ODataValidationSettings, System.Web.Http.OData.Query C# (CSharp)代码示例

示例#1

0

显示文件

文件： MyOrderByValidator.cs 项目： KutsyndaPavlo/SkifApp

 // Disallow the 'desc' parameter for $orderby option.
 public override void Validate(OrderByQueryOption orderByOption,
                                 ODataValidationSettings validationSettings)
 {
     if (orderByOption.OrderByNodes.Any(
             node => node.Direction == OrderByDirection.Descending))
     {
         throw new ODataException("The 'desc' option is not supported.");
     }
     base.Validate(orderByOption, validationSettings);
 }

示例#2

0

显示文件

文件： OrderController.cs 项目： nickgoodrow/ODataSamples

            public override void ValidateSingleValuePropertyAccessNode(SingleValuePropertyAccessNode propertyAccessNode, ODataValidationSettings settings)
            {
                // Validate if we are accessing some sensitive property of Order, such as Quantity
                if (propertyAccessNode.Property.Name == "Quantity")
                {
                    throw new ODataException("Filter with Quantity is not allowed.");
                }

                base.ValidateSingleValuePropertyAccessNode(propertyAccessNode, settings);
            }

示例#3

0

显示文件

文件： ODataValidationSettingsTest.cs 项目： samgithub-duplicate/aspnetwebstack

        public void AllowedOrderByProperties_Property_RoundTrips()
        {
            ODataValidationSettings settings = new ODataValidationSettings();
            Assert.NotNull(settings.AllowedOrderByProperties);
            Assert.Equal(0, settings.AllowedOrderByProperties.Count);

            settings.AllowedOrderByProperties.Add("Id");
            settings.AllowedOrderByProperties.Add("Name");

            Assert.Equal(2, settings.AllowedOrderByProperties.Count);
            Assert.Equal("Id", settings.AllowedOrderByProperties[0]);
            Assert.Equal("Name", settings.AllowedOrderByProperties[1]);
        }

示例#4

0

显示文件

文件： ODataValidationSettingsTest.cs 项目： samgithub-duplicate/aspnetwebstack

        public void Ctor_Initializes_All_Properties()
        {
            // Arrange & Act
            ODataValidationSettings querySettings = new ODataValidationSettings();

            // Assert
            Assert.Equal(AllowedArithmeticOperators.All, querySettings.AllowedArithmeticOperators);
            Assert.Equal(AllowedFunctions.AllFunctions, querySettings.AllowedFunctions);
            Assert.Equal(AllowedLogicalOperators.All, querySettings.AllowedLogicalOperators);
            Assert.Equal(0, querySettings.AllowedOrderByProperties.Count);
            Assert.Equal(AllowedQueryOptions.Supported, querySettings.AllowedQueryOptions);
            Assert.Equal(1, querySettings.MaxAnyAllExpressionDepth);
            Assert.Equal(100, querySettings.MaxNodeCount);
            Assert.Null(querySettings.MaxSkip);
            Assert.Null(querySettings.MaxTop);
        }

示例#5

0

显示文件

文件： AbuseController.cs 项目： GusLab/video-portal

        public async Task<HttpResponseMessage> Get(string id, ODataQueryOptions<UserInfo> options)
        {
            await _watchProjectService.CheckProjectAsync(id, UserId);

            var validationSettings = new ODataValidationSettings
            {
                MaxTop = 100,
                AllowedArithmeticOperators = AllowedArithmeticOperators.None,
                AllowedFunctions = AllowedFunctions.None,
                AllowedLogicalOperators = AllowedLogicalOperators.None,
                AllowedQueryOptions = AllowedQueryOptions.Skip | AllowedQueryOptions.Top
            };

            // Validating OData
            try
            {
                options.Validate(validationSettings);
            }
            catch (Exception)
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.InvalidQueryOptions));
            }

            // Parsing filter parameters
            DataQueryOptions filter;
            try
            {
                filter = _mapper.Map<ODataQueryOptions, DataQueryOptions>(options);
            }
            catch (AutoMapperMappingException)
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.InvalidQueryOptions));
            }

