[openstreetmap/openstreetmap-website] Limit number of edits per user and day (#2342)
Matija Nalis
notifications at github.com
Mon Oct 30 09:45:10 UTC 2023
> I updated https://nightwatch-test.azurewebsites.net/RateLimit to use logic from https://github.com/openstreetmap/openstreetmap-website/pull/4319, at least try to(there is no API for first changeset time, hence had to calculate somehow, and maybe I made typo while converting algorithm...). It should be displaying all changesets that went past limit in last 6 days...
@DavidKarlas quick look seems to show false positives on [StreetComplete](https://wiki.openstreetmap.org/wiki/StreetComplete) users, e.g. user [Lucidarius](https://hdyc.neis-one.org/?Lucidarius). Contributing factors:
- StreetComplete is popular editor which is made to be very simple as it is especially aimed on newbies, so it is quite likely it will be used on new accounts
- StreetComplete offers many (> 100) [quest types](https://wiki.openstreetmap.org/wiki/StreetComplete/Quests), and creates one-changeset-per-quest-type (e.g. one for `which way are lit`, one for `which surface is that`, one for `what are opening hours here` etc), which results in many changesets
- each changeset will contain many object modified (i.e. if user walked several km and answered `is this way lit` for each road segment of every road they passed, there could easily be hundreds of those in just one day. I myself often reach several hundreds, someone even over thousand objects edited in a day)
- often, users will upload the quests in batch only when they get home on wifi (as it saves battery on the field, reduces data usage and has other advantages related to undoing/modifying answers). (Or they might forget to do it that day and so do several other daily mapping sessions before finally doing the upload)
The combined result of those on the first look looks very much like vandalism would: few dozen changesets with hundreds of changes each (with no or very little additions/deletions), all uploaded by new user in several minutes; so it triggers with e.g. _"[Changeset 143292894](https://www.openstreetmap.org/changeset/143292894): Modified 798 ways in 1 hours, limit is 250."_
(more detailed processing reveals the StreetComplete changesets to be benign; but checking that is much more resource intensive -- i.e. requires looking what each object change did: StreetComplete will in vast majority of cases only add new tags like `lit=yes` or `lit/no`, and rarely do things modify `name` or delete tags or modify geometry or remove objects - which are likely more problematic)
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/issues/2342#issuecomment-1784825890
You are receiving this because you are subscribed to this thread.
Message ID: <openstreetmap/openstreetmap-website/issues/2342/1784825890 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20231030/996a7762/attachment.htm>
More information about the rails-dev
mailing list