mirror
/
datasette
kopia lustrzana https://github.com/simonw/datasette
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność
2 491 Commity
131 Gałęzie
148 Tagi
75 MiB
Wykres commitów

60 Commity (bcc4f6bf1f14be6ef693f0b3fc9aa8a027977920)

Autor SHA1 Wiadomość Data
Simon Willison bcc4f6bf1f
track_event() mechanism for analytics and plugins 
* Closes #2240
* Documentation for event plugin hooks, refs #2240
* Include example track_event plugin in docs, refs #2240
* Tests for track_event() and register_events() hooks, refs #2240
* Initial documentation for core events, refs #2240
* Internals documentation for datasette.track_event()
 2024-01-31 15:21:40 -08:00
Simon Willison 50da908213
Cascade for restricted token view-table/view-database/view-instance operations (#2154) 
Closes #2102

* Permission is now a dataclass, not a namedtuple - refs https://github.com/simonw/datasette/pull/2154/#discussion_r1308087800
* datasette.get_permission() method
 2023-08-29 09:32:34 -07:00
Alex Garcia 92b8bf38c0
Add new `--internal internal.db` option, deprecate legacy `_internal` database 
Refs:
- #2157 
---------

Co-authored-by: Simon Willison <swillison@gmail.com>
 2023-08-28 20:24:23 -07:00
Simon Willison 01e0558825
Merge pull request from GHSA-7ch3-7pp7-7cpq 
* API explorer requires view-instance permission

* Check database/table permissions on /-/api page

* Release notes for 1.0a4

Refs #2119, #2133, #2138, #2140

Refs https://github.com/simonw/datasette/security/advisories/GHSA-7ch3-7pp7-7cpq
 2023-08-22 10:10:01 -07:00
Simon Willison dda99fc09f
New View base class (#2080) 
* New View base class, closes #2078
* Use new View subclass for PatternPortfolioView
 2023-05-25 17:18:43 -07:00
Simon Willison 572bdb5b80 Applied Black, refs #782 2022-12-31 19:32:07 -08:00
Simon Willison d94a3c4326
No need to link to _shape=objects any more 
It's the default now. Refs #782
 2022-12-31 17:42:48 -08:00
Simon Willison 1a3dcf4943 Don't include _memory on /-/create-token, refs #1947 2022-12-13 21:19:31 -08:00
Simon Willison d98a8effb1 UI for restricting permissions on /-/create-token, refs #1947 
Also fixes test failures I introduced in #1951
 2022-12-13 21:03:17 -08:00
Simon Willison c6a811237c /-/actor.json no longer requires view-instance, closes #1945 2022-12-12 20:11:51 -08:00
Simon Willison 8bf06a76b5
register_permissions() plugin hook (#1940) 
* Docs for permissions: in metadata, refs #1636
* Refactor default_permissions.py to help with implementation of #1636
* register_permissions() plugin hook, closes #1939 - also refs #1938
* Tests for register_permissions() hook, refs #1939
* Documentation for datasette.permissions, refs #1939
* permission_allowed() falls back on Permission.default, refs #1939
* Raise StartupError on duplicate permissions
* Allow dupe permisisons if exact matches
 2022-12-12 18:05:54 -08:00
Simon Willison 272982e8a6
/db/table/-/upsert API 
Close #1878

Also made a few tweaks to how _r works in tokens and actors,
refs #1855 - I needed that mechanism for the tests.
 2022-12-07 17:12:15 -08:00
Simon Willison 5518397338 Show mutable DBs first in API explorer, closes #1918 2022-11-29 21:07:51 -08:00
Simon Willison 575a29c424 API explorer: respect immutability, closes #1888 2022-11-13 22:01:56 -08:00
Simon Willison 612da8eae6 confirm: true mechanism for drop table API, closes #1887 2022-11-13 21:17:18 -08:00
Simon Willison db796771e2 Example links for API explorer, closes #1871 2022-11-13 20:58:45 -08:00
Simon Willison bcc781f4c5 Implementation and tests for _r field on actor, refs #1855 
New mechanism for restricting permissions further for a given actor.

This still needs documentation. It will eventually be used by the mechanism to issue
signed API tokens that are only able to perform a subset of actions.