            // Retrieving projects
            IEnumerable<UserInfo> users;
            try
            {
                users = await _projectAbuseService.GetProjectReportersSequenceAsync(id, filter);
            }
            catch (NotSupportedException)
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.BadRequest));
            }

            return Request.CreateResponse(HttpStatusCode.OK, users);
        }

示例#6

0

显示文件

文件： OrderController.cs 项目： nickgoodrow/ODataSamples

        // Note this can be done through Queryable attribute as well
        public IQueryable<Order> Get(ODataQueryOptions queryOptions)
        {
            // Register a custom FilterByValidator to disallow custom logic in the filter query
            if (queryOptions.Filter != null)
            {
                queryOptions.Filter.Validator = new RestrictiveFilterByQueryValidator();
            }

            // Validate the query, we only allow order by Id property and 
            // we only allow maximum Top query value to be 9
            ODataValidationSettings settings = new ODataValidationSettings(){ MaxTop = 9 };
            settings.AllowedOrderByProperties.Add("Id");
            queryOptions.Validate(settings);

            // Apply the query
            return queryOptions.ApplyTo(OrderList.AsQueryable()) as IQueryable<Order>;
        }

示例#7

0

显示文件

文件： TrendsController.cs 项目： GusLab/video-portal

        public async Task<HttpResponseMessage> GetWeek(ODataQueryOptions<TrendingWatch> options)
        {
            var validationSettings = new ODataValidationSettings
            {
                MaxTop = 100,
                AllowedArithmeticOperators = AllowedArithmeticOperators.None,
                AllowedFunctions = AllowedFunctions.None,
                AllowedLogicalOperators = AllowedLogicalOperators.Equal | AllowedLogicalOperators.And,
                AllowedQueryOptions = AllowedQueryOptions.Filter | AllowedQueryOptions.Skip | AllowedQueryOptions.Top
            };

            // Validating OData
            try
            {
                options.Validate(validationSettings);
            }
            catch (Exception)
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.InvalidQueryOptions));
            }

            // Parsing filter parameters
            DataQueryOptions filter;
            try
            {
                filter = _mapper.Map<ODataQueryOptions, DataQueryOptions>(options);
            }
            catch (AutoMapperMappingException)
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.InvalidQueryOptions));
            }

            // Retrieving projects
            IEnumerable<TrendingWatch> watchProjects;
            try
            {
                watchProjects = await _viewsService.GetWeeklyTrendsSequenceAsync(filter);
            }
            catch (NotSupportedException)
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.BadRequest));
            }

            return Request.CreateResponse(HttpStatusCode.OK, watchProjects);
        }

示例#8

0

显示文件

文件： ExamplesController.cs 项目： GusLab/video-portal

        public async Task<HttpResponseMessage> Get(ODataQueryOptions<ExampleProject> options)
        {
            var validationSettings = new ODataValidationSettings
            {
                MaxTop = 100,
                AllowedArithmeticOperators = AllowedArithmeticOperators.None,
                AllowedFunctions = AllowedFunctions.None,
                AllowedLogicalOperators = AllowedLogicalOperators.None,
                AllowedQueryOptions = AllowedQueryOptions.Skip | AllowedQueryOptions.Top | AllowedQueryOptions.OrderBy
            };

            // Validating OData
            try
            {
                options.Validate(validationSettings);
            }
            catch (Exception)
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.InvalidQueryOptions));
            }

            // Parsing filter parameters
            DataQueryOptions filter;
            try
            {
                filter = _mapper.Map<ODataQueryOptions, DataQueryOptions>(options);
            }
            catch (AutoMapperMappingException)
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.InvalidQueryOptions));
            }

            // Retrieving projects
            var projects = await _exampleProjectService.GetSequenceAsync(filter);

            return Request.CreateResponse(HttpStatusCode.OK, projects);
        }

示例#9

0

显示文件

文件： QueryableAttribute.cs 项目： Swethach/aspnetwebstack

 /// <summary>
 /// Enables a controller action to support OData query parameters.
 /// </summary>
 public QueryableAttribute()
 {
     EnsureStableOrdering = true;
     _validationSettings = new ODataValidationSettings();
 }

