github/datasette
1
0
Fork 0
mirror of https://github.com/simonw/datasette.git synced 2025-12-10 16:51:24 +01:00
Code Issues Projects Releases Packages Wiki Activity
1,119 commits 143 branches 163 tags 44 MiB
Commit graph

1,119 commits

This branch
This branch
All branches
Author SHA1 Message Date
Simon Willison
f240970b83 Fixed tests/fixtures.py, closes #804 2020-06-09 12:58:12 -07:00
Simon Willison
56eb80a459 Documented CSRF protection, closes #827 2020-06-09 12:32:52 -07:00
Simon Willison
5ef3b7b0c9 Applied Black 
Refs #825
 2020-06-09 12:25:48 -07:00
Simon Willison
7633b9ab24 unauthenticated: true method plus allow block docs, closes #825 2020-06-09 10:01:03 -07:00
Simon Willison
70dd14876e Improved documentation for permissions, refs #699 2020-06-09 09:04:46 -07:00
Simon Willison
3aa87eeaf2 Documentation no loger suggests that actor["id"] is required, closes #823 2020-06-09 07:58:12 -07:00
Simon Willison
fa87d16612 Clearer docs for actor_matches_allow 2020-06-09 07:10:46 -07:00
Simon Willison
eefeafaa27 Removed unused import 2020-06-09 07:09:39 -07:00
Simon Willison
fec750435d Support anonymous: true in actor_matches_allow, refs #825 2020-06-09 07:01:23 -07:00
Simon Willison
eb3ec279be
 		Test for anonymous: true, refs #825 2020-06-08 23:33:06 -07:00
Simon Willison
5a6a73e319 Replace os.urandom(32).hex() with secrets.token_hex(32) 2020-06-08 21:37:35 -07:00
Simon Willison
fac8e93815 request.url_vars property, closes #822 2020-06-08 20:40:00 -07:00
Simon Willison
db660db463 Docs + unit tests for Response, closes #821 2020-06-08 20:32:10 -07:00
Simon Willison
f5e79adf26
 		register_routes() plugin hook (#819) 
Fixes #215
 2020-06-08 20:12:06 -07:00
Simon Willison
d392dc1cfa Fixed test_table_not_exists_json test 2020-06-08 19:28:25 -07:00
Simon Willison
647c5ff0f3 Fixed broken CSS on 404 page, closes #777 2020-06-08 17:35:23 -07:00
Simon Willison
49d6d2f7b0 allow_sql block to control execute-sql upermission in metadata.json, closes #813 
Also removed the --config allow_sql:0 mechanism in favour of the new allow_sql block.
 2020-06-08 17:05:44 -07:00
Simon Willison
e0a4664fba Better example plugin for permission_allowed 
Also fixed it so default permission checks run after plugin permission checks, refs #818
 2020-06-08 15:09:57 -07:00
Simon Willison
8205d58316 Corrected documentation for resource in view-query 2020-06-08 13:10:40 -07:00
Simon Willison
5437085382 Documentation for allow blocks on more stuff, closes #811 2020-06-08 12:32:27 -07:00
Simon Willison
c7d145e016 Updated example for extra_template_vars hook, closes #816 2020-06-08 12:06:05 -07:00
Simon Willison
040fc0546f Updated tests, refs #817 2020-06-08 12:02:56 -07:00
Simon Willison
799c5d5357 Renamed resource_identifier to resource, refs #817 2020-06-08 11:59:53 -07:00
Simon Willison
c9f1ec616e Removed resource_type from permissions system, closes #817 
Refs #811, #699
 2020-06-08 11:51:03 -07:00
Simon Willison
5598c5de01 Database list on index page respects table/view permissions, refs #811 2020-06-08 11:34:14 -07:00
Simon Willison
dcec89270a View list respects view-table permission, refs #811 
Also makes a small change to the /fixtures.json JSON:

    "views": ["view_name"]

Is now:

    "views": [{"name": "view_name", "private": true}]
 2020-06-08 11:20:59 -07:00
Simon Willison
9ac27f67fe Show padlock on private query page, refs #811 2020-06-08 11:13:32 -07:00
Simon Willison
aa420009c0 Show padlock on private table page, refs #811 2020-06-08 11:07:11 -07:00
Simon Willison
dfff34e198 Applied black, refs #811 2020-06-08 11:03:33 -07:00
Simon Willison
ab14b20b24 Get tests working again 2020-06-08 10:16:24 -07:00
Simon Willison
177059284d New request.actor property, refs #811 2020-06-08 10:05:32 -07:00
Simon Willison
2a8b39800f Updated tests, refs #811 2020-06-08 07:50:06 -07:00
Simon Willison
3ce7f2e7da Show padlock on private database page, refs #811 2020-06-08 07:23:10 -07:00
Simon Willison
1cf86e5ecc Show padlock on private index page, refs #811 2020-06-08 07:18:47 -07:00
Simon Willison
cc218fa9be Move assert_permissions_checked() calls from test_html.py to test_permissions.py, refs #811 2020-06-08 07:02:31 -07:00
Simon Willison
e18f8c3f87 New check_visibility() utility function, refs #811 2020-06-08 06:49:55 -07:00
Simon Willison
9397d71834 Implemented view-table, refs #811 2020-06-07 21:47:22 -07:00
Simon Willison
b26292a458 Test that view-query is respected by query list, refs #811 2020-06-07 20:56:49 -07:00
Simon Willison
9b42e1a4f5 view-database permission 
Also now using 🔒 to indicate private resources - resources that
would not be available to the anonymous user. Refs #811
 2020-06-07 20:50:37 -07:00
Simon Willison
613fa551a1 Removed view-row permission, for the moment - refs #811 
https://github.com/simonw/datasette/issues/811#issuecomment-640338347
 2020-06-07 20:14:27 -07:00
Simon Willison
cd92e4fe2a Fixed test name, this executes view-query, not execute-sql - refs #811 2020-06-07 14:33:56 -07:00
Simon Willison
8571ce388a Implemented view-instance permission, refs #811 2020-06-07 14:30:39 -07:00
Simon Willison
ece0ba6f4b Test + default impl for view-query permission, refs #811 2020-06-07 14:23:16 -07:00
Simon Willison
abc7339124 Nicer pattern for make_app_client() in tests, closes #395 2020-06-07 14:14:10 -07:00
Simon Willison
5ed2853cf3 Fix permissions documenation test 2020-06-07 14:01:22 -07:00
Simon Willison
a1e801453a Renamed execute-query permission to execute-sql, refs #811 2020-06-07 13:20:59 -07:00
Simon Willison
4340845754 Nested permission checks for all views, refs #811 2020-06-07 13:03:08 -07:00
Simon Willison
86dec9e8ff Added permission check to every view, closes #808 2020-06-06 22:30:36 -07:00
Simon Willison
bd4de0647d Improved permissions documentation 2020-06-06 19:09:59 -07:00
Simon Willison
7dc23cd71a Whitespace 2020-06-06 13:05:09 -07:00