tags:

views:

595

answers:

2
Q: 

Query interceptor to return true if the entity is in a list of items in ado.net data services

I'm using ado.net data services and want to implement row level security in the query interceptor to limit the data to only return data that the user is allowed to see. The complexity comes in in that the user name for the the user is on another table. So I thought I could retrieve a list of events that the user can see according to the entry in the OnlineSubscription table for that user and then return whether the current event matches any entries that are returned as follows:

[QueryInterceptor("Events")]
public Expression<Func<Events, bool>> QueryEvents()
{

  var allowedEventList = (from os in context.OnlineSubscription
                          from e in os.Events
                         where os.UserName == HttpContext.Current.User.Identity.Name
                         select e;

return e => events.Intersect(new List<Events>
                                         {
                                                 e
                                         }).Any();
}

However this throws a "Not implemented" exception. So my question is: Is there a right way to compare the current entity to a list of entities in the query interceptor?

EDIT: I've also tried:

return e => events.Any(evnt => evnt.Event_Key == e.Event_Key);

without any success (once again getting the "Not implemented" exception).

+1  A: 

Apparently this fails because by using the lambda expression events.Any... it's already querying in the initial context (ie. querying on Events straight) and then when you add the events.Any clause it also tries to query on the new context (ie. the nested "from" of Events within OnlineSubscription) so it understandably throws an exception.

I then used:

[QueryInterceptor("Events")]
public Expression<Func<Events, bool>> QueryEvents()
{    
    return e => e.OnlineSubscription.Any(os => os.UserName == HttpContext.Current.User.Identity.Name);
}

Which works since this is just querying in the same context as the initial query and merely traverses through relationships.

James_2195  2009-04-17 04:38:02
A: 

Really? I'm getting a "Not Implemented" exception with this code:

[QueryInterceptor("Products")]
public Expression<Func<Product, bool>> QueryProducts()
{
    return p => p.User.Username == HttpContext.Current.User.Identity.Name;
}

It works fine if I filter by a property on the Product object itself, but not via any of it's relationships.

 2009-07-03 01:05:20
Ok, found the problem. It needs to be like:string user = HttpContext.Current.User.Identity.Name;return p => p.User.Username == user;Instead and then it works. I guess it's just because ADO.NET Data Entity Model doesn't know how to translate the HttpContext reference as a parameter to be passed in while Linq to SQL does.
 2009-07-03 01:16:07

related questions

ADO.NET Data Services with Linq-to-SQL
ADO.Net Entity Framework across multiple databases
LINQ joins and ADO.NET Data Services
LINQ to Entities and creating a new instance of an entity
Substituting Astoria Payload?
ADO.NET Data Services - format parameter - xml / json
Resource not found for segment 'Property'
How do I use ."Include" on a Service Operation for ADO.Net Data Services
Consume ado.net data service from a non-dotnet-3.5 client
How to force ADO.NET Entity Framework to regenerate code?
How do I increase the size of data sent to ADO.Net Data Services?
How do I configure ASP.net MVC to Scaffold using ADO.net dataservice??
ADO.NET DataService: Passing parameter to [WebInvoke] Method
Does LINQ Support Composable "OR Queries"?
Can I Access an ADO .Net Data Service from Silverlight accross domain if I have a proper crossdomain.xml file in place and do not rely on the ADO .Net Silverlight Client components?
ADO.NET Data Services 'Astoria' and Caching
Expand all child objects by default
WCF REST vs. ADO.NET Data Services
ADO.NET Data Service -- non .NET consumers
In ADO.Net Data Services how do I check if an entity is already in the context?
What is the best way to use the .SaveChanges() method in ADO.Net Data Services?
What are the alternatives to using Expand in a LINQ to ADO.net Data Service Query?
How does ADO.Net Data services support POST being something other than create?
Problem rolling out ADO.Net Data Service application to IIS
guid REST URL for ado.net dataservice call?