Webservice with Permissions

Introduction

Consider if you want to use Iguana to act as a corporate webservice to serve up data to various people in your company. We can leverage the user permission system built into Iguana to do that.

Because people have different roles it’s nice to be able to serve up different available webservices based on their role.  Also some webservice queries might serve up different data depending on the role of the user.

We can power this off Iguana’s built in user permission system by leveraging the group feature. Different requests can be mapped to different functions for different groups.

This channel shows how this can be done using the iguana.action and iguana.user modules. It also makes use of the basic authentication for user authentication.

If you have any questions please contact us at support@interfaceware.com.

Using the Code [top]

  • Import the Webservice with Permissions channel from the Builtin: Iguana Webservices repository
  • Experiment with the code to find out how it works
  • Then add the module(s) to your Translator project
  • Copy the require statement from the channel and add it at the top of your script
    Note: The iguana.user.lua module uses require to return a table
    Note: The iguana.action.lua module uses require to return a table
    Note: The web.basicauth.lua module uses require to return a table
  • Adapt the code to your own requirements
  • Interactive scripting help is included for this module

This is the github code for the main module:

How it works [top]

This example uses Iguana’s built in user permission system by leveraging the group feature. Different requests are mapped to different functions for different groups. This is done using the iguana.action and iguana.user modules. It also makes use of the basic authentication for the user authentication.

This is how the code works;

  1. First we use the SetupActions() function to setup the Dispatcher which defines the groups and actions available to each group.
  2. Then we use net.http.parseRequest{} to parse the HTTP request we received.
  3. We authenticate the user using basicauth.isAuthorized().
    1. If the authentication fails (user is not logged in) then we use basicauth.requireAuthorization() to enable them to login.
  4. We use basicauth.getCredentials() to get the user name and password.
  5. Then we use the Dispatcher:dispatch{} function to retrieve the action to take:
    1. The action is defined by the Location parsed from the HTTP GET request.
      This has no parameter so it uses the default function:

      This has the “reset” action parameter so it uses the AdminReset() function:
  6. Finally we use an if statement to process the returned action, and handle errors.

You can also add new groups and actions.
Note: You must change the group priority or it will overwrite the settings for any previous group with the same priority.

  1. This is a new group:
  2. These are the two new actions functions that it uses:
  3. And this is how works on the web page:

If you have any questions please contact us at support@interfaceware.com

More information [top]