source: binary-improvements2/WebServer/src/WebAPI/AbsWebAPI.cs@ 422

Last change on this file since 422 was 418, checked in by alloc, 21 months ago

Refactored API authorization to support per-HTTP-method permission levels

File size: 923 bytes
Line 
1using Webserver.Permissions;
2
3namespace Webserver.WebAPI {
4 public abstract class AbsWebAPI {
5 public readonly string Name;
6 protected readonly Web ParentWeb;
7
8 protected readonly string CachedApiModuleName;
9
10 protected AbsWebAPI (string _name = null) : this(null, _name) {
11 }
12
13 protected AbsWebAPI (Web _parentWeb, string _name = null) {
14 Name = _name ?? GetType ().Name;
15 ParentWeb = _parentWeb;
16 CachedApiModuleName = $"webapi.{Name}";
17 RegisterPermissions ();
18 }
19
20 protected virtual void RegisterPermissions () {
21 AdminWebModules.Instance.AddKnownModule ($"webapi.{Name}", DefaultPermissionLevel ());
22 }
23
24 public abstract void HandleRequest (RequestContext _context);
25
26 public virtual bool Authorized (RequestContext _context) {
27 return AdminWebModules.Instance.ModuleAllowedWithLevel (CachedApiModuleName, _context.PermissionLevel);
28 }
29
30 public virtual int DefaultPermissionLevel () => 0;
31 }
32}
Note: See TracBrowser for help on using the repository browser.