<p>This is an implementation of the API key dispenser intended to help with GDPR requirements.</p>
<p>It is as minimal as possible:</p>
<ul>
<li>OSM users can register services by submitting an URI for the service.</li>
<li>OSM users can request an API key for each registered service.</li>
<li>For a registered service there is a stream of new and revoked keys with a similar mechanism to the minute updates via the new API endpoint <em>third_party_services/keys</em></li>
</ul>
<p>The data held on the Main Db is</p>
<ul>
<li>a table of services where the URI is unique</li>
<li>a ledger of keys, implemented as two tables where <em>third_party_keys</em> hold the actual data and <em>third_party_key_events</em> is used as a PG sequence to properly sort out create and revoke events</li>
</ul>
<p>Tests with full coverage have been added. Please take the whole thing still with a grain of salt: I have little Rails experience. For example, <em>CanCan</em> did insist in various error messages I should add <em>skip_authorization_check</em> to every controller, but this does sound like the proper solution.</p>
<hr>
<h4>You can view, comment on, or merge this pull request online at:</h4>
<p> <a href='https://github.com/openstreetmap/openstreetmap-website/pull/2145'>https://github.com/openstreetmap/openstreetmap-website/pull/2145</a></p>
<h4>Commit Summary</h4>
<ul>
<li>Patch to introduce an API keys service</li>
<li>Added emergency fix to deal with CanCan; proper solution unknown.</li>
</ul>
<h4>File Changes</h4>
<ul>
<li>
<strong>A</strong>
<a href="https://github.com/openstreetmap/openstreetmap-website/pull/2145/files#diff-0">app/controllers/third_party_keys_controller.rb</a>
(115)
</li>
<li>
<strong>A</strong>
<a href="https://github.com/openstreetmap/openstreetmap-website/pull/2145/files#diff-1">app/controllers/third_party_services_controller.rb</a>
(106)
</li>
<li>
<strong>A</strong>
<a href="https://github.com/openstreetmap/openstreetmap-website/pull/2145/files#diff-2">app/models/third_party_key.rb</a>
(42)
</li>
<li>
<strong>A</strong>
<a href="https://github.com/openstreetmap/openstreetmap-website/pull/2145/files#diff-3">app/models/third_party_key_event.rb</a>
(10)
</li>
<li>
<strong>A</strong>
<a href="https://github.com/openstreetmap/openstreetmap-website/pull/2145/files#diff-4">app/models/third_party_service.rb</a>
(21)
</li>
<li>
<strong>A</strong>
<a href="https://github.com/openstreetmap/openstreetmap-website/pull/2145/files#diff-5">app/views/third_party_keys/edit.html.erb</a>
(49)
</li>
<li>
<strong>A</strong>
<a href="https://github.com/openstreetmap/openstreetmap-website/pull/2145/files#diff-6">app/views/third_party_keys/index.html.erb</a>
(33)
</li>
<li>
<strong>A</strong>
<a href="https://github.com/openstreetmap/openstreetmap-website/pull/2145/files#diff-7">app/views/third_party_keys/new.html.erb</a>
(59)
</li>
<li>
<strong>A</strong>
<a href="https://github.com/openstreetmap/openstreetmap-website/pull/2145/files#diff-8">app/views/third_party_keys/show.html.erb</a>
(31)
</li>
<li>
<strong>A</strong>
<a href="https://github.com/openstreetmap/openstreetmap-website/pull/2145/files#diff-9">app/views/third_party_services/edit.html.erb</a>
(38)
</li>
<li>
<strong>A</strong>
<a href="https://github.com/openstreetmap/openstreetmap-website/pull/2145/files#diff-10">app/views/third_party_services/index.html.erb</a>
(15)
</li>
<li>
<strong>A</strong>
<a href="https://github.com/openstreetmap/openstreetmap-website/pull/2145/files#diff-11">app/views/third_party_services/new.html.erb</a>
