views:

318

answers:

1

I have written an application using LINQ-to-SQL that submits a web form into a database. I absact the LINQ-to-SQL away using a Repository pattern.

This repository has the basic methods: Get(), Save(), etc.

As a development of the project, I needed to encrypt certain fields in the form. This was trivial, as I just added the encryption calls to the Get(), Save() methods in the Repository.

Now, I want to put an oData layer over it, to allow RESTful extraction from MS Excel 2010 (when it comes out). I have this working, after a few stumbles on useless error messages, etc.

However, obviously, those encrypted fields are still encrypted. My repository pattern would have decrypted these for me. As far as I know, I have to directly bind my oData service to the LINQ-to-SQL context for the schema, etc. to work - unless I enter a whole world of pain (any URLs appreciated).

Is there a way I can insert my encryption/decryption layer into the request so decryption is done "on the fly"? I looked at the OnStartProcessingRequest() overload of DataService but this doesn't seem that useful.

+1  A: 

You don't have to bind directly to L2S to expose an OData service. You can write your own Context class and use the Reflection Provider Directly to infer a model from the IQueryable properties your class exposes.

Note: the L2S approach you are using is just using the Reflection provider too.

The key to this is simply wrapping the L2S DataContext's queryables (see this) so you can inject yourself into the query execution:

  1. Simply forward the generated expression to L2S and run the query in the database.
  2. As the results are returned from L2S you can then enumerate them in memory doing the decryption on the fly, before returning them to Data Services.

For more information on Reflection Provider check out this post.

Hope this helps

Alex James

OData / Data Service Program Manager

Alex James