webapi odata,限制对实体的访问
[英]webapi odata, restrict access to entities
问题描述
For example, we have Car object. 
例如,我们有Car对象。
public class Car
{
public string Name {get; set;}
public City City {get; set;}
}
public class City
{
public string Name {get; set;}
}
And, on client we make oData request api/Cars which return all cars. 并且,在客户端,我们向oData请求api/Cars ,该api/Cars返回所有汽车。 But, I want to restrict set of records programmaticaly. 但是,我想以编程方式限制记录集。 For example, current user can retrieves only Cars from New York city. 例如,当前用户只能从New York市取回Cars 。 What is best way to do this? 最好的方法是什么?
And general question, how to restrict access to entities or properties for different users? 还有一个普遍的问题,如何限制不同用户对实体或属性的访问?
1 个解决方案
解决方案1
0 2014-07-18 01:32:20
Try modifying the "Get" method which returns the collection of cars in the controller class to restrict the returned set according to the received Request. 尝试修改“获取”方法,该方法返回控制器类中的汽车集合,以根据收到的请求限制返回的集合。
You can save and read cookies to store the information which is used to do this restriction. 您可以保存和读取Cookie,以存储用于执行此限制的信息。
Check this for how to use cookies in webapi: 检查以下内容以了解如何在webapi中使用cookie:
http://www.asp.net/web-api/overview/working-with-http/http-cookies http://www.asp.net/web-api/overview/working-with-http/http-cookies
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.