[openstreetmap/openstreetmap-website] API key dispenser (#2145)
Roland Olbricht
notifications at github.com
Fri Feb 15 06:00:35 UTC 2019
This is an implementation of the API key dispenser intended to help with GDPR requirements.
It is as minimal as possible:
- OSM users can register services by submitting an URI for the service.
- OSM users can request an API key for each registered service.
- For a registered service there is a stream of new and revoked keys with a similar mechanism to the minute updates via the new API endpoint _third_party_services/keys_
The data held on the Main Db is
- a table of services where the URI is unique
- a ledger of keys, implemented as two tables where _third_party_keys_ hold the actual data and _third_party_key_events_ is used as a PG sequence to properly sort out create and revoke events
Tests with full coverage have been added. Please take the whole thing still with a grain of salt: I have little Rails experience. For example, _CanCan_ did insist in various error messages I should add _skip_authorization_check_ to every controller, but this does sound like the proper solution.
You can view, comment on, or merge this pull request online at:
https://github.com/openstreetmap/openstreetmap-website/pull/2145
-- Commit Summary --
* Patch to introduce an API keys service
* Added emergency fix to deal with CanCan; proper solution unknown.
-- File Changes --
A app/controllers/third_party_keys_controller.rb (115)
A app/controllers/third_party_services_controller.rb (106)
A app/models/third_party_key.rb (42)
A app/models/third_party_key_event.rb (10)
A app/models/third_party_service.rb (21)
A app/views/third_party_keys/edit.html.erb (49)
A app/views/third_party_keys/index.html.erb (33)
A app/views/third_party_keys/new.html.erb (59)
A app/views/third_party_keys/show.html.erb (31)
A app/views/third_party_services/edit.html.erb (38)
A app/views/third_party_services/index.html.erb (15)
A app/views/third_party_services/new.html.erb (31)
A app/views/third_party_services/show.html.erb (32)
M app/views/users/account.html.erb (2)
M config/locales/en.yml (40)
M config/routes.rb (20)
A db/migrate/20190213050630_create_third_party_keys_structures.rb (26)
M lib/osm.rb (22)
A test/controllers/third_party_keys_controller_test.rb (193)
A test/controllers/third_party_services_controller_test.rb (375)
-- Patch Links --
https://github.com/openstreetmap/openstreetmap-website/pull/2145.patch
https://github.com/openstreetmap/openstreetmap-website/pull/2145.diff
--
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/2145
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20190214/74207e90/attachment-0001.html>
More information about the rails-dev
mailing list