权限在一个自定义的API多种途径为Azure的移动服务 [英] Permission on multiple routes in a custom API for an Azure mobile service

查看:177
本文介绍了权限在一个自定义的API多种途径为Azure的移动服务的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我在Azure的移动服务所在我做了一个自定义的API工作。对于那些有可能设置权限(如公开的,应用,用户和管理员),这是非常有用的。但我需要多层次的API(例如像 / API /用户/型材/ {用户id} ),并能在一定的权限设置为子级API

I am working in Azure Mobile Service where I have made a custom api. For those it is possible to set permissions (like public, application, user and admin), which is very useful. But I need multi-level api (like for example /api/user/profile/{userId}), and to be able to set some permission to the sub-level api.

我发现它可以加入的API路径其他各级具有以下code

I have found it is possible to add other levels of api paths with the following code

exports.register = function (api) {

    /* Get public user profile on some other user */
    api.get('/profile/:userId', getProfileFunc);

    /* Get private profile only for the authenticated user */
    api.get('/profile', getProvateProfileFunc);

    /* Update provate profile only for the authenticated user */
    api.put('/profile', updateProfileFunc);
}

exports.get = getUserListFunc;

中的API权限通过{API名}以.json文件的顶层设置。
但我怎么可以设定一个分层次的API的权限是从父API不同的?一个例证:结果
GET:API /用户获取用户的列表,并允许的应用程序的结果
GET:API /用户/ profile文件将获取(已认证)用户的配置文件,并为此需要权限的用户

The api permissions are set through the {api-name}.json-file for the top level. But how can I set a permission to a sub-level api that is different from the parent api? An illustration:
GET: api/user gets a list of users and is permission application
GET: api/user/profile gets the profile for (the authenticated) user, and therefor needs permission user.

和在权限中的 user.json 的是

{
  "routes": {
    "*": {
      "get": {"permission": "application"},
      "post": {"permission": "admin"},
      "put": {"permission": "admin"},
      "patch": {"permission": "admin"},
      "delete": {"permission": "admin"}
    }
  }
}

我的连接到我的WAMS一个Git仓库工作。

I an working with a git repository connected to my WAMS.

推荐答案

在以.json文件支持的路线。请尝试以下操作:

The .json file supports routes. Try the following:

{
    "routes": {          
        "/" : { "permission": "public" },
        "/user/profile/:userId" : {
            "get": { "permission": "public" },
            "post": { "permission": "authenticated" }
        }
    }
}

这篇关于权限在一个自定义的API多种途径为Azure的移动服务的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