Simon Willison
|
a8a5f81372
|
Made show_messages available to plugins, closes #864
|
2020-06-28 17:50:47 -07:00 |
Simon Willison
|
7ac4936cec
|
.add_message() now works inside plugins, closes #864
Refs #870
|
2020-06-28 17:25:35 -07:00 |
Simon Willison
|
af350ba457
|
Use single Request created in DatasetteRouter, refs #870
|
2020-06-28 17:01:33 -07:00 |
Simon Willison
|
4dad028432
|
BaseView.as_asgi is now .as_view, refs #870
|
2020-06-28 16:47:40 -07:00 |
Simon Willison
|
3bc2461c77
|
Refactored AsgiView into BaseView, refs #870
|
2020-06-28 16:06:30 -07:00 |
Simon Willison
|
a8bcafc177
|
Refactored out AsgiRouter, refs #870
|
2020-06-28 13:45:17 -07:00 |
Simon Willison
|
0991ea75cc
|
Renamed _timestamp to _now, refs #842, closes #871
|
2020-06-28 12:47:28 -07:00 |
Simon Willison
|
563f5a2d3a
|
Magic parameters for canned queries
Closes #842
Includes a new plugin hook, register_magic_parameters()
|
2020-06-27 19:58:16 -07:00 |
Simon Willison
|
4b142862f2
|
Support non-async view functions, closes #867
|
2020-06-27 11:30:34 -07:00 |
Simon Willison
|
28bb1c5189
|
csrftoken() now works with .render_template(), closes #863
|
2020-06-23 20:23:50 -07:00 |
Simon Willison
|
6c26345836
|
New plugin hook: canned_queries(), refs #852
|
2020-06-18 16:35:15 -07:00 |
Simon Willison
|
6151c25a5a
|
Respect existing scope["actor"] if set, closes #854
|
2020-06-18 11:37:28 -07:00 |
Simon Willison
|
09a3479a54
|
New "startup" plugin hook, closes #834
|
2020-06-13 10:55:41 -07:00 |
Simon Willison
|
9ae0d483ea
|
Get "$file": "../path" mechanism working again, closes #839
|
2020-06-11 17:48:20 -07:00 |
Simon Willison
|
308bcc8805
|
Fixed test_permissions_debug
|
2020-06-11 17:25:12 -07:00 |
Simon Willison
|
fba8ff6e76
|
"$env": "X" mechanism now works with nested lists, closes #837
|
2020-06-11 17:21:48 -07:00 |
Simon Willison
|
f39f111331
|
Fixed actor_matches_allow bug, closes #836
|
2020-06-11 15:47:19 -07:00 |
Simon Willison
|
29c5ff493a
|
view-instance permission for debug URLs, closes #833
|
2020-06-11 15:14:51 -07:00 |
Simon Willison
|
98632f0a87
|
--secret command for datasette publish
Closes #787
|
2020-06-11 09:02:03 -07:00 |
Simon Willison
|
371170eee8
|
publish heroku now deploys with Python 3.8.3
|
2020-06-11 08:44:44 -07:00 |
Simon Willison
|
57e812d5de
|
ds_author cookie can now expire, closes #829
Refs https://github.com/simonw/datasette-auth-github/issues/62#issuecomment-642152076
|
2020-06-10 12:39:54 -07:00 |
Simon Willison
|
008e2f63c2
|
response.set_cookie(), closes #795
|
2020-06-09 15:19:37 -07:00 |
Simon Willison
|
7633b9ab24
|
unauthenticated: true method plus allow block docs, closes #825
|
2020-06-09 10:01:03 -07:00 |
Simon Willison
|
fa87d16612
|
Clearer docs for actor_matches_allow
|
2020-06-09 07:10:46 -07:00 |
Simon Willison
|
eefeafaa27
|
Removed unused import
|
2020-06-09 07:09:39 -07:00 |
Simon Willison
|
fec750435d
|
Support anonymous: true in actor_matches_allow, refs #825
|
2020-06-09 07:01:23 -07:00 |
Simon Willison
|
5a6a73e319
|
Replace os.urandom(32).hex() with secrets.token_hex(32)
|
2020-06-08 21:37:35 -07:00 |
Simon Willison
|
fac8e93815
|
request.url_vars property, closes #822
|
2020-06-08 20:40:00 -07:00 |
Simon Willison
|
db660db463
|
Docs + unit tests for Response, closes #821
|
2020-06-08 20:32:10 -07:00 |
Simon Willison
|
f5e79adf26
|
register_routes() plugin hook (#819)
Fixes #215
|
2020-06-08 20:12:06 -07:00 |
Simon Willison
|
d392dc1cfa
|
Fixed test_table_not_exists_json test
|
2020-06-08 19:28:25 -07:00 |
Simon Willison
|
647c5ff0f3
|
Fixed broken CSS on 404 page, closes #777
|
2020-06-08 17:35:23 -07:00 |
Simon Willison
|
49d6d2f7b0
|
allow_sql block to control execute-sql upermission in metadata.json, closes #813
Also removed the --config allow_sql:0 mechanism in favour of the new allow_sql block.
