[OSM-dev] Changeset Revert Tool

Frederik Ramm frederik at remote.org
Wed Apr 22 07:43:55 BST 2009


Hi,

Ian Dees wrote:
> Can we start a thread discussing what is required/wanted in a changeset
> tool? What should such a tool do besides "revert changes from changeset x"?

I think it would be best to first concentrate on some kind of OpenAuth 
support (or something homebuilt) that would allow a third-party 
application to execute API calls on behalf of a user.

Something like

* user tells application "please revert changeset"
* application redirects user to API
* API tells user "please authenticate for application X"
* user enters credentials
* API redirects user back to application, with magic token
* application makes API requests using magic token

I don't know how far existing technologies can be used to achieve this; 
I believe OpenAuth only goes so far as to tell the application "yes, 
that guy really is user abc123 at my site", it doesn't do the second bit.

I believe we could solve this using changesets with relative ease, by 
adding an "auth_token" field to a changeset and allowing database 
updates with *either* username+password (as before) *or* 
username+auth_token (of an open changeset created for this user). This 
would mean that the user could open a changeset with the API and then 
pass on the token to third-party applications, which would then be able 
to make changes on behalf of this user, but only within that one changeset.

This might or might not require far-reaching changes to a lot of API 
components. Maybe it's just the auth code that needs a few extra lines.

Other ideas will of course also work, this is just one way of doing it.

Without such an "executing stuff on behalf of user" mechanism, any 
revert (or other) tool would have to ask the user for his 
username/password (and, therefore, his trust). This is not such a big 
deal for software that people download and install locally, but we would 
not want to encourage people to enter their OSM credentials with any 
third party web site.

Bye
Frederik

-- 
Frederik Ramm  ##  eMail frederik at remote.org  ##  N49°00'09" E008°23'33"




More information about the dev mailing list