[391] | 1 | using System;
|
---|
| 2 | using System.Collections.Generic;
|
---|
| 3 | using System.Net;
|
---|
| 4 | using System.Reflection;
|
---|
| 5 | using Webserver.WebAPI;
|
---|
| 6 |
|
---|
| 7 | namespace Webserver.UrlHandlers {
|
---|
| 8 | public class ApiHandler : AbsHandler {
|
---|
| 9 | private readonly Dictionary<string, AbsWebAPI> apis = new CaseInsensitiveStringDictionary<AbsWebAPI> ();
|
---|
| 10 |
|
---|
| 11 | public ApiHandler () : base (null) {
|
---|
| 12 |
|
---|
| 13 | }
|
---|
| 14 |
|
---|
| 15 | public override void SetBasePathAndParent (Web _parent, string _relativePath) {
|
---|
| 16 | base.SetBasePathAndParent (_parent, _relativePath);
|
---|
| 17 |
|
---|
| 18 | Type[] apiWithParentCtorTypes = { typeof (Web) };
|
---|
| 19 | object[] apiWithParentCtorArgs = { _parent };
|
---|
| 20 |
|
---|
| 21 | Type[] apiEmptyCtorTypes = { };
|
---|
| 22 | object[] apiEmptyCtorArgs = { };
|
---|
| 23 |
|
---|
| 24 |
|
---|
| 25 | ReflectionHelpers.FindTypesImplementingBase (typeof (AbsWebAPI), _type => {
|
---|
| 26 | ConstructorInfo ctor = _type.GetConstructor (apiWithParentCtorTypes);
|
---|
| 27 | if (ctor != null) {
|
---|
| 28 | AbsWebAPI apiInstance = (AbsWebAPI) ctor.Invoke (apiWithParentCtorArgs);
|
---|
| 29 | addApi (apiInstance);
|
---|
| 30 | return;
|
---|
| 31 | }
|
---|
| 32 |
|
---|
| 33 | ctor = _type.GetConstructor (apiEmptyCtorTypes);
|
---|
| 34 | if (ctor != null) {
|
---|
| 35 | AbsWebAPI apiInstance = (AbsWebAPI) ctor.Invoke (apiEmptyCtorArgs);
|
---|
| 36 | addApi (apiInstance);
|
---|
| 37 | }
|
---|
| 38 | });
|
---|
| 39 |
|
---|
| 40 | // Permissions that don't map to a real API
|
---|
| 41 | addApi (new Null ("viewallclaims"));
|
---|
| 42 | addApi (new Null ("viewallplayers"));
|
---|
| 43 | }
|
---|
| 44 |
|
---|
| 45 | private void addApi (AbsWebAPI _api) {
|
---|
| 46 | apis.Add (_api.Name, _api);
|
---|
| 47 | WebPermissions.Instance.AddKnownModule ("webapi." + _api.Name, _api.DefaultPermissionLevel ());
|
---|
| 48 | }
|
---|
| 49 |
|
---|
| 50 | #if ENABLE_PROFILER
|
---|
| 51 | private static readonly UnityEngine.Profiling.CustomSampler apiHandlerSampler = UnityEngine.Profiling.CustomSampler.Create ("API_Handler");
|
---|
| 52 | #endif
|
---|
| 53 |
|
---|
| 54 | public override void HandleRequest (RequestContext _context) {
|
---|
| 55 |
|
---|
| 56 | string apiName;
|
---|
| 57 | string subPath = null;
|
---|
| 58 |
|
---|
| 59 | int pathSeparatorIndex = _context.RequestPath.IndexOf ('/', urlBasePath.Length);
|
---|
| 60 | if (pathSeparatorIndex >= 0) {
|
---|
| 61 | apiName = _context.RequestPath.Substring (urlBasePath.Length, pathSeparatorIndex - urlBasePath.Length);
|
---|
| 62 | subPath = _context.RequestPath.Substring (pathSeparatorIndex + 1);
|
---|
| 63 | } else {
|
---|
| 64 | apiName = _context.RequestPath.Substring (urlBasePath.Length);
|
---|
| 65 | }
|
---|
| 66 |
|
---|
| 67 | if (!apis.TryGetValue (apiName, out AbsWebAPI api)) {
|
---|
| 68 | Log.Out ($"Error in {nameof(ApiHandler)}.HandleRequest(): No handler found for API \"{apiName}\"");
|
---|
| 69 | _context.Response.StatusCode = (int) HttpStatusCode.NotFound;
|
---|
| 70 | return;
|
---|
| 71 | }
|
---|
| 72 |
|
---|
| 73 | if (!IsAuthorizedForApi (apiName, _context.PermissionLevel)) {
|
---|
| 74 | _context.Response.StatusCode = (int) HttpStatusCode.Forbidden;
|
---|
| 75 | if (_context.Connection != null) {
|
---|
| 76 | //Log.Out ($"{nameof(ApiHandler)}: user '{user.SteamID}' not allowed to execute '{apiName}'");
|
---|
| 77 | }
|
---|
| 78 |
|
---|
| 79 | return;
|
---|
| 80 | }
|
---|
| 81 |
|
---|
| 82 | _context.RequestPath = subPath;
|
---|
| 83 |
|
---|
| 84 | try {
|
---|
| 85 | #if ENABLE_PROFILER
|
---|
| 86 | apiHandlerSampler.Begin ();
|
---|
| 87 | #endif
|
---|
| 88 | api.HandleRequest (_context);
|
---|
| 89 | #if ENABLE_PROFILER
|
---|
| 90 | apiHandlerSampler.End ();
|
---|
| 91 | #endif
|
---|
| 92 | } catch (Exception e) {
|
---|
| 93 | Log.Error ($"Error in {nameof(ApiHandler)}.HandleRequest(): Handler {api.Name} threw an exception:");
|
---|
| 94 | Log.Exception (e);
|
---|
| 95 | _context.Response.StatusCode = (int) HttpStatusCode.InternalServerError;
|
---|
| 96 | }
|
---|
| 97 | }
|
---|
| 98 |
|
---|
| 99 | private bool IsAuthorizedForApi (string _apiName, int _permissionLevel) {
|
---|
| 100 | return WebPermissions.Instance.ModuleAllowedWithLevel ("webapi." + _apiName, _permissionLevel);
|
---|
| 101 | }
|
---|
| 102 | }
|
---|
| 103 | }
|
---|