httpSetPermission()
The function httpSetPemission() allows to define more fine grained user permissions for a specific URL used with the HTTP Server.
Synopsis
int
httpSetPermission(
string
url,
mapping
permission);
Parameter
| Parameter | Description |
|---|---|
| url |
A URL (a directory) or a pattern: e.g. "/data/start.html", "/pictures/*". See the examples at the end of this chapter. |
| permission |
A mapping containing key-value pairs: Key: "allowUsers" or "denyUsers" Value: "allowUsers" provides access to users and "denyUsers" prevents the access - see examples further below. The value can be a single string or a dyn_string of a user_definition: user_definition: <user name or pattern> or pattern, e.g. "*"(== any user), "pa*" , (see patternMatch()) Key: "allowUnknownUsers" Value: bool, when you set this value to true, users who are not project members yet, can still access project resources. |
Return value
0 when the function was successfully executed and -1 in case of errors.
Error
The same URL cannot be added twice. If the URL is added twice, the function returns -1. Other return errors are e.g. unknown mapping keywords, wrong data types.
Description
Every call of the function httpSetPermission uses the CTRL function patternMatch() for the pattern matching. The matching URL/pattern is searched in two steps:
First the exact match is searched and then matches via patternMatch() are searched. See examples below.
A call of the function httpSetPermission adds an entry to an internal permissions table. When a client requests a URL but the URL is not found in the permissions table, the access is allowed (apart from already existing rules that apply, e.g. root user not allowed, disabled user not allowed, etc.)
EXAMPLE
The example denies URLs for all known users except users whose names start with "g".
#uses "CtrlHTTP"
main()
{
httpServer("Negotiate");
httpSetPermission("/w*", makeMapping("allowUsers",
makeDynString("g*"),"denyUsers","*"));
}EXAMPLE
The example allows access to all pictures even for unknown users.
#uses "CtrlHTTP"
main()
{
httpServer("Negotiate");
httpSetPermission("/pictures/*", makeMapping("allowUsers", "*",
"allowUnknownUsers",true));
}EXAMPLE
The example allows access for all known users to /data/test but forbids any other URL below the data directory for everybody.
#uses "CtrlHTTP"
main()
{
httpServer("Negotiate");
httpSetPermission("/data/test", makeMapping("allowUsers",
"*"));
httpSetPermission("/data/*", makeMapping("denyUsers", "*"));
}Assignment
CTRL PlugIn
Availability
CTRL