示例#10

0

显示文件

文件： WatchController.cs 项目： GusLab/video-portal

        public async Task<HttpResponseMessage> Get(ODataQueryOptions<Watch> options)
        {
            var validationSettings = new ODataValidationSettings
            {
                MaxTop = 100,
                AllowedArithmeticOperators = AllowedArithmeticOperators.None,
                AllowedFunctions = AllowedFunctions.None,
                AllowedLogicalOperators =
                    AllowedLogicalOperators.Equal | AllowedLogicalOperators.And | AllowedLogicalOperators.GreaterThan | AllowedLogicalOperators.GreaterThanOrEqual | AllowedLogicalOperators.LessThan |
                    AllowedLogicalOperators.LessThanOrEqual,
                AllowedQueryOptions = AllowedQueryOptions.Filter | AllowedQueryOptions.OrderBy |
                                      AllowedQueryOptions.Skip | AllowedQueryOptions.Top | AllowedQueryOptions.InlineCount
            };

            validationSettings.AllowedOrderByProperties.Add("Name");
            validationSettings.AllowedOrderByProperties.Add("Created");
            validationSettings.AllowedOrderByProperties.Add("HitsCount");


            // Validating OData
            try
            {
                options.Validate(validationSettings);
            }
            catch (Exception)
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.InvalidQueryOptions));
            }


            // Parsing filter parameters
            DataQueryOptions filter;
            try
            {
                filter = _mapper.Map<ODataQueryOptions, DataQueryOptions>(options);
            }
            catch (AutoMapperMappingException)
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.InvalidQueryOptions));
            }


            // Special instructions for UserId filtering
            DataFilterRule userIdFilter = filter.Filters.FirstOrDefault(f => string.Compare(f.Name, NameOfHelper.PropertyName<Watch>(x => x.UserId),
                StringComparison.OrdinalIgnoreCase) == 0 && f.Type == DataFilterTypes.Equal);
            if (userIdFilter == null || userIdFilter.Value == null)
            {
                // For backward compatibility we treats not specified or empty UserId as current user
                if (string.IsNullOrEmpty(UserId))
                {
                    throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.Unauthorized, ResponseMessages.UnathorizedRequest));
                }

                if (userIdFilter == null)
                {
                    userIdFilter = new DataFilterRule { Name = NameOfHelper.PropertyName<Watch>(x => x.UserId), Type = DataFilterTypes.Equal, Value = UserId };
                    filter.Filters.Add(userIdFilter);
                }
                else
                {
                    userIdFilter.Value = UserId;
                }
            }
            else if (string.Compare(userIdFilter.Value.ToString(), UserIdAllConstant, StringComparison.OrdinalIgnoreCase) == 0)
            {
                // special constant $all means not filtering by UserId
                userIdFilter.Value = null;
            }


            // Retrieving projects
            DataResult<Watch> watchProjects;
            try
            {
                watchProjects = await _watchProjectRepository.GetSequenceAsync(filter, UserId);
            }
            catch (NotSupportedException)
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.BadRequest));
            }

            if (filter.Count)
            {
                var pageResult = new PageResult<Watch>(watchProjects.Results, null, watchProjects.Count);
                return Request.CreateResponse(HttpStatusCode.OK, pageResult);
            }

            return Request.CreateResponse(HttpStatusCode.OK, watchProjects.Results);
        }

示例#11

0

显示文件

文件： ClientSubscriptionStatisticsController.cs 项目： GusLab/video-portal

        public async Task<HttpResponseMessage> Get(string id, ODataQueryOptions<TrackingStatPerUrl> options)
        {
            var validationSettings = new ODataValidationSettings
            {
                MaxTop = 100,
                AllowedArithmeticOperators = AllowedArithmeticOperators.None,
                AllowedFunctions = AllowedFunctions.None,
                AllowedLogicalOperators =
                    AllowedLogicalOperators.Equal | AllowedLogicalOperators.And,
                AllowedQueryOptions =
                    AllowedQueryOptions.Filter | AllowedQueryOptions.OrderBy | AllowedQueryOptions.Skip | AllowedQueryOptions.Top | AllowedQueryOptions.InlineCount
            };