This also adds tests that exercise the POST /-/permissions tool, refs #1881
 2022-11-03 17:12:23 -07:00
Simon Willison c51d9246b9 Permission check testing tool, refs #1881 2022-11-02 22:10:07 -07:00
Simon Willison f6bf2d8045 Initial prototype of API explorer at /-/api, refs #1871 2022-10-29 23:20:11 -07:00
Simon Willison 382a871583 max_signed_tokens_ttl setting, closes #1858 
Also redesigned token format to include creation time and optional duration.
 2022-10-26 20:14:59 -07:00
Simon Willison c23fa850e7 allow_signed_tokens setting, closes #1856 2022-10-25 19:55:47 -07:00
Simon Willison 0f013ff497 Mechanism to prevent tokens creating tokens, closes #1857 2022-10-25 19:43:55 -07:00
Simon Willison 7ab091e8ef Tests and docs for /-/create-token, refs #1852 2022-10-25 19:04:05 -07:00
Simon Willison 68ccb7578b dstoke_ prefix for tokens 
Refs https://github.com/simonw/datasette/issues/1852#issuecomment-1291290451
 2022-10-25 18:40:07 -07:00
Simon Willison 42f8b402e6 Initial prototype of create API token page, refs #1852 2022-10-25 17:07:58 -07:00
Simon Willison 194e4f6c3f Removed check_permission() from BaseView, closes #1677 
Refs #1660
 2022-03-21 11:41:56 -07:00
Simon Willison 61419388c1 Rename route match groups for consistency, refs #1667, #1660 2022-03-19 09:52:08 -07:00
Simon Willison d4f60c2388
Remove hashed URL mode 
Also simplified how view class routing works.

Refs #1661
 2022-03-18 17:12:03 -07:00
Simon Willison 23a09b0f6a Remove JSON rel=alternate from some pages, closes #1623 2022-02-02 13:48:52 -08:00
Simon Willison 8584993529 --cors Access-Control-Allow-Headers: Authorization 
Refs #1467, refs https://github.com/simonw/datasette-auth-tokens/issues/4
 2021-10-14 12:03:28 -07:00
Simon Willison 30e64c8d3b
Use f-strings in place of .format() 
Code transformed like so:

    pip install flynt
    flynt .
    black .
 2020-11-15 15:24:22 -08:00
Simon Willison 222f79bb4c debug-menu permission, closes #1068 
Also added tests for navigation menu logic.
 2020-10-30 08:41:57 -07:00
Simon Willison 5a15197960
/db/table/-/blob/pk/column.blob download URL, refs #1036 2020-10-24 16:09:18 -07:00
Simon Willison 091441a444 Fixed remaining places that needed datasette.urls, closes #1025 2020-10-19 22:21:19 -07:00
Simon Willison a648bb82ba Upgrade to Black 20.8b1, closes #958 2020-09-02 15:24:55 -07:00
Simon Willison 12c0bc09cc /-/allow-debug tool, closes #908 2020-07-24 15:55:10 -07:00
Simon Willison 549b1c2063 New forbidden() plugin hook, closes #812 2020-06-30 21:17:38 -07:00
Simon Willison 51427323e6 Add message when user logs out, refs #840 2020-06-29 11:31:35 -07:00
Simon Willison 22d932fafc /-/logout page for logging out of ds_actor cookie 
Refs #840
 2020-06-28 21:17:58 -07:00
Simon Willison 308bcc8805 Fixed test_permissions_debug 2020-06-11 17:25:12 -07:00
Simon Willison 29c5ff493a view-instance permission for debug URLs, closes #833 2020-06-11 15:14:51 -07:00
Simon Willison 57e812d5de ds_author cookie can now expire, closes #829 
Refs https://github.com/simonw/datasette-auth-github/issues/62#issuecomment-642152076
 2020-06-10 12:39:54 -07:00
Simon Willison 008e2f63c2 response.set_cookie(), closes #795 2020-06-09 15:19:37 -07:00
Simon Willison dfff34e198 Applied black, refs #811 2020-06-08 11:03:33 -07:00
Simon Willison 177059284d New request.actor property, refs #811 2020-06-08 10:05:32 -07:00
Simon Willison 4fa7cf6853 Flash messages mechanism, closes #790 2020-06-02 14:12:18 -07:00
Simon Willison b4cd8797b8 permission_checks is now _permission_checks 2020-06-02 14:11:32 -07:00
Simon Willison dfdbdf378a Added /-/permissions debug tool, closes #788 
Also started the authentication.rst docs page, refs #786.

Part of authentication work, refs #699.
 2020-05-31 22:00:36 -07:00
Simon Willison 9f3d4aba31 --root option and /-/auth-token view, refs #784 2020-05-31 18:16:42 -07:00
Simon Willison 1fc6ceefb9 Added /-/actor.json - refs #699 
Also added JSON highlighting to introspection documentation.
 2020-05-31 18:16:42 -07:00