score:1
You can add multiple conditions to IQueryable dynamically. So you can do something like:
[PrincipalPermission(SecurityAction.Demand, Role="DepartmentManager")]
public IEnumerable<Employee> GetManagedEmployees()
{
// build base query
var query = from e in context.Employees
select e;
// add condition
query = AddDepartmentPermissions(query);
return query.AsEnumerable();
}
And your AddDepartmentPermissions will look like:
private IQueryable<Employee> AddDepartmentPermission(IQueryable<Employee> query)
{
int departmentId = GetAllowedDepartmentSomewhere();
return query.Where(e => e.Department.Id == departmentId);
}
This is just an example where PrincipalPermission don't allow calling GetManagedEmployees for non manager roles and AddDepartmentPermission adds query part for selection employees only from allowed department.
The main point is that you can wrap IQueryable<T> to methods which will modify query. I believe it should be even possible to add Interception (aspects) directly to properties exposing ObjectSet and dynamically add query parts dealing with security.
Source: stackoverflow.com
Related Query
- LINQ Source Code Available
- .NET 4 Code Contracts: "requires unproven: source != null"
- How to dynamic add filters to a LINQ query against an Odata Source in C#
- add triggers in EF
- Code Example for Add DateTime and TimeSpan in EF query
- creating Linq to sqlite dbml from DbLinq source code
- Can't add a new record with an integer value into database by using linq from code C#
- EF Code first - add collection to a collection, appropriate usage of skip() and take()
- Add Try-Catch Block to XAML Code
- source code for LINQ 101 samples
- Chaining MapHierarchy() to add more Cases in EF code first
- how can i add source node as child node in project?
- List or Array of String Contain specific word in Html Source Code
- c# Linq or code to extract groups from a single list of source data
- Add TPT Inherited Code First Model to Linq Fluent API
- ASP.NET Add cell to Gridview row with string from code behind
- Convert string[] to int[] in one line of code using LINQ
- Code equivalent to the 'let' keyword in chained LINQ extension method calls
- Value cannot be null. Parameter name: source
- Linq code to select one item
- C# - code to order by a property using the property name as a string
- How do I find the text within a div in the source of a web page using C#
- Roslyn failed to compile code
- How to add an item to a Mock DbSet (using Moq)
- How do you add an index field to Linq results
- Entity-framework code is slow when using Include() many times
- The data source does not support server-side data paging
- Add items to a collection if the collection does NOT already contain it by comparing a property of the items?
- How are people unit testing code that uses Linq to SQL
- You must add a reference to assembly mscorlib, version=4.0.0
More Query from same tag
- Group in Linq with Max: How do I get the full data set of the max value?
- Problems with converting a C# code to VB.net
- Unable to cast object of type 'WhereEnumerableIterator`1[Object]' to type 'System.Linq.IQueryable`1[Object]'
- How do I get an Object from the Primary Key
- C# Collection Group by performance Optimization
- implicit conversion from object to boolean
- LINQ to Entities group by and Count()
- How to get DbSet<SomeClass> (EF) from the dbContext using reflection?
- Custom Sorting using c# Linq Expressions
- LINQ TO SQL am I missing something obvious here?
- Filtering include items in LINQ and Entity Framework
- Linq select all items where in list with groupby
- Kendo UI Grid adding new record not posting data to server side
- How can I extract just the first record in a "one to many" relationship via LINQ?
- What does this C# code with an "arrow" mean and how is it called?
- Entity Framework query student grade for a specific subject
- Insert All only inserts last record? LINQ to SQL
- How to get records affected by an update stored procedure in LINQ to SQL
- Numeric value does not fit in a System.Decimal
- ASP.Net C# MVC Group domain model and place results into ViewModel
- DataContext Refresh and PropertyChanging & PropertyChanged Events
- Linq query for joining tables Mvc Asp
- Multiple sums in a single LINQ query fire multiple SQL queries
- InsertOnSubmit constraints
- Existing LINQ extension method similar to Parallel.For?
- Flatten and group complex objects in Linq and preserve null children
- Combine two lists of entities with a condition
- The method ‘Skip’ is only supported for sorted input in LINQ to Entities. The method ‘OrderBy’ must be called before the method ‘Skip’
- SQL to LINQ convertion with full outer join
- Using LINQ to exclude a Child Node from a collection of the same name
