Re: [OSM-dev] Querying OAuth access token permissions
Am 26.04.2012 um 17:42 schrieb Christoph Bünte: Am 20.04.2012 um 13:31 schrieb Tom Hughes: On 20/04/12 12:13, Christoph Bünte wrote: But is there a way to find out if the user which permissions the user actually granted? In particular, we would like to know whether the access token can change the map. We know the recommended way is to just try an API call which requires the specific permission. Our infrastructure queues all changes to the osm data and works it off later to be independent from OSM API status. But when the job is worked off it is too late to tell the user, that permissions are missing. Not at the moment, but it would be easy enough to add it to the user details API call (/api/0.6/user/details). We implemented the suggested feature including tests and created a pull request on github: https://github.com/openstreetmap/openstreetmap-website/pull/45 Could you have a look at it? We did not get any feedback on our approach of improving the OSM API. We would like to know if it because it is totally crap or for some other reason. So we call out to every OSM developer to check the code make a remark. Thx, Christoph ___ dev mailing list dev@openstreetmap.org http://lists.openstreetmap.org/listinfo/dev
Re: [OSM-dev] Querying OAuth access token permissions
2012/5/2 Christoph Bünte tiny-grasshop...@gmx.net: We implemented the suggested feature including tests and created a pull request on github: https://github.com/openstreetmap/openstreetmap-website/pull/45 Could you have a look at it? Hi, I think this feature is important. I vote for it's acceptation. When it will be integrated (on prod or dev servers), I'll could make some tests if needed. Cheers -- Cyrille. ___ dev mailing list dev@openstreetmap.org http://lists.openstreetmap.org/listinfo/dev
Re: [OSM-dev] Querying OAuth access token permissions
On 02/05/12 12:22, Christoph Bünte wrote: We did not get any feedback on our approach of improving the OSM API. We would like to know if it because it is totally crap or for some other reason. So we call out to every OSM developer to check the code make a remark. Yes, it's on my to do list and I'll get to it when I have time. We're a bit busy with server upgrades this week though, so it will likely be at the weekend. Tom -- Tom Hughes (t...@compton.nu) http://compton.nu/ ___ dev mailing list dev@openstreetmap.org http://lists.openstreetmap.org/listinfo/dev
Re: [OSM-dev] Querying OAuth access token permissions
2012/5/2 Tom Hughes t...@compton.nu: On 02/05/12 12:22, Christoph Bünte wrote: We did not get any feedback on our approach of improving the OSM API. We would like to know if it because it is totally crap or for some other reason. So we call out to every OSM developer to check the code make a remark. Yes, it's on my to do list and I'll get to it when I have time. We're a bit busy with server upgrades this week though, so it will likely be at the weekend. Great ! Thanks a lot. Tell us when it's time to test it ;-) -- Cyrille. ___ dev mailing list dev@openstreetmap.org http://lists.openstreetmap.org/listinfo/dev
Re: [OSM-dev] Querying OAuth access token permissions
Am 20.04.2012 um 13:31 schrieb Tom Hughes: On 20/04/12 12:13, Christoph Bünte wrote: But is there a way to find out if the user which permissions the user actually granted? In particular, we would like to know whether the access token can change the map. We know the recommended way is to just try an API call which requires the specific permission. Our infrastructure queues all changes to the osm data and works it off later to be independent from OSM API status. But when the job is worked off it is too late to tell the user, that permissions are missing. Not at the moment, but it would be easy enough to add it to the user details API call (/api/0.6/user/details). We implemented the suggested feature including tests and created a pull request on github: https://github.com/openstreetmap/openstreetmap-website/pull/45 Could you have a look at it? Enno and Christoph ___ dev mailing list dev@openstreetmap.org http://lists.openstreetmap.org/listinfo/dev
Re: [OSM-dev] Querying OAuth access token permissions
2012/4/20 Christoph Bünte tiny-grasshop...@gmx.net: So we think a better solution would be: * a separate API endpoint e.g. /api/0.6/permissions, which would returns a list of granted permissions * or include this information in the OAuth callback response What do you think about that? Christoph Hello. I agree with Christoph, it would be nice to know permissions détail about an access token. Regards. -- Cyrille. ___ dev mailing list dev@openstreetmap.org http://lists.openstreetmap.org/listinfo/dev
[OSM-dev] Querying OAuth access token permissions
Hi, we plan to use OSM to login in users into the wheelmap via OAuth to replace our current email+password login (to make major changes on wheelmap, you have to be an OSM user anyway). The login flow itself works fine with standard OAuth libraries, and we ask the user grant permission to read user preferences and change the map. But is there a way to find out if the user which permissions the user actually granted? In particular, we would like to know whether the access token can change the map. We know the recommended way is to just try an API call which requires the specific permission. Our infrastructure queues all changes to the osm data and works it off later to be independent from OSM API status. But when the job is worked off it is too late to tell the user, that permissions are missing. Is it be possible to * either add information about granted permissions in the OAuth callback response * add an API to query the permission for an access token * find another way to test (during user login) whether an access token may change the map (without actually changing anything) Best regards Christoph -- Christoph Bünte SOZIALHELDEN e.V. E-Mail: christ...@sozialhelden.de Web: http://www.sozialhelden.de ___ dev mailing list dev@openstreetmap.org http://lists.openstreetmap.org/listinfo/dev
Re: [OSM-dev] Querying OAuth access token permissions
On 20/04/12 12:13, Christoph Bünte wrote: But is there a way to find out if the user which permissions the user actually granted? In particular, we would like to know whether the access token can change the map. We know the recommended way is to just try an API call which requires the specific permission. Our infrastructure queues all changes to the osm data and works it off later to be independent from OSM API status. But when the job is worked off it is too late to tell the user, that permissions are missing. Not at the moment, but it would be easy enough to add it to the user details API call (/api/0.6/user/details). Tom -- Tom Hughes (t...@compton.nu) http://compton.nu/ ___ dev mailing list dev@openstreetmap.org http://lists.openstreetmap.org/listinfo/dev
Re: [OSM-dev] Querying OAuth access token permissions
Am 20.04.2012 um 13:31 schrieb Tom Hughes: On 20/04/12 12:13, Christoph Bünte wrote: But is there a way to find out if the user which permissions the user actually granted? In particular, we would like to know whether the access token can change the map. We know the recommended way is to just try an API call which requires the specific permission. Our infrastructure queues all changes to the osm data and works it off later to be independent from OSM API status. But when the job is worked off it is too late to tell the user, that permissions are missing. Not at the moment, but it would be easy enough to add it to the user details API call (/api/0.6/user/details). It would be very nice to have this feature added. Is there anything we can do to assist? We could try ourselves and send a pull request. However, the mentioned API call might not be the best place to put it, because: * You need the permission Read user preferences to call it * The information is not specific to the user, but to the access token So we think a better solution would be: * a separate API endpoint e.g. /api/0.6/permissions, which would returns a list of granted permissions * or include this information in the OAuth callback response What do you think about that? Christoph ___ dev mailing list dev@openstreetmap.org http://lists.openstreetmap.org/listinfo/dev
