issue_comments

Table actions

6 rows where issue = 631932926 sorted by updated_at descending

View and edit SQL

This data as json, CSV (advanced)

Suggested facets: created_at (date), updated_at (date)

user 1

issue 1

  • allow_by_query setting for configuring permissions with a SQL statement · 6

author_association 1

id html_url issue_url node_id user created_at updated_at ▲ author_association body reactions issue performed_via_github_app
642870553 https://github.com/simonw/datasette/issues/801#issuecomment-642870553 https://api.github.com/repos/simonw/datasette/issues/801 MDEyOklzc3VlQ29tbWVudDY0Mjg3MDU1Mw== simonw 9599 2020-06-11T18:58:49Z 2020-06-11T18:58:49Z OWNER

I've implemented this in a plugin instead: https://github.com/simonw/datasette-permissions-sql

 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 allow_by_query setting for configuring permissions with a SQL statement 631932926  
640905609 https://github.com/simonw/datasette/issues/801#issuecomment-640905609 https://api.github.com/repos/simonw/datasette/issues/801 MDEyOklzc3VlQ29tbWVudDY0MDkwNTYwOQ== simonw 9599 2020-06-08T21:48:44Z 2020-06-08T21:48:44Z OWNER

Dropping this out of Datasette 0.44 again - I have enough other stuff to finish, this can wait.

 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 allow_by_query setting for configuring permissions with a SQL statement 631932926  
640339828 https://github.com/simonw/datasette/issues/801#issuecomment-640339828 https://api.github.com/repos/simonw/datasette/issues/801 MDEyOklzc3VlQ29tbWVudDY0MDMzOTgyOA== simonw 9599 2020-06-08T03:18:47Z 2020-06-08T03:18:47Z OWNER

Example. This will only allow users to access the fixtures database if the logged-in actor's ID value appears for a record in the users table which has admin = 1. json { "databases": { "fixtures": { "allow_by_query": "select * from users where id = :id and admin = 1" } } }

 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 allow_by_query setting for configuring permissions with a SQL statement 631932926  
640339117 https://github.com/simonw/datasette/issues/801#issuecomment-640339117 https://api.github.com/repos/simonw/datasette/issues/801 MDEyOklzc3VlQ29tbWVudDY0MDMzOTExNw== simonw 9599 2020-06-08T03:16:16Z 2020-06-08T03:16:16Z OWNER

I'm going to call this key "allow_by_query" - I think I need allow_sql for something else (for configuring if users are allowed to execute arbitrary SQL queries).

 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 allow_by_query setting for configuring permissions with a SQL statement 631932926  
640277775 https://github.com/simonw/datasette/issues/801#issuecomment-640277775 https://api.github.com/repos/simonw/datasette/issues/801 MDEyOklzc3VlQ29tbWVudDY0MDI3Nzc3NQ== simonw 9599 2020-06-07T20:49:40Z 2020-06-07T20:49:40Z OWNER

I'm going to pass the entire actor object as a dictionary of available named query parameters. So if the actor looks like this: json { "id": "simonw", "roles": ["staff", "developer"] } Then the SQL query will be called like this:

python conn.execute(sql, { "id": "simonw", "roles: '["staff", "developer"]', })

 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 allow_by_query setting for configuring permissions with a SQL statement 631932926  
640277557 https://github.com/simonw/datasette/issues/801#issuecomment-640277557 https://api.github.com/repos/simonw/datasette/issues/801 MDEyOklzc3VlQ29tbWVudDY0MDI3NzU1Nw== simonw 9599 2020-06-07T20:48:00Z 2020-06-07T20:48:00Z OWNER

Now that I'm expanding permission checks to everything else too (#811), not just canned queries, I think it makes sense to re-prioritize this.

 
{
    "total_count": 0,
    "+1": 0,
    "-1": 0,
    "laugh": 0,
    "hooray": 0,
    "confused": 0,
    "heart": 0,
    "rocket": 0,
    "eyes": 0
}
 allow_by_query setting for configuring permissions with a SQL statement 631932926  

Advanced export

JSON shape: default, array, newline-delimited, object

CSV options: 

CREATE TABLE [issue_comments] (
   [html_url] TEXT,
   [issue_url] TEXT,
   [id] INTEGER PRIMARY KEY,
   [node_id] TEXT,
   [user] INTEGER REFERENCES [users]([id]),
   [created_at] TEXT,
   [updated_at] TEXT,
   [author_association] TEXT,
   [body] TEXT,
   [reactions] TEXT,
   [issue] INTEGER REFERENCES [issues]([id])
, [performed_via_github_app] TEXT);
CREATE INDEX [idx_issue_comments_issue]
                ON [issue_comments] ([issue]);
CREATE INDEX [idx_issue_comments_user]
                ON [issue_comments] ([user]);