[434] | 1 | using System.Collections.Generic;
|
---|
| 2 | using System.Net;
|
---|
| 3 | using JetBrains.Annotations;
|
---|
| 4 | using Utf8Json;
|
---|
| 5 | using Webserver.Permissions;
|
---|
| 6 |
|
---|
| 7 | namespace Webserver.WebAPI.APIs.Permissions {
|
---|
| 8 | [UsedImplicitly]
|
---|
| 9 | public class WebApiTokens : AbsRestApi {
|
---|
| 10 | private const string propertyName = "name";
|
---|
| 11 | private const string propertySecret = "secret";
|
---|
| 12 | private const string propertyPermissionLevel = "permissionLevel";
|
---|
| 13 |
|
---|
| 14 | private static readonly byte[] jsonKeyName = JsonWriter.GetEncodedPropertyNameWithBeginObject (propertyName);
|
---|
| 15 | private static readonly byte[] jsonKeySecret = JsonWriter.GetEncodedPropertyNameWithPrefixValueSeparator (propertySecret);
|
---|
| 16 | private static readonly byte[] jsonKeyPermissionLevel = JsonWriter.GetEncodedPropertyNameWithPrefixValueSeparator (propertyPermissionLevel);
|
---|
| 17 |
|
---|
| 18 | private static AdminApiTokens ApiTokensInstance => AdminApiTokens.Instance;
|
---|
| 19 |
|
---|
| 20 | protected override void HandleRestGet (RequestContext _context) {
|
---|
| 21 | string id = _context.RequestPath;
|
---|
| 22 |
|
---|
| 23 | PrepareEnvelopedResult (out JsonWriter writer);
|
---|
| 24 |
|
---|
| 25 | if (string.IsNullOrEmpty (id)) {
|
---|
| 26 |
|
---|
| 27 | writer.WriteBeginArray ();
|
---|
| 28 |
|
---|
| 29 | bool first = true;
|
---|
| 30 | foreach ((_, AdminApiTokens.ApiToken token) in ApiTokensInstance.GetTokens ()) {
|
---|
| 31 | if (!first) {
|
---|
| 32 | writer.WriteValueSeparator ();
|
---|
| 33 | }
|
---|
| 34 |
|
---|
| 35 | first = false;
|
---|
| 36 |
|
---|
| 37 | writeTokenJson (ref writer, token);
|
---|
| 38 | }
|
---|
| 39 |
|
---|
| 40 | writer.WriteEndArray ();
|
---|
| 41 |
|
---|
| 42 | SendEnvelopedResult (_context, ref writer);
|
---|
| 43 | return;
|
---|
| 44 | }
|
---|
| 45 |
|
---|
| 46 | writer.WriteRaw (WebUtils.JsonEmptyData);
|
---|
| 47 | SendEnvelopedResult (_context, ref writer, HttpStatusCode.BadRequest);
|
---|
| 48 | }
|
---|
| 49 |
|
---|
| 50 | private void writeTokenJson (ref JsonWriter _writer, AdminApiTokens.ApiToken _token) {
|
---|
| 51 | _writer.WriteRaw (jsonKeyName);
|
---|
| 52 | _writer.WriteString (_token.Name);
|
---|
| 53 | _writer.WriteRaw (jsonKeySecret);
|
---|
| 54 | _writer.WriteString (_token.Secret);
|
---|
| 55 | _writer.WriteRaw (jsonKeyPermissionLevel);
|
---|
| 56 | _writer.WriteInt32 (_token.PermissionLevel);
|
---|
| 57 | _writer.WriteEndObject ();
|
---|
| 58 | }
|
---|
| 59 |
|
---|
| 60 | protected override void HandleRestPost (RequestContext _context, IDictionary<string, object> _jsonInput, byte[] _jsonInputData) {
|
---|
| 61 | string id = _context.RequestPath;
|
---|
| 62 |
|
---|
| 63 | if (string.IsNullOrEmpty (id)) {
|
---|
| 64 | SendEmptyResponse (_context, HttpStatusCode.BadRequest, _jsonInputData, "NO_NAME");
|
---|
| 65 | return;
|
---|
| 66 | }
|
---|
| 67 |
|
---|
| 68 | if (!JsonCommons.TryGetJsonField (_jsonInput, propertySecret, out string secret)) {
|
---|
| 69 | SendEmptyResponse (_context, HttpStatusCode.BadRequest, _jsonInputData, "NO_OR_INVALID_SECRET");
|
---|
| 70 | return;
|
---|
| 71 | }
|
---|
| 72 |
|
---|
| 73 | if (!JsonCommons.TryGetJsonField (_jsonInput, propertyPermissionLevel, out int permissionLevel)) {
|
---|
| 74 | SendEmptyResponse (_context, HttpStatusCode.BadRequest, _jsonInputData, "NO_OR_INVALID_PERMISSION_LEVEL");
|
---|
| 75 | return;
|
---|
| 76 | }
|
---|
| 77 |
|
---|
| 78 | ApiTokensInstance.AddToken (id, secret, permissionLevel);
|
---|
| 79 |
|
---|
| 80 | SendEmptyResponse (_context, HttpStatusCode.Created);
|
---|
| 81 | }
|
---|
| 82 |
|
---|
| 83 | protected override void HandleRestDelete (RequestContext _context) {
|
---|
| 84 | string id = _context.RequestPath;
|
---|
| 85 |
|
---|
| 86 | bool removed = ApiTokensInstance.RemoveToken (id);
|
---|
| 87 |
|
---|
| 88 | SendEmptyResponse (_context, removed ? HttpStatusCode.NoContent : HttpStatusCode.NotFound);
|
---|
| 89 | }
|
---|
| 90 |
|
---|
| 91 | protected override bool AllowPostWithId => true;
|
---|
| 92 |
|
---|
| 93 | public override int[] DefaultMethodPermissionLevels () => new[] {
|
---|
| 94 | AdminWebModules.MethodLevelNotSupported,
|
---|
| 95 | AdminWebModules.MethodLevelInheritGlobal,
|
---|
| 96 | AdminWebModules.MethodLevelInheritGlobal,
|
---|
| 97 | AdminWebModules.MethodLevelNotSupported,
|
---|
| 98 | AdminWebModules.MethodLevelInheritGlobal
|
---|
| 99 | };
|
---|
| 100 | }
|
---|
| 101 | }
|
---|