对 Azure 移动服务的自定义 API 中的多个路由的权限 [英] Permission on multiple routes in a custom API for an Azure mobile service
问题描述
我在 Azure 移动服务中工作,在那里我制作了一个自定义 api.对于那些可以设置权限(如公共、应用程序、用户和管理员),这非常有用.但我需要多级 api(例如 /api/user/profile/{userId}
),并且能够为子级 api 设置一些权限.
I am working in Azure Mobile Service where I have made a custom api. For those it is possible to set permissions (like public, application, user and admin), which is very useful. But I need multi-level api (like for example /api/user/profile/{userId}
), and to be able to set some permission to the sub-level api.
我发现可以使用以下代码添加其他级别的 api 路径
I have found it is possible to add other levels of api paths with the following code
exports.register = function (api) {
/* Get public user profile on some other user */
api.get('/profile/:userId', getProfileFunc);
/* Get private profile only for the authenticated user */
api.get('/profile', getProvateProfileFunc);
/* Update provate profile only for the authenticated user */
api.put('/profile', updateProfileFunc);
}
exports.get = getUserListFunc;
api 权限是通过顶级的 {api-name}.json-file 设置的.但是如何为与父 api 不同的子级 api 设置权限?一个例证:
GET:api/user 获取用户列表,是权限application
GET:api/user/profile 获取(经过身份验证的)用户的个人资料,因此需要权限user.
The api permissions are set through the {api-name}.json-file for the top level.
But how can I set a permission to a sub-level api that is different from the parent api? An illustration:
GET: api/user gets a list of users and is permission application
GET: api/user/profile gets the profile for (the authenticated) user, and therefor needs permission user.
user.json 中的权限是
{
"routes": {
"*": {
"get": {"permission": "application"},
"post": {"permission": "admin"},
"put": {"permission": "admin"},
"patch": {"permission": "admin"},
"delete": {"permission": "admin"}
}
}
}
我正在使用连接到我的 WAMS 的 git 存储库.
I an working with a git repository connected to my WAMS.
推荐答案
.json 文件支持路由.请尝试以下操作:
The .json file supports routes. Try the following:
{
"routes": {
"/" : { "permission": "public" },
"/user/profile/:userId" : {
"get": { "permission": "public" },
"post": { "permission": "authenticated" }
}
}
}
这篇关于对 Azure 移动服务的自定义 API 中的多个路由的权限的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!