            // Validating query options
            try
            {
                options.Validate(validationSettings);
            }
            catch (Exception)
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.InvalidQueryOptions));
            }


            // Parsing filter parameters
            DataQueryOptions filter;
            try
            {
                filter = _mapper.Map<ODataQueryOptions, DataQueryOptions>(options);
            }
            catch (AutoMapperMappingException)
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.InvalidQueryOptions));
            }

            // Get company for user
            DomainCompany company = await _companyService.FindByUserAsync(UserId);

            // Find subscription
            CompanySubscription subscription = company.Subscriptions.FirstOrDefault(s => s.Id == id);
            if (subscription == null)
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.NotFound, ResponseMessages.ResourceNotFound));
            }


            // Get stats
            DataResult<DomainTrackingStatPerUrl> stats;
            try
            {
                stats = await _urlTrackingStatService.GetStatsPerUrlAsync(id, filter);
            }
            catch (NotSupportedException)
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.BadRequest));
            }
            catch (ArgumentException)
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.BadRequest));
            }

            IEnumerable<TrackingStatPerUrl> results = stats.Results.Select(r => _mapper.Map<DomainTrackingStatPerUrl, TrackingStatPerUrl>(r));

            if (filter.Count)
            {
                var pageResult = new PageResult<TrackingStatPerUrl>(results, null, stats.Count);
                return Request.CreateResponse(HttpStatusCode.OK, pageResult);
            }

            return Request.CreateResponse(HttpStatusCode.OK, results);
        }

示例#12

0

显示文件

文件： ValidatorTests.cs 项目： ZhaoYngTest01/WebApi

 public void VerifyValidateOptions(ODataValidationSettings settings, string query, bool success)
 {
     var response = this.Client.PostAsync(
         this.BaseAddress + "/api/ValidatorTests/ValidateOptions?" + query,
         new ObjectContent<ODataValidationSettings>(settings, new JsonMediaTypeFormatter())).Result;
     if (success)
     {
         response.EnsureSuccessStatusCode();
     }
     else
     {
         Assert.Equal(HttpStatusCode.BadRequest, response.StatusCode);
     }
 }

示例#13

0

显示文件

文件： ProductsController.cs 项目： KutsyndaPavlo/SkifApp

        public PageResult<Product> GetProducts(ODataQueryOptions<Product> options)
        {
            var settings = new ODataQuerySettings()
            {
                PageSize = 1
            };

            if (options.OrderBy != null)
            {
                options.OrderBy.Validator = new MyOrderByValidator();
            }

            var settingsVal = new ODataValidationSettings()
            {
                // Initialize settings as needed.
                AllowedFunctions = AllowedFunctions.AllMathFunctions
            };
            // Validate
            options.Validate(settingsVal);

            IQueryable results = options.ApplyTo(Repository.GetAll().Select(AsProductTo), settings);

            return new PageResult<Product>(
                results as IEnumerable<Product>,
                Request.GetNextPageLink(),
                Request.GetInlineCount());
        }

示例#14

0

显示文件

文件： ODataQueryOptionTest.cs 项目： ZhaoYngTest01/WebApi

        public void Validate_ThrowsValidationErrors_ForOrderBy()
        {
            // Arrange
            var model = new ODataModelBuilder().Add_Customer_EntityType().GetEdmModel();

            var message = new HttpRequestMessage(
                HttpMethod.Get,
                new Uri("http://server/service/Customers?$orderby=CustomerId,Name")
            );

            var options = new ODataQueryOptions(new ODataQueryContext(model, typeof(Customer)), message);
            ODataValidationSettings validationSettings = new ODataValidationSettings { MaxOrderByNodeCount = 1 };

