issue_comments: 641013524

This data as json

html_url issue_url id node_id user created_at updated_at author_association body reactions issue performed_via_github_app
https://github.com/simonw/datasette/issues/818#issuecomment-641013524 https://api.github.com/repos/simonw/datasette/issues/818 641013524 MDEyOklzc3VlQ29tbWVudDY0MTAxMzUyNA== 9599 2020-06-09T03:57:38Z 2020-06-09T04:00:24Z OWNER

Problem with that is it's more of a actor_from_request opportunity than permission_allowed. You could use actor_from_request to authenticate API clients from their Authorization: header, then use the regular "allow" blocks in metadata.json to actually assign their permissions.

The most interesting permissions plugin would be one that implements permissions against some kind of database schema, hence allowing admins to edit permissions through writable canned queries.

 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 634917088