Context Navigation

AbsRestApi.cs@ 434

Last change on this file since 434 was 434, checked in by alloc, 18 months ago
Added permission management APIs
File size: 6.6 KB

Rev	Line
[391]	1	using System;
[402]	2	using System.Collections.Generic;
[391]	3	using System.IO;
	4	using System.Net;
[402]	5	using Utf8Json;
[418]	6	using Webserver.Permissions;
[391]	7
	8	namespace Webserver.WebAPI {
	9	public abstract class AbsRestApi : AbsWebAPI {
[394]	10	private static readonly UnityEngine.Profiling.CustomSampler jsonDeserializeSampler = UnityEngine.Profiling.CustomSampler.Create ("JSON_Deserialize");
	11
[410]	12	protected AbsRestApi (string _name = null) : this(null, _name) {
	13	}
	14
	15	protected AbsRestApi (Web _parentWeb, string _name = null) : base(_parentWeb, _name) {
	16	}
	17
[418]	18	protected override void RegisterPermissions () {
[426]	19	AdminWebModules.Instance.AddKnownModule (new AdminWebModules.WebModule (CachedApiModuleName, DefaultPermissionLevel (),
	20	DefaultMethodPermissionLevels (), true));
[418]	21	}
	22
[391]	23	public sealed override void HandleRequest (RequestContext _context) {
[402]	24	IDictionary<string, object> inputJson = null;
	25	byte[] jsonInputData = null;
	26
[391]	27	if (_context.Request.HasEntityBody) {
[402]	28	Stream requestInputStream = _context.Request.InputStream;
	29
	30	jsonInputData = new byte[_context.Request.ContentLength64];
	31	requestInputStream.Read (jsonInputData, 0, (int)_context.Request.ContentLength64);
	32
	33	try {
	34	jsonDeserializeSampler.Begin ();
	35	inputJson = JsonSerializer.Deserialize<IDictionary<string, object>> (jsonInputData);
	36
	37	// Log.Out ("JSON body:");
	38	// foreach ((string key, object value) in inputJson) {
	39	// Log.Out ($" - {key} = {value} ({value.GetType ()})");
	40	// }
	41
	42	jsonDeserializeSampler.End ();
	43	} catch (Exception e) {
	44	jsonDeserializeSampler.End ();
[391]	45
[434]	46	SendEmptyResponse (_context, HttpStatusCode.BadRequest, null, "INVALID_BODY", e);
[402]	47	return;
[391]	48	}
	49	}
	50
	51	try {
[418]	52	switch (_context.Method) {
	53	case ERequestMethod.GET:
[402]	54	if (inputJson != null) {
[434]	55	SendEmptyResponse (_context, HttpStatusCode.BadRequest, jsonInputData, "GET_WITH_BODY");
[391]	56	return;
	57	}
	58
	59	HandleRestGet (_context);
	60	return;
[418]	61	case ERequestMethod.POST:
[434]	62	if (!AllowPostWithId && !string.IsNullOrEmpty (_context.RequestPath)) {
	63	SendEmptyResponse (_context, HttpStatusCode.BadRequest, jsonInputData, "POST_WITH_ID");
[391]	64	return;
	65	}
	66
[402]	67	if (inputJson == null) {
[434]	68	SendEmptyResponse (_context, HttpStatusCode.BadRequest, null, "POST_WITHOUT_BODY");
[391]	69	return;
	70	}
	71
[402]	72	HandleRestPost (_context, inputJson, jsonInputData);
[391]	73	return;
[418]	74	case ERequestMethod.PUT:
[391]	75	if (string.IsNullOrEmpty (_context.RequestPath)) {
[434]	76	SendEmptyResponse (_context, HttpStatusCode.BadRequest, jsonInputData, "PUT_WITHOUT_ID");
[391]	77	return;
	78	}
	79
[402]	80	if (inputJson == null) {
[434]	81	SendEmptyResponse (_context, HttpStatusCode.BadRequest, null, "PUT_WITHOUT_BODY");
[391]	82	return;
	83	}
	84
[402]	85	HandleRestPut (_context, inputJson, jsonInputData);
[391]	86	return;
[418]	87	case ERequestMethod.DELETE:
[391]	88	if (string.IsNullOrEmpty (_context.RequestPath)) {
[434]	89	SendEmptyResponse (_context, HttpStatusCode.BadRequest, jsonInputData, "DELETE_WITHOUT_ID");
[391]	90	return;
	91	}
	92
[402]	93	if (inputJson != null) {
[434]	94	SendEmptyResponse (_context, HttpStatusCode.BadRequest, null, "DELETE_WITH_BODY");
[391]	95	return;
	96	}
	97
	98	HandleRestDelete (_context);
	99	return;
	100	default:
[434]	101	SendEmptyResponse (_context, HttpStatusCode.BadRequest, null, "INVALID_METHOD");
