public static void RequestFilter(IHttpRequest req, IHttpResponse res, object requestDto) { // Determine if the Request DTO type has a MyRoleAttribute. // If it does not, run the validation normally. Otherwise defer doing that, it will happen after MyRoleAttribute. if (!requestDto.GetType().HasAttribute <MyRoleAttribute>()) { Console.WriteLine("Running Validation"); ValidationFilters.RequestFilter(req, res, requestDto); return; } Console.WriteLine("Deferring Validation until Roles are checked"); }
public override void Execute(IHttpRequest req, IHttpResponse res, object requestDto) { Console.WriteLine("Checking for required role"); // Replace with your actual role checking code var role = req.GetParam("role"); if (role == null || !_roles.Contains(role)) { throw HttpError.Unauthorized("You don't have the correct role"); } Console.WriteLine("Has required role"); // Perform the deferred validation Console.WriteLine("Running Validation"); ValidationFilters.RequestFilter(req, res, requestDto); }