asp.net - Web API filter response according to what the user is allowed to read -
i have web api implementing ordinary methods so:
public class productcontroller : apicontroller { [httpget] public async task<ienumerable<product>> get() { var result = await repo.getallproducts(); return result; } } i add filter result according products user allowed see (let allowed see products yellow example...).
i'm using asp.net identity authenticating users. can't see how role-based or claim-based authorization me. maybe implementing action filters? ideas?
Comments
Post a Comment