Last change
on this file since 422 was 418, checked in by alloc, 21 months ago |
Refactored API authorization to support per-HTTP-method permission levels
|
File size:
923 bytes
|
Line | |
---|
1 | using Webserver.Permissions;
|
---|
2 |
|
---|
3 | namespace Webserver.WebAPI {
|
---|
4 | public abstract class AbsWebAPI {
|
---|
5 | public readonly string Name;
|
---|
6 | protected readonly Web ParentWeb;
|
---|
7 |
|
---|
8 | protected readonly string CachedApiModuleName;
|
---|
9 |
|
---|
10 | protected AbsWebAPI (string _name = null) : this(null, _name) {
|
---|
11 | }
|
---|
12 |
|
---|
13 | protected AbsWebAPI (Web _parentWeb, string _name = null) {
|
---|
14 | Name = _name ?? GetType ().Name;
|
---|
15 | ParentWeb = _parentWeb;
|
---|
16 | CachedApiModuleName = $"webapi.{Name}";
|
---|
17 | RegisterPermissions ();
|
---|
18 | }
|
---|
19 |
|
---|
20 | protected virtual void RegisterPermissions () {
|
---|
21 | AdminWebModules.Instance.AddKnownModule ($"webapi.{Name}", DefaultPermissionLevel ());
|
---|
22 | }
|
---|
23 |
|
---|
24 | public abstract void HandleRequest (RequestContext _context);
|
---|
25 |
|
---|
26 | public virtual bool Authorized (RequestContext _context) {
|
---|
27 | return AdminWebModules.Instance.ModuleAllowedWithLevel (CachedApiModuleName, _context.PermissionLevel);
|
---|
28 | }
|
---|
29 |
|
---|
30 | public virtual int DefaultPermissionLevel () => 0;
|
---|
31 | }
|
---|
32 | }
|
---|
Note:
See
TracBrowser
for help on using the repository browser.