we have an api which we are performing integrity checks on it. i.e checking that client that requests the operation is allowed to get the info. right now we are implementing across teams validation attribute for each endpoint this is gruesome pain. each method signature that differs in parameters (i.e one is a class of some kind and one is a string of id) creates a new attribute and now we have tons of attributes that checks integrity for each request and we collide in code meaning if someone already created that attribute and it wasn't merged to dev we can not know this . in addition, we need a way (right now it is a unit tests) that checks that all mvc methods are covered with this check. is there any effective general and a more concentrated way to do this?
would love your comments here is some example code -
my suggestions were using reflection in one validation service. or simply not using the attributes and just a general class but this doesn't enforce
[DashboardActionValidation(eDashboardActions.ViewAccountStatements)] public class someController : basecontroller { private readonly IValidationService _someService;
public someController (IAccountStatementService accountStatementService, IValidationService _omeService, validationService) : base(validationService)
{
}
[HttpPost]
[SomeIntegrityCheck("model")]
public ActionResult GetAll(AccountStatementRequestModel model)
{
return new JsonNetResult(_someService.GetSomeResultToClient(model));
}
}
as I said I want an effective way to enforce this across all developed API code in the company.
Aucun commentaire:
Enregistrer un commentaire