source: binary-improvements2/WebServer/src/WebAPI/AbsWebAPI.cs@ 421

Last change on this file since 421 was 418, checked in by alloc, 21 months ago

Refactored API authorization to support per-HTTP-method permission levels

File size: 923 bytes
RevLine 
[418]1using Webserver.Permissions;
2
[391]3namespace Webserver.WebAPI {
4 public abstract class AbsWebAPI {
5 public readonly string Name;
[410]6 protected readonly Web ParentWeb;
[391]7
[418]8 protected readonly string CachedApiModuleName;
9
[410]10 protected AbsWebAPI (string _name = null) : this(null, _name) {
11 }
12
13 protected AbsWebAPI (Web _parentWeb, string _name = null) {
[391]14 Name = _name ?? GetType ().Name;
[410]15 ParentWeb = _parentWeb;
[418]16 CachedApiModuleName = $"webapi.{Name}";
17 RegisterPermissions ();
[391]18 }
19
[418]20 protected virtual void RegisterPermissions () {
21 AdminWebModules.Instance.AddKnownModule ($"webapi.{Name}", DefaultPermissionLevel ());
22 }
23
[391]24 public abstract void HandleRequest (RequestContext _context);
25
[418]26 public virtual bool Authorized (RequestContext _context) {
27 return AdminWebModules.Instance.ModuleAllowedWithLevel (CachedApiModuleName, _context.PermissionLevel);
28 }
29
[410]30 public virtual int DefaultPermissionLevel () => 0;
[391]31 }
32}
Note: See TracBrowser for help on using the repository browser.