Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Canned query permissions mechanism #800

Closed
simonw opened this issue Jun 5, 2020 · 14 comments
Closed

Canned query permissions mechanism #800

simonw opened this issue Jun 5, 2020 · 14 comments

Comments

@simonw
Copy link
Owner

simonw commented Jun 5, 2020

Idea: default is anyone can execute a query.

Or you can specify the following:

{
    "databases": {
       "my-database": {
           "queries": {
               "add_twitter_handle": {
                   "sql": "insert into twitter_handles (username) values (:username)",
                   "write": true,
                   "allow": {
                       "id": ["simon"],
                       "role": ["staff"]
                   }
               }
           }
       }
    }
}

These get matched against the actor JSON. If any of the fields in any of the keys of "allow" match a key on the actor, the query is allowed.

"id": "*" matches any actor with an id key.

Originally posted by @simonw in #698 (comment)

@simonw
Copy link
Owner Author

simonw commented Jun 5, 2020

Maybe #801 (configuring permissions with a SQL query) is enough here - might not need this mechanism at all, since that mechanism covers it.

@simonw
Copy link
Owner Author

simonw commented Jun 5, 2020

It's a bit obscure though. I'll try building both and see how they feel in practice.

@simonw simonw modified the milestones: Datasette 1.0, Datasette 0.44 Jun 6, 2020
@simonw
Copy link
Owner Author

simonw commented Jun 6, 2020

I like this mechanism better than the SQL query one. Constructing SQL queries that return true if a particular string is embedded inside a JSON list in a larger object is decidedly non-trivial.

@simonw
Copy link
Owner Author

simonw commented Jun 6, 2020

I'm going to implement this documentation-first.

@simonw
Copy link
Owner Author

simonw commented Jun 6, 2020

@simonw
Copy link
Owner Author

simonw commented Jun 6, 2020

I should add the '*' bit to the docs.

simonw added a commit that referenced this issue Jun 6, 2020
@simonw
Copy link
Owner Author

simonw commented Jun 6, 2020

Next step: a utility function and tests for matching actors to allow blocks.

@simonw
Copy link
Owner Author

simonw commented Jun 6, 2020

@simonw
Copy link
Owner Author

simonw commented Jun 6, 2020

Now the actual permission checks. I need these in two places: the code that generates the list of available queries on https://latest.datasette.io/fixtures#queries and the query page itself at https://latest.datasette.io/fixtures/pragma_cache_size

@simonw
Copy link
Owner Author

simonw commented Jun 6, 2020

In the code that's:

return (
{
"database": database,
"size": db.size,
"tables": tables,
"hidden_count": len([t for t in tables if t["hidden"]]),
"views": views,
"queries": self.ds.get_canned_queries(database),
},

And:

class QueryView(DataView):
async def data(
self,
request,
database,
hash,
sql,
editable=True,
canned_query=None,
metadata=None,
_size=None,
named_parameters=None,
write=False,
):
params = {key: request.args.get(key) for key in request.args}

@simonw
Copy link
Owner Author

simonw commented Jun 6, 2020

I'm also going to add an indicator to the UI next to queries that you can only execute because you are signed in:

data

@simonw
Copy link
Owner Author

simonw commented Jun 6, 2020

This is implemented and documented: https://datasette.readthedocs.io/en/latest/authentication.html

@simonw simonw closed this as completed Jun 6, 2020
@simonw
Copy link
Owner Author

simonw commented Jun 6, 2020

I didn't build this quite right: it should be using the permissions plugin hook.

@simonw simonw reopened this Jun 6, 2020
@simonw
Copy link
Owner Author

simonw commented Jun 7, 2020

See #810 for work to finish this.

simonw added a commit that referenced this issue Jun 12, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant