WIP implementation of writable canned queries#703
Closed
Conversation
Owner
Author
|
I'm going to split canned queries out from arbitrary queries to make the code easier to follow. |
It wasn't adding anything, and it was confusing when run in conjunction with the new config directory mode from #731
Owner
Author
|
Adding some still-to-do items to a checklist in the description. |
simonw
commented
Apr 29, 2020
datasette/views/database.py
Outdated
| write_ok = await self.ds.databases[database].execute_write( | ||
| sql, params, block=True | ||
| ) | ||
| return self.redirect(request, request.path + '?_success=Query+executed_successfully') |
Owner
Author
There was a problem hiding this comment.
Passing ?_success like this isn't necessarily the best approach. Potential improvements include:
- Signing this message so it can't be tampered with (I could generate a signing secret on startup)
- Using a cookie with a temporary flash message in it instead
- Using HTML5 history API to remove the
?_success=from the URL bar when the user lands on the page
If I add an option to redirect the user to another page after success I may need a mechanism to show a flash message on that page as well, in which case I'll need a general flash message solution that works for any page.
Owner
Author
There was a problem hiding this comment.
I could add itsdangerous as a signing dependency, which delightfully has zero dependencies of its own: https://pypi.org/project/itsdangerous
Also documented ?_searchmode=raw - closes #748
Refs #754 Updates the requirements on [aiofiles](https://github.com/Tinche/aiofiles) to permit the latest version. - [Release notes](https://github.com/Tinche/aiofiles/releases) - [Commits](Tinche/aiofiles@v0.4.0...v0.5.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Updates the requirements on [mergedeep](https://github.com/clarketm/mergedeep) to permit the latest version. - [Release notes](https://github.com/clarketm/mergedeep/releases) - [Commits](clarketm/mergedeep@v1.1.1...v1.3.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Updates the requirements on [janus](https://github.com/aio-libs/janus) to permit the latest version. - [Release notes](https://github.com/aio-libs/janus/releases) - [Changelog](https://github.com/aio-libs/janus/blob/master/CHANGES.rst) - [Commits](aio-libs/janus@v0.4.0...v0.5.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Updates the requirements on [jinja2](https://github.com/pallets/jinja) to permit the latest version. - [Release notes](https://github.com/pallets/jinja/releases) - [Changelog](https://github.com/pallets/jinja/blob/master/CHANGES.rst) - [Commits](pallets/jinja@2.10.3...2.11.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Updates the requirements on [pytest](https://github.com/pytest-dev/pytest) to permit the latest version. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/master/CHANGELOG.rst) - [Commits](pytest-dev/pytest@5.2.2...5.4.1) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
The ASGI spec (https://asgi.readthedocs.io/en/latest/specs/www.html#http) seems to imply that `None` is a valid value, so we need to check the value itself, not just whether the key is present. In particular, the [mangum](https://github.com/erm/mangum) adapter passes `None` for this key.
Updates the requirements on [beautifulsoup4](http://www.crummy.com/software/BeautifulSoup/bs4/) to permit the latest version. Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Updates the requirements on [pytest-asyncio](https://github.com/pytest-dev/pytest-asyncio) to permit the latest version. - [Release notes](https://github.com/pytest-dev/pytest-asyncio/releases) - [Commits](pytest-dev/pytest-asyncio@v0.10.0...v0.12.0) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Less intimidating than Docker, hopefully.
Simplifies things now that we also talk about pipx.
Request is more useful to most people than Database.
It duplicated the functionality of db.foreign_keys_for_table.
Also added datasette argument to permission_allowed hook
Also added JSON highlighting to introspection documentation.
Owner
Author
|
This pull request got too messy. I'm going to abandon this and start a new one. |
This was referenced Jun 3, 2020
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Refs #698.