            // Act & Assert
            Assert.Throws<ODataException>(() => options.Validate(validationSettings),
                "The number of clauses in $orderby query option exceeded the maximum number allowed. The maximum number of $orderby clauses allowed is 1.");
        }

示例#15

0

显示文件

文件： SkipQueryOptionTests.cs 项目： naulizzang/aspnetwebstack

        public void CanTurnOffValidationForSkip()
        {
            // Arrange
            ODataValidationSettings settings = new ODataValidationSettings()
            {
                MaxSkip = 10
            };
            SkipQueryOption option = new SkipQueryOption("11", ValidationTestHelper.CreateCustomerContext());

            // Act and Assert
            Assert.Throws<ODataException>(() =>
                option.Validate(settings),
                "The limit of '10' for Skip query has been exceeded. The value from the incoming request is '11'.");
            option.Validator = null;
            Assert.DoesNotThrow(() => option.Validate(settings));
        }

示例#16

0

显示文件

文件： QueryCompositionControllers.cs 项目： naulizzang/aspnetwebstack

        public override void ValidateConstantNode(ConstantNode constantNode, ODataValidationSettings settings)
        {
            // Validate that client did not send a big constant in the query
            if (Convert.ToInt32(constantNode.Value) > 100)
            {
                throw new ODataException("Any constant that is more than 100 is not allowed.");
            }

            base.ValidateConstantNode(constantNode, settings);
        }

示例#17

0

显示文件

文件： ClientSubscriptionGroupedByDateStatisticsController.cs 项目： GusLab/video-portal

        public async Task<IEnumerable<TrackingStatPerDate>> Get(string id, [FromUri] ClientSubscriptionStatUrlModel model, ODataQueryOptions<TrackingStatPerDate> options)
        {
            var validationSettings = new ODataValidationSettings
            {
                AllowedArithmeticOperators = AllowedArithmeticOperators.None,
                AllowedFunctions = AllowedFunctions.None,
                AllowedLogicalOperators =
                    AllowedLogicalOperators.Equal | AllowedLogicalOperators.LessThan | AllowedLogicalOperators.LessThanOrEqual | AllowedLogicalOperators.GreaterThan |
                    AllowedLogicalOperators.GreaterThanOrEqual | AllowedLogicalOperators.And,
                AllowedQueryOptions = AllowedQueryOptions.Filter
            };

            // Validating query options
            try
            {
                options.Validate(validationSettings);
            }
            catch (Exception)
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.InvalidQueryOptions));
            }


            // Parsing filter parameters
            DataQueryOptions filter;
            try
            {
                filter = _mapper.Map<ODataQueryOptions, DataQueryOptions>(options);
            }
            catch (AutoMapperMappingException)
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.InvalidQueryOptions));
            }


            // Get company for user
            DomainCompany company = await _companyService.FindBySubscriptionAsync(id);

            if (!company.Users.Contains(UserId))
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.Forbidden, ResponseMessages.Forbidden));
            }

            // Find subscription
            CompanySubscription subscription = company.Subscriptions.FirstOrDefault(s => s.Id == id);
            if (subscription == null)
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.NotFound, ResponseMessages.ResourceNotFound));
            }

            // Get stats
            IEnumerable<DomainTrackingStatPerDate> stats;
            try
            {
                stats = await _urlTrackingStatService.GetStatsPerDateAsync(id, model.Url, filter);
            }
            catch (NotSupportedException)
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.BadRequest));
            }
            catch (ArgumentException)
            {
                throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.BadRequest));
            }

            IEnumerable<TrackingStatPerDate> results = stats.Select(r => _mapper.Map<DomainTrackingStatPerDate, TrackingStatPerDate>(r));
            return results;
        }

