2

I would validate if the currenlty active user has permission to acces the company. Below I have two samples of GET and PUT request, to fetch company details and to updated company details. Is it possible to write a Data Annotation so I can point, or send a property to it so I'm able to validate if the user can access it?

Sample:

[ValidateCompanyPermission("companyId")]
[HttpGet]
public async Task<IActionResult> GetCompany(long companyId)
{
    
}

public class CompanyRequest
{
    public long UpdatedById { get; set; }
    public string NewCompanyName
}

[ValidateCompanyPermission("UserRequest.UpdatedById")]
[HttpPut]
public async Task<IActionResult> GetCompanz(CompanyRequest companyRequest)
{
    
}
Improve this question

1 Answer 1

Reset to default
0

If sending parameters to the attribute logic is what you want, it's not possible. I quote vcsjones in the same question answered here

Attributes are meta data. Parameter values must be a constant value.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.