-Added REST per-endpoint permissions.

-Added REST endpoint "/v2/server/restart".
-Added REST endpoint "/v2/server/reload".
-Added REST endpoint "/v3/server/rawcmd", will output all returned lines as an array instead.
-Added "uptime", "serverpassword", "rules/ServerSideInventory" fields to REST endpoint "/v2/server/status".
-REST requests are now logged.
-Endpoint "/v2/server/rawcmd" does now check whether the user has the sufficient permission to execute the command.
-Fixed Config.EnableTokenEndpointAuthentication not working properly before.
-Removed obsolete "api" permission (only "restapi" now).

TShockAPI/Permissions.cs

@@ -73,7 +73,7 @@ namespace TShockAPI
 		[Description("Allows you to bypass the max slots for up to 5 slots above your max")] public static readonly string
 			reservedslot;
 
-		[Description("User is notified when an update is available")] public static readonly string maintenance;
+		[Description("User is notified when an update is available, user can turn off / restart the server.")] public static readonly string maintenance;
 
 		[Description("User can kick others")] public static readonly string kick;
 
@@ -177,16 +177,68 @@ namespace TShockAPI
 
 	    [Description("User can elevate other users' groups temporarily.")] public static readonly string settempgroup;
 
-	    [Description("User can download updates to plugins that are currently running.")] public static readonly string updateplugins;
-        static Permissions()
+		[Description("User can download updates to plugins that are currently running.")] public static readonly string updateplugins;
+
+		#region Rest Endpoint Permissions
+		[Description("Rest user can turn off / restart the server.")]
+		public static readonly string restmaintenance;
+
+		[Description("Rest user can reload configurations, save the world and set auto save settings.")]
+		public static readonly string restcfg;
+
+
+		[Description("Rest user can list and get detailed information about users.")]
+		public static readonly string restviewusers;
+
+		[Description("Rest user can alter users.")]
+		public static readonly string restmanageusers;
+
+		[Description("Rest user can list and get detailed information about bans.")]
+		public static readonly string restviewbans;
+
+		[Description("Rest user can alter bans.")]
+		public static readonly string restmanagebans;
+
+		[Description("Rest user can list and get detailed information about groups.")]
+		public static readonly string restviewgroups;
+
+		[Description("Rest user can alter groups.")]
+		public static readonly string restmanagegroups;
+
+
+		[Description("Rest user can get user information.")]
+		public static readonly string restuserinfo;
+
+		[Description("Rest user can kick players.")]
+		public static readonly string restkick;
+
+		[Description("Rest user can ban players.")]
+		public static readonly string restban;
+
+		[Description("Rest user can mute and unmute players.")]
+		public static readonly string restmute;
+
+		[Description("Rest user can kill players.")]
+		public static readonly string restkill;
+
+
+		[Description("Rest user can drop meteors or change bloodmoon.")]
+		public static readonly string restcauseevents;
+
+		[Description("Rest user can butcher npcs.")]
+		public static readonly string restbutcher;
+
+
+		[Description("Rest user can run raw TShock commands (the raw command permissions are also checked though).")]
+		public static readonly string restrawcommand;
+		#endregion
+
+		static Permissions()
 		{
 			foreach (var field in typeof (Permissions).GetFields())
 			{
 				field.SetValue(null, field.Name);
 			}
-
-            //Backwards compatability.
-            restapi = "api";
 		}
 
         /// <summary>