Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

reduce required priviledges to upload GPS traces (do not require to "read your private GPS traces") #4141

Closed
mnalis opened this issue Jun 19, 2022 · 7 comments · Fixed by #4143
Closed

reduce required priviledges to upload GPS traces (do not require to "read your private GPS traces") #4141

mnalis opened this issue Jun 19, 2022 · 7 comments · Fixed by #4143
Assignees
@westnordost

Comments

@mnalis
Copy link
Member

mnalis commented Jun 19, 2022

Use case

PR #3573 implemented ability to upload GPS traces.

As noted in #4122 (comment) this seems to require that users grant not only a right to upload GPS traces (which is obviously needed) but also a right to read your private GPS traces which should not be needed. That is unnecessary requirement which allows the SC to access all history and tracks by the user marked private, and as such should be eliminated in order to preserve as much of user's privacy, following the principle of least privilege.

example:
I've done some testing and it seems that GPS tracks get uploaded just fine (as API 0.6 docs suggest) when read your private GPS traces is not granted, however SC does not seem to detect successful upload, and forces re-login and retries uploading traces.

That results in traces being uploaded multiple times, while OSM Note get created only when both upload GPS traces and read your private GPS traces are finally granted.

e.g. https://www.openstreetmap.org/note/3230296 was created when I finally allowed both of them, while several traces (see multiple instances of _54432_10_19T12_53_20.000000Z.gpx at https://www.openstreetmap.org/user/mnalis%20ALTernative/traces).

Proposed Solution

SC should not require read your private GPS traces permission.

Original author @goldbattle offered to look into it.
westnordost added a commit that referenced this issue Jun 20, 2022
@westnordost
do not require READ_GPS_TRACES permission (fixes #4141)
857f810
@westnordost
Copy link
Member

I created a PR #4143 . Didn't test. Would you like to test it?

@mnalis
Copy link
Member Author

mnalis commented Jun 20, 2022

Yes. Will try tommorow.

@FloEdelmann FloEdelmann linked a pull request Jun 21, 2022 that will close this issue
do not require READ_GPS_TRACES permission (fixes #4141) #4143
Merged
westnordost added a commit that referenced this issue Jun 22, 2022
@westnordost
Merge pull request #4143 from streetcomplete/no-read-gps-traces
4ae8fce 
do not require READ_GPS_TRACES permission (fixes  #4141)
@westnordost westnordost reopened this Jun 22, 2022
@westnordost
Copy link
Member

Need to stay open until ~all users have updated to the version that includes this change. Then, edit the oauth token permissions

@westnordost westnordost self-assigned this Jun 22, 2022
@mnalis
Copy link
Member Author

mnalis commented Jul 16, 2022

As to when to update token permissions:

  • users uploading changesets with problematic StreetComplete 44.x: this OsmCha
  • SC 44.x notes with actual GPS Traces attached can be found in this osm-note-viewer by updating date range and entering this in Filter field:
*
text ~= "StreetComplete 44"

(currently 4 notes in last week)

@westnordost
Copy link
Member

Basically blocked by #4289 (by the fact that current versions of StreetComplete will currently not appear on F-Droid)

@westnordost westnordost added the blocked blocked by another issue label Aug 30, 2022
@mnalis
Copy link
Member Author

mnalis commented Oct 4, 2022

While #4289 is still active (pending either Google actually opensourcing the lib, or the ARcode being moved to separate companion app), the f-droid part is fixed now, so this issue is no longer blocked.

@mnalis mnalis removed the blocked blocked by another issue label Oct 4, 2022
@westnordost
Copy link
Member

removed the "read your private GPS traces" permission now.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@westnordost westnordost

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

do not require READ_GPS_TRACES permission (fixes #4141) streetcomplete/StreetComplete
2 participants
@mnalis @westnordost