1156 2020-12-21 11:48:06 -08:00
Simon Willison ebc7aa287c In-memory _schemas database tracking schemas of attached tables, closes #1150 2020-12-18 14:34:05 -08:00
Simon Willison 222f79bb4c debug-menu permission, closes #1068 
Also added tests for navigation menu logic.
 2020-10-30 08:41:57 -07:00
Simon Willison ab76eddf31 Express no opinion if allow block is missing 
Default permission policy was returning True by default for permission
checks - which means that if allow was not defined for a level it would
be treated as a passing check.

This is better: we now return None of the allow block is not defined,
which means 'I have no opinion on this' and allows other code to make
its own decisions.

Added while working on #832
 2020-06-30 15:49:06 -07:00
Simon Willison 6c26345836 New plugin hook: canned_queries(), refs #852 2020-06-18 16:35:15 -07:00
Simon Willison 49d6d2f7b0 allow_sql block to control execute-sql upermission in metadata.json, closes #813 
Also removed the --config allow_sql:0 mechanism in favour of the new allow_sql block.
 2020-06-08 17:05:44 -07:00
Simon Willison e0a4664fba Better example plugin for permission_allowed 
Also fixed it so default permission checks run after plugin permission checks, refs #818
 2020-06-08 15:09:57 -07:00
Simon Willison 799c5d5357 Renamed resource_identifier to resource, refs #817 2020-06-08 11:59:53 -07:00
Simon Willison c9f1ec616e Removed resource_type from permissions system, closes #817 
Refs #811, #699
 2020-06-08 11:51:03 -07:00
Simon Willison 9397d71834 Implemented view-table, refs #811 2020-06-07 21:47:22 -07:00
Simon Willison 9b42e1a4f5 view-database permission 
Also now using 🔒 to indicate private resources - resources that
would not be available to the anonymous user. Refs #811
 2020-06-07 20:50:37 -07:00
Simon Willison 8571ce388a Implemented view-instance permission, refs #811 2020-06-07 14:30:39 -07:00
Simon Willison ece0ba6f4b Test + default impl for view-query permission, refs #811 2020-06-07 14:23:16 -07:00
Simon Willison dfdbdf378a Added /-/permissions debug tool, closes #788 
Also started the authentication.rst docs page, refs #786.

Part of authentication work, refs #699.
 2020-05-31 22:00:36 -07:00