search

SkywardApps / popcorn

Popcorn is a .Net Middleware for your RESTful API that allows your consumers to request exactly as much or as little as they need, with no effort from you.
https://skywardapps.github.io/popcorn/
MIT License
59 stars 19 forks source link

Add Authorizers to restrict access to objects #9

Closed alexbarbato closed 7 years ago

alexbarbato commented 7 years ago

We need to be able to assign functions to restrict access to certain object, potentially based on the Context.

Imagine for example I'm interacting with an auction website API. I may request the status of a particular auction, and as part of that object there is a list of 'bids' on the auction. I should only see my own, not bids belonging to anyone else.

I should be able to attach a function to the 'Bid' object type to restrict it from being projected (either as a property or within a collection) if my criteria isn't met.

undiwahn commented 7 years ago

I'm currently implementing this!

alexbarbato commented 7 years ago

Code completed and uploaded to master