对 Azure 移动服务的自定义 API 中的多个路由的权限 [英] Permission on multiple routes in a custom API for an Azure mobile service

查看:23
本文介绍了对 Azure 移动服务的自定义 API 中的多个路由的权限的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我在 Azure 移动服务中工作,在那里我制作了一个自定义 api.对于那些可以设置权限(如公共、应用程序、用户和管理员),这非常有用.但我需要多级 api(例如 /api/user/profile/{userId}),并且能够为子级 api 设置一些权限.

I am working in Azure Mobile Service where I have made a custom api. For those it is possible to set permissions (like public, application, user and admin), which is very useful. But I need multi-level api (like for example /api/user/profile/{userId}), and to be able to set some permission to the sub-level api.

我发现可以使用以下代码添加其他级别的 api 路径

I have found it is possible to add other levels of api paths with the following code

exports.register = function (api) {

    /* Get public user profile on some other user */
    api.get('/profile/:userId', getProfileFunc);

    /* Get private profile only for the authenticated user */
    api.get('/profile', getProvateProfileFunc);

    /* Update provate profile only for the authenticated user */
    api.put('/profile', updateProfileFunc);
}

exports.get = getUserListFunc;

api 权限是通过顶级的 {api-name}.json-file 设置的.但是如何为与父 api 不同的子级 api 设置权限?一个例证:
GET:api/user 获取用户列表,是权限application
GET:api/user/profile 获取(经过身份验证的)用户的个人资料,因此需要权限user.

The api permissions are set through the {api-name}.json-file for the top level. But how can I set a permission to a sub-level api that is different from the parent api? An illustration:
GET: api/user gets a list of users and is permission application
GET: api/user/profile gets the profile for (the authenticated) user, and therefor needs permission user.

user.json 中的权限是

{
  "routes": {
    "*": {
      "get": {"permission": "application"},
      "post": {"permission": "admin"},
      "put": {"permission": "admin"},
      "patch": {"permission": "admin"},
      "delete": {"permission": "admin"}
    }
  }
}

我正在使用连接到我的 WAMS 的 git 存储库.

I an working with a git repository connected to my WAMS.

推荐答案

.json 文件支持路由.请尝试以下操作:

The .json file supports routes. Try the following:

{
    "routes": {          
        "/" : { "permission": "public" },
        "/user/profile/:userId" : {
            "get": { "permission": "public" },
            "post": { "permission": "authenticated" }
        }
    }
}

这篇关于对 Azure 移动服务的自定义 API 中的多个路由的权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
其他开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