QueryInterceptorAttribute Class
This page is specific to:.NET Framework Version:
3.54
.NET Framework Class Library
QueryInterceptorAttribute Class

The QueryInterceptorAttribute on a method annotates it as a query interceptor on the specified entity set.

Namespace:  System.Data.Services
Assembly:  System.Data.Services (in System.Data.Services.dll)
Syntax
Copy to ClipboardPrint
'Usage

Dim instance As QueryInterceptorAttribute

'Declaration

<AttributeUsageAttribute(AttributeTargets.Method, AllowMultiple := True, Inherited := True)> _
Public NotInheritable Class QueryInterceptorAttribute _
    Inherits Attribute
Remarks

Entity set-level authorization and validation is implemented by methods annotated with the QueryInterceptorAttribute. ADO.NET Data Services do not implement security policies but instead provide the infrastructure required for service developers to write their own security rules and business validation.

Entity set access control and validation is enabled through query operations by using query composition. To control entity-based access, implement a method-per-entity set according to the following rules:

The method must have public scope and be annotated with the QueryInterceptorAttribute, taking the name of a entity set as a parameter.

The method must accept no parameters.

The method must return an expression of type Expression<Func<T, bool>> that is the filter to be composed for the entity set.
Examples

The following example controls access to the Customers entity set. Each Customer can only see Orders associated with that Customer. 

[QueryInterceptor("Orders")]
public Expression<Func<Order, bool>> FilterOrders() 
{
    return o => o.Customer.Name == /* Current principal name. */;
} 
 
// Insures that the user accessing the customer(s) has the appropriate
// rights as defined in the QueryRules object to access the customer
// resource(s).
 
[QueryInterceptor ("Customers")]
public Expression<Func<Customer, bool>> FilterCustomers() 
{
  return c => c.Name == /* Current principal name. */ &&
              this.CurrentDataSource.QueryRules.Contains(
                rule => rule.Name == c.Name &&
                        rule.CustomerAllowedToQuery == true
              );
}
Inheritance Hierarchy
System..::.Object
  System..::.Attribute
    System.Data.Services..::.QueryInterceptorAttribute
Thread Safety
Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Platforms

Windows 7, Windows Vista, Windows XP SP2, Windows Server 2008 R2, Windows Server 2008, Windows Server 2003

The .NET Framework and .NET Compact Framework do not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
Version Information

.NET Framework

Supported in: 3.5 SP1
See Also

Reference

QueryInterceptorAttribute Members
System.Data.Services Namespace
Community Content

Simple VB Example
Added by:ssta
Imports System.Linq
Imports System.Linq.Expressions

























<QueryInterceptor("Customers")> _
Public Function FilterCustomers() As Expression(Of Func(Of Customers, Boolean))
     Return Function(c) c.Deleted = False 
End Function




© 2010 Microsoft Corporation. All rights reserved.   Terms of Use | Trademarks | Privacy Statement
Page view tracker
Rate the Lightweight library
x
Lightweight builds on ScriptFree (loband) by adding features you've requested: a SearchBox and default code language selection.
Do you like the SearchBox?
Do you like the tabbed code blocks?
How useful is this topic?
Tell us more.
Thanks
x
You're helping to improve MSDN Online.
Feedback
Switch View
x
Classic
Lightweight Beta
ScriptFree
Switch View