For example, we have Car
object.
public class Car
{
public string Name {get; set;}
public City City {get; set;}
}
public class City
{
public string Name {get; set;}
}
And, on client we make oData request api/Cars
which return all cars. But, I want to restrict set of records programmaticaly. For example, current user can retrieves only Cars
from New York
city. What is best way to do this?
And general question, how to restrict access to entities or properties for different users?
Try modifying the "Get" method which returns the collection of cars in the controller class to restrict the returned set according to the received Request.
You can save and read cookies to store the information which is used to do this restriction.
Check this for how to use cookies in webapi:
http://www.asp.net/web-api/overview/working-with-http/http-cookies
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.