Question

我做了一个自定义功能，该功能应检查用户使用请求的权限。我可以监视位置信息吗？这样可以吗？

if (!User.accessTo.contains(CALL_LOCATION_INFO)){
call.respond(HttpStatusCode.BadRequest) }

那是我的功能代码：

data class UserRights(
        val haveFullAccess:Boolean,
        val accessTo:List<String>,
        val canUpdate:Boolean,
        val canDelete:Boolean,
        val canBan:Boolean,
        val canMute:Boolean)

var User = UserRights(false, listOf(""),false,false,false,false)

class RightsChecker(configuration: Configuration) {
    val prop = configuration.prop // get snapshot of config into immutable property
    class Configuration {
        var prop = "value"
    }
    companion object Feature : ApplicationFeature<ApplicationCallPipeline, Configuration, RightsChecker> {
        override val key = AttributeKey<RightsChecker>("RightsChecker")
        override fun install(pipeline: ApplicationCallPipeline, configure: Configuration.() -> Unit): RightsChecker {
            val configuration = RightsChecker.Configuration().apply(configure)
            val feature = RightsChecker(configuration)

            val FilterPhase = PipelinePhase("CallFilter")
            pipeline.insertPhaseAfter(ApplicationCallPipeline.Infrastructure, FilterPhase)

            pipeline.intercept(FilterPhase) {
                val session = call.sessions.get<SessionData>() ?: SessionData(0, "Guest")
                when (session.role) {
                    "Guest" -> User = UserRights(
                            haveFullAccess = false,
                            accessTo = listOf(""),
                            canUpdate = false,
                            canDelete = false,
                            canBan = false,
                            canMute = false)
                    "User" -> User = UserRights(
                            haveFullAccess = false,
                            accessTo = listOf("lUsers"),
                            canUpdate = false,
                            canDelete = false,
                            canBan = false,
                            canMute = false)                       
                    "Admin" -> User = UserRights(
                            haveFullAccess = true,
                            accessTo = listOf("lUsers"),
                            canUpdate = true,
                            canDelete = true,
                            canBan = true,
                            canMute = true)
                }
                if (!User.accessTo.contains(CALL_LOCATION_INFO)){
                    call.respond(HttpStatusCode.BadRequest)
                }
            }
            return feature
        }
    }
}

您如何看到，我正在使用具有权限的UserRights数据类。 “ accesTo”-是用户可以使用的位置名称列表（可以更改格式）。功能必须在处理请求之前仅检查“ accesTo”列表中包含的位置名称。

谢谢您的帮助！

UPD：位置代码：

@Location("/login") data class lLoginData(val email:String, val password: String)
@Location("/users") data class lGetUsers(val page:Int, val limit:Int)
@Location("/users/user") data class lUser(val email: String)
@Location("/users") data class lUpdateData(val userID: Int, val datatype:String, val newData:String)
@Location("/users") data class lRegData(val email: String, val username:String, val userpass:String)

Answer 1

如果我对您的理解正确，那么您只是想知道调用了什么路线/ uri。

这是一台小型服务器，可以回答路由。

私有val locationKey = AttributeKey（“ location”）

Select Public

可以看出，我正在使用val module = fun Application.() { install(Routing) { intercept(ApplicationCallPipeline.Call) { val location = call.request.local.uri call.attributes.put(locationKey, location) } get("{...}") { val location = call.attributes[locationKey] call.respond(location) } } }来获取通话的uri。

当我导航到call.request.local.uri时，服务器将以http://localhost:5001/hello/route进行回答。

这能回答您的问题吗？

KTOR：如何在呼叫处理之前找到位置信息？

1 个答案: