remote/datasette
1
0
Fork 0
mirror of https://github.com/simonw/datasette.git synced 2026-06-15 05:26:59 +02:00
Code Issues Projects Releases Packages Wiki Activity

Allow SQL functions in SQL write queries

Browse source 
Closes #2751
This commit is contained in:
Simon Willison 2026-05-28 10:22:16 -07:00
commit 51dab16149
6 changed files with 91 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

2
docs/sql_queries.rst
View file

@ -140,7 +140,7 @@ Datasette stores both configured queries and user-created queries in the ``queri
Stored queries created by users default to private. Private stored queries can only be viewed, updated or deleted by the actor that created them. Broad ``view-query``, ``update-query`` or ``delete-query`` permission grants still do not allow other actors to access another actor's private stored queries.
Stored queries created by users are untrusted. This means they execute using the permissions of the actor who runs them, as if that actor had pasted the SQL into the regular custom SQL interface or write SQL interface. Read-only stored queries require ``execute-sql``. Writable stored queries require ``execute-write-sql`` plus the relevant table-level write permissions.
Stored queries created by users are untrusted. This means they execute using the permissions of the actor who runs them, as if that actor had pasted the SQL into the regular custom SQL interface or write SQL interface. Read-only stored queries require ``execute-sql``. Writable stored queries require ``execute-write-sql`` plus the relevant table-level write permissions. SQL functions are allowed and are not separately restricted by Datasette permissions.
.. _trusted_stored_queries:
.. _trusted_saved_queries: