[openstreetmap/openstreetmap-website] Add allow_read_email oauth permission (#1431)

Ilya Zverev notifications at github.com
Thu Feb 9 09:08:13 UTC 2017

Okay, I will send this to LWG.

> for example I don't think we allow users to control what permissions they grant do we? They have to either accept or reject whatever the application asks for?

No, we are better than that. Try [Level0](http://level0.osmz.ru/index.php) for example: when logging in, you have a choice to uncheck "read user prefs". After that your name won't be displayed in the header, but the editor would still be operational.

Also the permissions list is pretty prominent with few words, so users I assume are reading it. I definitely do, every time.

Our API provides some information about users, including an avatar, number of edits and messages and some more. Other sites can (and do) already authenticate against our database, and this change would provide them with a verified e-mail address, so they don't have to implement such verification. Again, if facebook, google, wikipedia, github, twitter and many others do that, I don't see a reason why we should not. Especially when users know what they are subscribing to.

You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20170209/a8dbbe9a/attachment.html>

More information about the rails-dev mailing list