示例#18

0

显示文件

文件： AdminUserProjectsController.cs 项目： GusLab/video-portal

        public async Task<HttpResponseMessage> Get(string id, ODataQueryOptions<AdminProject> options)
        {
            // Checks whether user exists
            await _userService.GetAsync(id);

            var validationSettings = new ODataValidationSettings
            {
                MaxTop = 100,
                AllowedArithmeticOperators = AllowedArithmeticOperators.None,
                AllowedFunctions = AllowedFunctions.None,
                AllowedLogicalOperators =
                    AllowedLogicalOperators.Equal | AllowedLogicalOperators.LessThan | AllowedLogicalOperators.LessThanOrEqual | AllowedLogicalOperators.GreaterThan |
                    AllowedLogicalOperators.GreaterThanOrEqual | AllowedLogicalOperators.And,
                AllowedQueryOptions = AllowedQueryOptions.Filter | AllowedQueryOptions.OrderBy | AllowedQueryOptions.Skip | AllowedQueryOptions.Top | AllowedQueryOptions.InlineCount
            };

            validationSettings.AllowedOrderByProperties.Add("Name");
            validationSettings.AllowedOrderByProperties.Add("Created");
            validationSettings.AllowedOrderByProperties.Add("ProductType");

            try
            {
                options.Validate(validationSettings);
            }
            catch (Exception)
            {
                return Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.InvalidQueryOptions);
            }


            // retrieving projects
            DataResult<Task<DomainProjectForAdmin>> result;
            IEnumerable<Task<AdminProject>> projectTasks;
            DataQueryOptions filter;

            // parsing filter parameters
            try
            {
                filter = _mapper.Map<ODataQueryOptions, DataQueryOptions>(options);
            }
            catch (AutoMapperMappingException)
            {
                return Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.InvalidQueryOptions);
            }


            filter.Filters.Add(new DataFilterRule
            {
                Name = NameOfHelper.PropertyName<DomainProjectForAdmin>(x => x.UserId),
                Type = DataFilterTypes.Equal,
                Value = id
            });


            try
            {
                // filtering projects
                result = await _adminProjectService.GetAsyncSequenceAsync(filter);
                projectTasks = result.Results.Select(t => t.ContinueWith(u => _mapper.Map<DomainProjectForAdmin, AdminProject>(u.Result)));
            }
            catch (NotSupportedException)
            {
                return Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.BadRequest);
            }

            // loading and shaping all projects
            List<AdminProject> projects = (await Task.WhenAll(projectTasks)).ToList();

            if (filter.Count)
            {
                var pageResult = new PageResult<AdminProject>(projects, null, result.Count);
                return Request.CreateResponse(HttpStatusCode.OK, pageResult);
            }

            return Request.CreateResponse(HttpStatusCode.OK, projects);
        }

示例#19

0

显示文件

文件： AdminProjectsController.cs 项目： GusLab/video-portal

        public async Task<HttpResponseMessage> Get(ODataQueryOptions<AdminProject> options)
        {
            var validationSettings = new ODataValidationSettings
            {
                MaxTop = 100,
                AllowedArithmeticOperators = AllowedArithmeticOperators.None,
                AllowedFunctions = AllowedFunctions.None,
                AllowedLogicalOperators =
                    AllowedLogicalOperators.Equal | AllowedLogicalOperators.LessThan | AllowedLogicalOperators.LessThanOrEqual | AllowedLogicalOperators.GreaterThan |
                    AllowedLogicalOperators.GreaterThanOrEqual | AllowedLogicalOperators.And,
                AllowedQueryOptions =
                    AllowedQueryOptions.Filter | AllowedQueryOptions.OrderBy | AllowedQueryOptions.Skip | AllowedQueryOptions.Top | AllowedQueryOptions.Format | AllowedQueryOptions.InlineCount
            };

            validationSettings.AllowedOrderByProperties.Add("Name");
            validationSettings.AllowedOrderByProperties.Add("Created");
            validationSettings.AllowedOrderByProperties.Add("ProductType");

            try
            {
                options.Validate(validationSettings);
            }
            catch (Exception)
            {
                return Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.InvalidQueryOptions);
            }


