oshdb
oshdb copied to clipboard
GIScience
Redesign user-filter security mechanism
The current design choice to prevent accidental exposure of the user-filter provides two default filter mechanisms
.filter(filterString)
and
String filterText = …;
TagTranslator tagTranslator = …;
FilterParser parser = new FilterParser(tagTranslator);
FilterExpression filter = parser.parse(filterText);
...
.filter(filter)
...
and one with activated user-filtering
String filterText = …;
TagTranslator tagTranslator = …;
FilterParser parser = new FilterParser(tagTranslator, true);
FilterExpression filter = parser.parse(filterText);
This design choice seems peculiar because it hides a useful functionality by default and it does not add any security but rather tries to prevents coding errors in depending tools such as the ohsome-api.
The following are some alternative designs that may be preferable:
- Inverse the above and don't hide a function by default but hide it on request.
- put the activation functionality directly to the method
.filter(filterString, booleanContributorFilterAllowed) - the above but use an enum instead of a boolean for later flexibility
- use different method names (
filterandfilterWithContributorfor example)
//cc @sfendrich what are your opinions as design-specialist?
Another very minor thing: the word optional is not directly clear in the changelog: (optional) contributor: <id|(ids)>. All filters are optional, right?
Also this information (disabled by default, can be activated by creating a filter parser with the respective optional boolean flag enabled) in the respective pull request did not make it to the explanation here: https://github.com/GIScience/oshdb/blob/master/oshdb-filter/README.md
not planned, as users of the OSHDB should be aware of the issue and act accordinly
