The third Datasette 1.0 alpha release adds upsert support to the JSON API, plus the ability to specify finely grained permissions when creating an API token.
See Datasette 1.0a2: Upserts and finely grained permissions for an extended, annotated version of these release notes.
- New
/db/table/-/upsert
API, documented here. upsert is an update-or-insert: existing rows will have specified keys updated, but if no row matches the incoming primary key a brand new row will be inserted instead. (#1878) - New register_permissions(datasette) plugin hook. Plugins can now register named permissions, which will then be listed in various interfaces that show available permissions. (#1940)
- The
/db/-/create
API for creating a table now accepts"ignore": true
and"replace": true
options when called with the"rows"
property that creates a new table based on an example set of rows. This means the API can be called multiple times with different rows, setting rules for what should happen if a primary key collides with an existing row. (#1927) - Arbitrary permissions can now be configured at the instance, database and resource (table, SQL view or canned query) level in Datasette's Metadata JSON and YAML files. The new
"permissions"
key can be used to specify which actors should have which permissions. See Other permissions in metadata for details. (#1636) - The
/-/create-token
page can now be used to create API tokens which are restricted to just a subset of actions, including against specific databases or resources. See API Tokens for details. (#1947) - Likewise, the datasette create-token CLI command can now create tokens with a subset of permissions. (#1855)
- New datasette.create_token() API method <datasette_create_token>` for programmatically creating signed API tokens. (#1951)
/db/-/create
API now requires actor to haveinsert-row
permission in order to use the"row"
or"rows"
properties. (#1937)