            // Determine media formatter
            IContentNegotiator negotiator = Configuration.Services.GetContentNegotiator();
            ContentNegotiationResult negotiationResult = negotiator.Negotiate(typeof (AdminProject), Request, Configuration.Formatters);
            if (negotiationResult == null)
            {
                return Request.CreateErrorResponse(HttpStatusCode.NotAcceptable, ResponseMessages.NotAcceptable);
            }

            // Parsing filter parameters
            DataQueryOptions filter;
            try
            {
                filter = _mapper.Map<ODataQueryOptions, DataQueryOptions>(options);
            }
            catch (AutoMapperMappingException)
            {
                return Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.InvalidQueryOptions);
            }


            // CSV
            if (negotiationResult.Formatter is ProjectForAdminCsvFormatter)
            {
                // get csv service
                ICsvPublishService csvService = _csvPublishServiceFactory.GetService<AdminProject>();

                // send the link to the future csv file
                string fileName = string.Format("{0}.csv", Guid.NewGuid());
                Uri fileUri = csvService.GetAccessCsvUri(fileName);
                HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Accepted);
                response.Headers.Location = fileUri;

                // disable paging
                filter.Take = null;

                // start csv publishing in background thread
                Task.Run(() => csvService.PublishAsync(filter, fileName, new CancellationTokenSource())).NoWarning();

                return response;
            }


            // Filtering projects
            DataResult<Task<DomainProjectForAdmin>> result;
            IEnumerable<Task<AdminProject>> projectTasks;
            try
            {
                result = await _adminProjectService.GetAsyncSequenceAsync(filter);
                projectTasks = result.Results.Select(t => t.ContinueWith(u => _mapper.Map<DomainProjectForAdmin, AdminProject>(u.Result)));
            }
            catch (NotSupportedException)
            {
                return Request.CreateErrorResponse(HttpStatusCode.BadRequest, ResponseMessages.BadRequest);
            }


            // Loading and shaping all projects
            List<AdminProject> projects = (await Task.WhenAll(projectTasks)).ToList();

            if (filter.Count)
            {
                var pageResult = new PageResult<AdminProject>(projects, null, result.Count);
                return Request.CreateResponse(HttpStatusCode.OK, pageResult);
            }

            return Request.CreateResponse(HttpStatusCode.OK, projects);
        }

示例#20

0

显示文件

文件： FilterQueryOption.cs 项目： ZhaoYngTest01/WebApi

        /// <summary>
        /// Validate the filter query based on the given <paramref name="validationSettings"/>. It throws an ODataException if validation failed.
        /// </summary>
        /// <param name="validationSettings">The <see cref="ODataValidationSettings"/> instance which contains all the validation settings.</param>
        public void Validate(ODataValidationSettings validationSettings)
        {
            if (validationSettings == null)
            {
                throw Error.ArgumentNull("validationSettings");
            }

            if (Validator != null)
            {
                Validator.Validate(this, validationSettings);
            }
        }

示例#21

0

显示文件

文件： FilterQueryOptionTest.cs 项目： quentez/aspnetwebstack

        public void CanTurnOffValidationForFilter()
        {
            ODataValidationSettings settings = new ODataValidationSettings() { AllowedFunctions = AllowedFunctions.AllDateTimeFunctions };
            ODataQueryContext context = ValidationTestHelper.CreateCustomerContext();
            FilterQueryOption option = new FilterQueryOption("substring(Name,8,1) eq '7'", context);

            Assert.Throws<ODataException>(() =>
                option.Validate(settings),
                "Function 'substring' is not allowed. To allow it, set the 'AllowedFunctions' property on QueryableAttribute or QueryValidationSettings.");

            option.Validator = null;
            Assert.DoesNotThrow(() => option.Validate(settings));
        }

示例#22

0

显示文件

文件： ODataQueryOptionTest.cs 项目： sujiantao/aspnetwebstack

        public void CanTurnOffAllValidation()
        {
            // Arrange
            HttpRequestMessage message = new HttpRequestMessage(
                HttpMethod.Get,
                new Uri("http://localhost/?$filter=Name eq 'abc'")
            );

