public static void RequestFilter(IHttpRequest req, IHttpResponse res, object requestDto) { // Determine if the Request DTO type has a MyRoleAttribute. // If it does not, run the validation normally. Otherwise defer doing that, it will happen after MyRoleAttribute. if (!requestDto.GetType().HasAttribute <MyRoleAttribute>()) { Console.WriteLine("Running Validation"); ValidationFilters.RequestFilter(req, res, requestDto); return; } Console.WriteLine("Deferring Validation until Roles are checked"); }
public override void Execute(IHttpRequest req, IHttpResponse res, object requestDto) { Console.WriteLine("Checking for required role"); // Replace with your actual role checking code var role = req.GetParam("role"); if (role == null || !_roles.Contains(role)) { throw HttpError.Unauthorized("You don't have the correct role"); } Console.WriteLine("Has required role"); // Perform the deferred validation Console.WriteLine("Running Validation"); ValidationFilters.RequestFilter(req, res, requestDto); }
/// <summary> /// Activate the validation mechanism, so every request DTO with an existing validator /// will be validated. /// </summary> /// <param name="appHost">The app host</param> public void Register(IAppHost appHost) { Enabled = true; var filter = new ValidationFilters(); this.appHost = appHost; appHost.RequestFilters.Add(filter.RequestFilter); existingHandler = appHost.ServiceExceptionHandler; appHost.ServiceExceptionHandler = HandleException; }