Prevent entity being returned by OData $extend behaviour

368 views Asked by At

In my entity model I've got loads of entities that link to the user that created them. Here's a simple example...

public partial class JobNote
{
    public int Id { get; set; }
    public int JobId { get; set; }
    public string Note { get; set; }
    public System.DateTime CreatedDate { get; set; }
    public int UserId { get; set; }
    public bool IsDeleted { get; set; }

    public virtual Job Job { get; set; }
    public virtual User User { get; set; }
}

I want to expose the JobNotes via an OData endpoint but I don't want to expose the user at the moment because it contains the password and hash salt.

If I just remove the edmxModelBuilder.EntitySet<EF.User>("Users") line from my OData model then I can't get the JobNote or any other object that's associated with a user.

If I remove the password and salt properties from my entity framework model I can't use my model to validate my users in other areas of the application. I can probably work around that but I'd see it as a last resort rather than the fix.

I'm looking at using the HasNavigationPropertyLink method for the User property but I don't really understand how it works yet.

Edit: Okay, I've got my navigation property link created....

var noteConfig = edmxModelBuilder.EntitySet<EF.JobNote>("JobNotes");

IEdmModel edmxModel = edmxModelBuilder.GetEdmModel();   

noteConfig.HasNavigationPropertyLink(
       noteConfig.EntityType.NavigationProperties.Single(x => x.Name == "User"),
       (entityContext, navigationProperty) =>
           new Uri(entityContext.Url.ODataLink(
               new EntitySetPathSegment("Users"),
               new KeyValuePathSegment(entityContext.EntityInstance.Id.ToString()),
               new NavigationPathSegment(navigationProperty.Name))),
       false);

... but it's giving me the same issue. I presume that's because I'm updating the configuration after I've already built the model but I can't re-build and re-assign it.

1

There are 1 answers

1
Rolfvm On BEST ANSWER

I guess you dont want to remove te password and salt from the entity framework mapping. In the edm modelmapping you can also just ignore the properties, so it wont be exposed in odata.

modelBuilder.Entity().Ignore(u => u.PasswordHash);

You can also ignore the entire user property the same way