(31)
</li>
<li>
<strong>A</strong>
<a href="https://github.com/openstreetmap/openstreetmap-website/pull/2145/files#diff-12">app/views/third_party_services/show.html.erb</a>
(32)
</li>
<li>
<strong>M</strong>
<a href="https://github.com/openstreetmap/openstreetmap-website/pull/2145/files#diff-13">app/views/users/account.html.erb</a>
(2)
</li>
<li>
<strong>M</strong>
<a href="https://github.com/openstreetmap/openstreetmap-website/pull/2145/files#diff-14">config/locales/en.yml</a>
(40)
</li>
<li>
<strong>M</strong>
<a href="https://github.com/openstreetmap/openstreetmap-website/pull/2145/files#diff-15">config/routes.rb</a>
(20)
</li>
<li>
<strong>A</strong>
<a href="https://github.com/openstreetmap/openstreetmap-website/pull/2145/files#diff-16">db/migrate/20190213050630_create_third_party_keys_structures.rb</a>
(26)
</li>
<li>
<strong>M</strong>
<a href="https://github.com/openstreetmap/openstreetmap-website/pull/2145/files#diff-17">lib/osm.rb</a>
(22)
</li>
<li>
<strong>A</strong>
<a href="https://github.com/openstreetmap/openstreetmap-website/pull/2145/files#diff-18">test/controllers/third_party_keys_controller_test.rb</a>
(193)
</li>
<li>
<strong>A</strong>
<a href="https://github.com/openstreetmap/openstreetmap-website/pull/2145/files#diff-19">test/controllers/third_party_services_controller_test.rb</a>
(375)
</li>
</ul>
<h4>Patch Links:</h4>
<ul>
<li><a href='https://github.com/openstreetmap/openstreetmap-website/pull/2145.patch'>https://github.com/openstreetmap/openstreetmap-website/pull/2145.patch</a></li>
<li><a href='https://github.com/openstreetmap/openstreetmap-website/pull/2145.diff'>https://github.com/openstreetmap/openstreetmap-website/pull/2145.diff</a></li>
</ul>
<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />You are receiving this because you are subscribed to this thread.<br />Reply to this email directly, <a href="https://github.com/openstreetmap/openstreetmap-website/pull/2145">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/ABWnLXedYurQmvv2Utyp74aLx-2aLeS5ks5vNk0DgaJpZM4a8_uM">mute the thread</a>.<img src="https://github.com/notifications/beacon/ABWnLYWAbq4q1jDXTmAunTmLXJrDM3N1ks5vNk0DgaJpZM4a8_uM.gif" height="1" width="1" alt="" /></p>
<script type="application/json" data-scope="inboxmarkup">{"api_version":"1.0","publisher":{"api_key":"05dde50f1d1a384dd78767c55493e4bb","name":"GitHub"},"entity":{"external_key":"github/openstreetmap/openstreetmap-website","title":"openstreetmap/openstreetmap-website","subtitle":"GitHub repository","main_image_url":"https://github.githubassets.com/images/email/message_cards/header.png","avatar_image_url":"https://github.githubassets.com/images/email/message_cards/avatar.png","action":{"name":"Open in GitHub","url":"https://github.com/openstreetmap/openstreetmap-website"}},"updates":{"snippets":[{"icon":"DESCRIPTION","message":"API key dispenser (#2145)"}],"action":{"name":"View Pull Request","url":"https://github.com/openstreetmap/openstreetmap-website/pull/2145"}}}</script>
<script type="application/ld+json">[
{
"@context": "http://schema.org",
"@type": "EmailMessage",
"potentialAction": {
"@type": "ViewAction",
"target": "https://github.com/openstreetmap/openstreetmap-website/pull/2145",
"url": "https://github.com/openstreetmap/openstreetmap-website/pull/2145",
"name": "View Pull Request"
},
"description": "View this Pull Request on GitHub",
"publisher": {
"@type": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
}
]</script>