|
2020-06-08 17:05:44 -07:00 |
Simon Willison
|
e0a4664fba
|
Better example plugin for permission_allowed
Also fixed it so default permission checks run after plugin permission checks, refs #818
|
2020-06-08 15:09:57 -07:00 |
Simon Willison
|
799c5d5357
|
Renamed resource_identifier to resource, refs #817
|
2020-06-08 11:59:53 -07:00 |
Simon Willison
|
c9f1ec616e
|
Removed resource_type from permissions system, closes #817
Refs #811, #699
|
2020-06-08 11:51:03 -07:00 |
Simon Willison
|
5598c5de01
|
Database list on index page respects table/view permissions, refs #811
|
2020-06-08 11:34:14 -07:00 |
Simon Willison
|
dcec89270a
|
View list respects view-table permission, refs #811
Also makes a small change to the /fixtures.json JSON:
"views": ["view_name"]
Is now:
"views": [{"name": "view_name", "private": true}]
|
2020-06-08 11:20:59 -07:00 |
Simon Willison
|
9ac27f67fe
|
Show padlock on private query page, refs #811
|
2020-06-08 11:13:32 -07:00 |
Simon Willison
|
aa420009c0
|
Show padlock on private table page, refs #811
|
2020-06-08 11:07:11 -07:00 |
Simon Willison
|
dfff34e198
|
Applied black, refs #811
|
2020-06-08 11:03:33 -07:00 |
Simon Willison
|
ab14b20b24
|
Get tests working again
|
2020-06-08 10:16:24 -07:00 |
Simon Willison
|
177059284d
|
New request.actor property, refs #811
|
2020-06-08 10:05:32 -07:00 |
Simon Willison
|
3ce7f2e7da
|
Show padlock on private database page, refs #811
|
2020-06-08 07:23:10 -07:00 |
Simon Willison
|
1cf86e5ecc
|
Show padlock on private index page, refs #811
|
2020-06-08 07:18:47 -07:00 |
Simon Willison
|
cc218fa9be
|
Move assert_permissions_checked() calls from test_html.py to test_permissions.py, refs #811
|
2020-06-08 07:02:31 -07:00 |
Simon Willison
|
e18f8c3f87
|
New check_visibility() utility function, refs #811
|
2020-06-08 06:49:55 -07:00 |
Simon Willison
|
9397d71834
|
Implemented view-table, refs #811
|
2020-06-07 21:47:22 -07:00 |
Simon Willison
|
b26292a458
|
Test that view-query is respected by query list, refs #811
|
2020-06-07 20:56:49 -07:00 |
Simon Willison
|
9b42e1a4f5
|
view-database permission
Also now using 🔒 to indicate private resources - resources that
would not be available to the anonymous user. Refs #811
|
2020-06-07 20:50:37 -07:00 |