public static void RequestFilter(IHttpRequest req, IHttpResponse res, object requestDto)
{
// Determine if the Request DTO type has a MyRoleAttribute.
// If it does not, run the validation normally. Otherwise defer doing that, it will happen after MyRoleAttribute.
if (!requestDto.GetType().HasAttribute <MyRoleAttribute>())
{
Console.WriteLine("Running Validation");
ValidationFilters.RequestFilter(req, res, requestDto);
return;
}
Console.WriteLine("Deferring Validation until Roles are checked");
}
public override void Execute(IHttpRequest req, IHttpResponse res, object requestDto)
{
Console.WriteLine("Checking for required role");
// Replace with your actual role checking code
var role = req.GetParam("role");
if (role == null || !_roles.Contains(role))
{
throw HttpError.Unauthorized("You don't have the correct role");
}
Console.WriteLine("Has required role");
// Perform the deferred validation
Console.WriteLine("Running Validation");
ValidationFilters.RequestFilter(req, res, requestDto);
}
/// <summary>
/// Activate the validation mechanism, so every request DTO with an existing validator
/// will be validated.
/// </summary>
/// <param name="appHost">The app host</param>
public void Register(IAppHost appHost)
{
Enabled = true;
var filter = new ValidationFilters();
this.appHost = appHost;
appHost.RequestFilters.Add(filter.RequestFilter);
existingHandler = appHost.ServiceExceptionHandler;
appHost.ServiceExceptionHandler = HandleException;
}