            ODataQueryContext context = ValidationTestHelper.CreateCustomerContext();
            ODataQueryOptions option = new ODataQueryOptions(context, message);
            ODataValidationSettings settings = new ODataValidationSettings()
            {
                AllowedQueryOptions = AllowedQueryOptions.OrderBy
            };

            // Act & Assert
            Assert.Throws<ODataException>(() => option.Validate(settings),
                "Query option 'Filter' is not allowed. To allow it, set the 'AllowedQueryOptions' property on QueryableAttribute or QueryValidationSettings.");

            option.Validator = null;
            Assert.DoesNotThrow(() => option.Validate(settings));

        }

示例#23

0

显示文件

文件： QueryCompositionControllers.cs 项目： naulizzang/aspnetwebstack

        public override void Validate(OrderByQueryOption option, ODataValidationSettings validationSettings)
        {
            // validate the orderby is executed in a way that one can order either by Id or by Name, but not both
            if (option.OrderByNodes.Count > 1)
            {
                throw new ODataException("Order by more than one property is not allowed.");
            }

            base.Validate(option, validationSettings);
        }

示例#24

0

显示文件

文件： ValidatorTests.cs 项目： ZhaoYngTest01/WebApi

 public IQueryable<ValidatorTests_Todo> ValidateWithCustomValidator(ODataQueryOptions options)
 {
     if (options.Filter != null)
     {
         options.Filter.Validator = new CustomFilterValidator();
     }
     try
     {
         ODataValidationSettings settings = new ODataValidationSettings();
         options.Validate(settings);
     }
     catch (ODataException ex)
     {
         throw new HttpResponseException(this.Request.CreateErrorResponse(HttpStatusCode.BadRequest, ex));
     }
     return options.ApplyTo(todoes.AsQueryable()) as IQueryable<ValidatorTests_Todo>;
 }

示例#25

0

显示文件

文件： QueryableAttribute.cs 项目： naulizzang/aspnetwebstack

 /// <summary>
 /// Enables a controller action to support OData query parameters.
 /// </summary>
 public QueryableAttribute()
 {
     _validationSettings = new ODataValidationSettings();
     _querySettings = new ODataQuerySettings();
 }

示例#26

0

显示文件

文件： ValidatorTests.cs 项目： ZhaoYngTest01/WebApi

 public override void ValidateSingleValuePropertyAccessNode(Microsoft.Data.OData.Query.SemanticAst.SingleValuePropertyAccessNode propertyAccessNode, ODataValidationSettings settings)
 {
     if (propertyAccessNode.Property.Name == "ID")
     {
         visited = true;
     }
     base.ValidateSingleValuePropertyAccessNode(propertyAccessNode, settings);
 }

示例#27

0

显示文件

文件： OrderByQueryOptionTest.cs 项目： ZhaoYngTest01/WebApi

        public void CanTurnOffValidationForOrderBy()
        {
            // Arrange
            ODataQueryContext context = ValidationTestHelper.CreateCustomerContext();

            OrderByQueryOption option = new OrderByQueryOption("Name", context);
            ODataValidationSettings settings = new ODataValidationSettings();
            settings.AllowedOrderByProperties.Add("Id");

            // Act & Assert
            Assert.Throws<ODataException>(() => option.Validate(settings),
                "Order by 'Name' is not allowed. To allow it, set the 'AllowedOrderByProperties' property on EnableQueryAttribute or QueryValidationSettings.");

            option.Validator = null;
            Assert.DoesNotThrow(() => option.Validate(settings));
        }

示例#28

0

显示文件

文件： ValidatorTests.cs 项目： ZhaoYngTest01/WebApi

        public override void Validate(FilterQueryOption filterQueryOption, ODataValidationSettings settings)
        {
            base.Validate(filterQueryOption, settings);

            if (!visited)
            { 
                throw new ODataException("$filter query must contain ID property");
            }
        }

C# (CSharp) System.Web.Http.OData.Query ODataValidationSettings示例