|
Last change
on this file since 422 was 418, checked in by alloc, 3 years ago |
|
Refactored API authorization to support per-HTTP-method permission levels
|
|
File size:
923 bytes
|
| Line | |
|---|
| 1 | using Webserver.Permissions;
|
|---|
| 2 |
|
|---|
| 3 | namespace Webserver.WebAPI {
|
|---|
| 4 | public abstract class AbsWebAPI {
|
|---|
| 5 | public readonly string Name;
|
|---|
| 6 | protected readonly Web ParentWeb;
|
|---|
| 7 |
|
|---|
| 8 | protected readonly string CachedApiModuleName;
|
|---|
| 9 |
|
|---|
| 10 | protected AbsWebAPI (string _name = null) : this(null, _name) {
|
|---|
| 11 | }
|
|---|
| 12 |
|
|---|
| 13 | protected AbsWebAPI (Web _parentWeb, string _name = null) {
|
|---|
| 14 | Name = _name ?? GetType ().Name;
|
|---|
| 15 | ParentWeb = _parentWeb;
|
|---|
| 16 | CachedApiModuleName = $"webapi.{Name}";
|
|---|
| 17 | RegisterPermissions ();
|
|---|
| 18 | }
|
|---|
| 19 |
|
|---|
| 20 | protected virtual void RegisterPermissions () {
|
|---|
| 21 | AdminWebModules.Instance.AddKnownModule ($"webapi.{Name}", DefaultPermissionLevel ());
|
|---|
| 22 | }
|
|---|
| 23 |
|
|---|
| 24 | public abstract void HandleRequest (RequestContext _context);
|
|---|
| 25 |
|
|---|
| 26 | public virtual bool Authorized (RequestContext _context) {
|
|---|
| 27 | return AdminWebModules.Instance.ModuleAllowedWithLevel (CachedApiModuleName, _context.PermissionLevel);
|
|---|
| 28 | }
|
|---|
| 29 |
|
|---|
| 30 | public virtual int DefaultPermissionLevel () => 0;
|
|---|
| 31 | }
|
|---|
| 32 | }
|
|---|
Note:
See
TracBrowser
for help on using the repository browser.
![(please configure the [header_logo] section in trac.ini)](/chrome/site/your_project_logo.png){kind=logo}
