Changeset 418 for binary-improvements2/WebServer/src/WebAPI/AbsWebAPI.cs

Timestamp:

Feb 27, 2023, 9:40:12 PM (21 months ago)

Author:

alloc

Message:

Refactored API authorization to support per-HTTP-method permission levels

File:

• binary-improvements2/WebServer/src/WebAPI/AbsWebAPI.cs (modified) (2 diffs)

binary-improvements2/WebServer/src/WebAPI/AbsWebAPI.cs

@@ +1 @@
+using Webserver.Permissions;
+
 namespace Webserver.WebAPI {
         public abstract class AbsWebAPI {
                 public readonly string Name;
                 protected readonly Web ParentWeb;
+
+                protected readonly string CachedApiModuleName;
 
                 protected AbsWebAPI (string _name = null) : this(null, _name) {
@@ -10 +14 @@
                         Name = _name ?? GetType ().Name;
                         ParentWeb = _parentWeb;
+                        CachedApiModuleName = $"webapi.{Name}";
+                        RegisterPermissions ();
+                }
+
+                protected virtual void RegisterPermissions () {
+                        AdminWebModules.Instance.AddKnownModule ($"webapi.{Name}", DefaultPermissionLevel ());
                 }
 
                 public abstract void HandleRequest (RequestContext _context);
 
+                public virtual bool Authorized (RequestContext _context) {
+                        return AdminWebModules.Instance.ModuleAllowedWithLevel (CachedApiModuleName, _context.PermissionLevel);
+                }
+
                 public virtual int DefaultPermissionLevel () => 0;
         }