[391]	102	return;
	103	}
	104	} catch (Exception e) {
[434]	105	SendEmptyResponse (_context, HttpStatusCode.InternalServerError, jsonInputData, "ERROR_PROCESSING", e);
[391]	106	}
	107	}
	108
[404]	109	protected virtual void HandleRestGet (RequestContext _context) {
[434]	110	SendEmptyResponse (_context, HttpStatusCode.MethodNotAllowed, null, "Unsupported");
[404]	111	}
	112
	113	protected virtual void HandleRestPost (RequestContext _context, IDictionary<string, object> _jsonInput, byte[] _jsonInputData) {
[434]	114	SendEmptyResponse (_context, HttpStatusCode.MethodNotAllowed, _jsonInputData, "Unsupported");
[404]	115	}
	116
	117	protected virtual void HandleRestPut (RequestContext _context, IDictionary<string, object> _jsonInput, byte[] _jsonInputData) {
[434]	118	SendEmptyResponse (_context, HttpStatusCode.MethodNotAllowed, _jsonInputData, "Unsupported");
[404]	119	}
	120
	121	protected virtual void HandleRestDelete (RequestContext _context) {
[434]	122	SendEmptyResponse (_context, HttpStatusCode.MethodNotAllowed, null, "Unsupported");
[404]	123	}
	124
[418]	125	public override bool Authorized (RequestContext _context) {
[426]	126	AdminWebModules.WebModule module = AdminWebModules.Instance.GetModule (CachedApiModuleName);
[404]	127
[434]	128	if (module.LevelPerMethod == null) {
	129	return module.LevelGlobal >= _context.PermissionLevel;
	130	}
[418]	131
[434]	132	int perMethodLevel = module.LevelPerMethod [(int)_context.Method];
	133	if (perMethodLevel == AdminWebModules.MethodLevelNotSupported) {
	134	return false;
[418]	135	}
	136
[434]	137	if (perMethodLevel != AdminWebModules.MethodLevelInheritGlobal) {
	138	return perMethodLevel >= _context.PermissionLevel;
	139	}
	140
[426]	141	return module.LevelGlobal >= _context.PermissionLevel;
	142	}
[418]	143
[434]	144	protected virtual bool AllowPostWithId => false;
	145
[426]	146	/// <summary>
	147	/// Define default permission levels per HTTP method as an array of levels. See <see cref="ERequestMethod"/> for the order of entries.
	148	/// </summary>
	149	/// <returns>Default permission levels for supported methods. See <see cref="AdminWebModules.MethodLevelNotSupported"/> and <see cref="AdminWebModules.MethodLevelInheritGlobal"/>.</returns>
	150	public virtual int[] DefaultMethodPermissionLevels () => new[] {
	151	AdminWebModules.MethodLevelNotSupported,
	152	AdminWebModules.MethodLevelInheritGlobal,
	153	AdminWebModules.MethodLevelInheritGlobal,
	154	AdminWebModules.MethodLevelInheritGlobal,
	155	AdminWebModules.MethodLevelInheritGlobal
	156	};
[418]	157
[404]	158	#region Helpers
	159
	160	protected static void PrepareEnvelopedResult (out JsonWriter _writer) {
[402]	161	WebUtils.PrepareEnvelopedResult (out _writer);
	162	}
[391]	163
[404]	164	protected static void SendEnvelopedResult (RequestContext _context, ref JsonWriter _writer, HttpStatusCode _statusCode = HttpStatusCode.OK,
[402]	165	byte[] _jsonInputData = null, string _errorCode = null, Exception _exception = null) {
	166
	167	WebUtils.SendEnvelopedResult (_context, ref _writer, _statusCode, _jsonInputData, _errorCode, _exception);
[391]	168	}
	169
[434]	170	protected static void SendEmptyResponse (RequestContext _context, HttpStatusCode _statusCode = HttpStatusCode.OK, byte[] _jsonInputData = null, string _errorCode = null, Exception _exception = null) {
[404]	171	PrepareEnvelopedResult (out JsonWriter writer);
[434]	172	writer.WriteRaw (WebUtils.JsonEmptyData);
[404]	173	SendEnvelopedResult (_context, ref writer, _statusCode, _jsonInputData, _errorCode, _exception);
	174	}
	175
	176	#endregion
[391]	177	}
	178	}

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: binary-improvements2/WebServer/src/WebAPI/AbsRestApi.cs@ 434

Download in other formats: