source: TFP-WebServer/WebServer/src/WebAPI/APIs/Permissions/WebApiTokens.cs@ 455

Last change on this file since 455 was 434, checked in by alloc, 20 months ago

Added permission management APIs

File size: 3.4 KB
Line 
1using System.Collections.Generic;
2using System.Net;
3using JetBrains.Annotations;
4using Utf8Json;
5using Webserver.Permissions;
6
7namespace Webserver.WebAPI.APIs.Permissions {
8 [UsedImplicitly]
9 public class WebApiTokens : AbsRestApi {
10 private const string propertyName = "name";
11 private const string propertySecret = "secret";
12 private const string propertyPermissionLevel = "permissionLevel";
13
14 private static readonly byte[] jsonKeyName = JsonWriter.GetEncodedPropertyNameWithBeginObject (propertyName);
15 private static readonly byte[] jsonKeySecret = JsonWriter.GetEncodedPropertyNameWithPrefixValueSeparator (propertySecret);
16 private static readonly byte[] jsonKeyPermissionLevel = JsonWriter.GetEncodedPropertyNameWithPrefixValueSeparator (propertyPermissionLevel);
17
18 private static AdminApiTokens ApiTokensInstance => AdminApiTokens.Instance;
19
20 protected override void HandleRestGet (RequestContext _context) {
21 string id = _context.RequestPath;
22
23 PrepareEnvelopedResult (out JsonWriter writer);
24
25 if (string.IsNullOrEmpty (id)) {
26
27 writer.WriteBeginArray ();
28
29 bool first = true;
30 foreach ((_, AdminApiTokens.ApiToken token) in ApiTokensInstance.GetTokens ()) {
31 if (!first) {
32 writer.WriteValueSeparator ();
33 }
34
35 first = false;
36
37 writeTokenJson (ref writer, token);
38 }
39
40 writer.WriteEndArray ();
41
42 SendEnvelopedResult (_context, ref writer);
43 return;
44 }
45
46 writer.WriteRaw (WebUtils.JsonEmptyData);
47 SendEnvelopedResult (_context, ref writer, HttpStatusCode.BadRequest);
48 }
49
50 private void writeTokenJson (ref JsonWriter _writer, AdminApiTokens.ApiToken _token) {
51 _writer.WriteRaw (jsonKeyName);
52 _writer.WriteString (_token.Name);
53 _writer.WriteRaw (jsonKeySecret);
54 _writer.WriteString (_token.Secret);
55 _writer.WriteRaw (jsonKeyPermissionLevel);
56 _writer.WriteInt32 (_token.PermissionLevel);
57 _writer.WriteEndObject ();
58 }
59
60 protected override void HandleRestPost (RequestContext _context, IDictionary<string, object> _jsonInput, byte[] _jsonInputData) {
61 string id = _context.RequestPath;
62
63 if (string.IsNullOrEmpty (id)) {
64 SendEmptyResponse (_context, HttpStatusCode.BadRequest, _jsonInputData, "NO_NAME");
65 return;
66 }
67
68 if (!JsonCommons.TryGetJsonField (_jsonInput, propertySecret, out string secret)) {
69 SendEmptyResponse (_context, HttpStatusCode.BadRequest, _jsonInputData, "NO_OR_INVALID_SECRET");
70 return;
71 }
72
73 if (!JsonCommons.TryGetJsonField (_jsonInput, propertyPermissionLevel, out int permissionLevel)) {
74 SendEmptyResponse (_context, HttpStatusCode.BadRequest, _jsonInputData, "NO_OR_INVALID_PERMISSION_LEVEL");
75 return;
76 }
77
78 ApiTokensInstance.AddToken (id, secret, permissionLevel);
79
80 SendEmptyResponse (_context, HttpStatusCode.Created);
81 }
82
83 protected override void HandleRestDelete (RequestContext _context) {
84 string id = _context.RequestPath;
85
86 bool removed = ApiTokensInstance.RemoveToken (id);
87
88 SendEmptyResponse (_context, removed ? HttpStatusCode.NoContent : HttpStatusCode.NotFound);
89 }
90
91 protected override bool AllowPostWithId => true;
92
93 public override int[] DefaultMethodPermissionLevels () => new[] {
94 AdminWebModules.MethodLevelNotSupported,
95 AdminWebModules.MethodLevelInheritGlobal,
96 AdminWebModules.MethodLevelInheritGlobal,
97 AdminWebModules.MethodLevelNotSupported,
98 AdminWebModules.MethodLevelInheritGlobal
99 };
100 }
101}
Note: See TracBrowser for help on using the repository browser.