Using Interceptors with Ado.Net Data Services and Telerik OpenAccess ORM

ADO.NET Data Services enables an application to intercept request messages so that you can add custom logic to an operation. You can use this custom logic to validate data that goes to the client or returns to be persisted on the server. You can also use it to modify and filter further the scope of a query request, or add in that way a custom authorization policy on a per request basis.

Interception is performed by specially attributed methods in the data service. These methods are called by ADO.NET Data Services at the appropriate point in message processing. Interceptors cannot accept parameters. Query interceptor methods, which are called when processing an HTTP GET request, must return a lambda expression that is used by the data service to further refine the requested operation. Change interceptors on the other hand are invoked when the data is returned for processing on the server. They must return void (Nothing in Visual Basic).

While there is nothing special how Interceptor methods interact with Telerik OpenAccess ORM, we will briefly demonstrate their use. We used the SilverLight sample application.

Lets show some code:

public class OADataService : DataService<OADataContext>
{
    [QueryInterceptor("Orders")]
    public Expression<Func<Order, bool>> OnQueryOrders()
    {
         return c => c.OrderID == 10248;
    }

…

This is a query interceptor that that filters the result set of the Orders entity set to just the contents of the Order with ID that equals 10248.

The following code demonstrates an change interceptor that does not allows the entry of a product with an ID of 42, for ordering inside an order:

[ChangeInterceptor("OrderDetails")]
   public void OnChangeDetails(OrderDetail c, UpdateOperations ops)
    {
        if (ops == UpdateOperations.Add ||
           ops == UpdateOperations.Change)
        {
            // single word, no spaces
            if (c.ProductID == 42)
            {
                throw new DataServiceException(400,
                            "This product is not in stock and is not allowed for ordering.");
            }
        }
    }

Both methods are defined inside the OADataService. Also don’t forget to give appropriate rights to the entity sets for the allowed operations (in our case we allow all operations):

public static void InitializeService(IDataServiceConfiguration config)
    {
        config.SetEntitySetAccessRule("*",EntitySetRights.All);
    }

So happy experimenting with Ado.Net Data Services, Interceptors and Telerik OpenAccess ORM