Accessing non-public caches

[following5]

This is low prio, as long there are no OKAPI methods for preparing new caches (e.g. #440) or for OC admin functions.

Generally, current OKAPI versions do not allow to access nonpublic (unpublished, blocked etc.) and semipublic (OCDE locked) caches. There are a few exceptions, not intentionally but by accident:

• All log image methods work with logs & images of nonpublic caches.
• Logs of nonpublic caches can be deleted.

There would be no point in protecting that, because it all is allowed (for the log authors) on the OC websites.

Implementation idea for full owner access:

• Add a status2 field for geocaches, which supports all the new status.
• Enable them in the geocache and log retrieval methods for L3-authentified owners. (Grep OKAPI source code for "1,2,3"!) Add access tokens to some more internal calls of those methods.
• Add the new status values to the status logging logic.
• Map them to some GC types in GPX, e.g. 'Locked' to 'Archived' and all the other to 'Temporarily unavailable'.
• Take care that no OCPL fakeusers can access nonpublic data - fix #496.

[following5]

I think we could also allow full access to log entries for the log authors (e.g. via services/logs/userlogs).

[following5]

Add a status2 field for geocaches, which supports all the new status.

Better: Add a boolean parameter, which enables the retrieval of nonpublic caches; then no new status field is needed. Otherwise existing apps would treat non-public caches like public caches, which could lead to logical errors.

[following5]

But a status2 parameter will be needed in the searching methods.

[kojoty]

@following5, please explain to me: why we can't just extend the list values of current status field + add bool. switch which enable this wider list. Then we don't need additional status2 which can be a little confusing...

[following5]

I was thinking of the size/size2 search options, and of backward compatibility to old OKAPI installations (currently OC.US and OC.DE) which will throw a HTTP 400 error when searching for unknown statuses.

But size/size2 is another issue (different parameter formats), and status2 also would throw an error on old installations. Better: Add a statuses field to services/caches/capabilities, which returns a list of statuses that can be searched for.

[following5]

Better: Add a statuses field to services/caches/capabilities

done

[following5]

Note: For OCDE "Locked" caches, the old "XML Interface" API does not expose coordinates; it gives 0/0 coords instead. Maybe we should do the same in OKAPI (or return a null location).

[andrixnet]

Could this be related to the fact that not-published caches cannot be visible on the map at this time? see also https://github.com/opencaching/opencaching-pl/issues/602

[following5]

Yes.

[martl]

Please fix, f.e. all mo-caches Seem Go be still available in c:Geo, even after Update, although Archived/locked