I have a database with several tenants, where each table in my database has a column "tenant_id". I would like to open an OData service on this database using RESTier, where each request of my service will include a JWT that contains a request indicating what data for the tenant will be available. How can I filter records returned only for incoming tenants?
From reading the documents at http://odata.imtqy.com/RESTier , it looks like this โFeature Set Filtersโ function is designed to solve this script scenario, therefore, assuming I can extract tenant_id from the incoming JWT to set the current main principle, I would have to do something like this:
private IQueryable<customer> OnFilterCustomers(IQueryable<customer> customers)
{
var principal = ClaimsPrincipal.Current;
var tenantId = principal.Claims.FirstOrDefault(c => c.Type == "tenantid").Value;
return customers.Where(c => c.tenant_id == tenantId);
}
Is this the most suitable place to do this job? Are there examples of performing row-level filters based on the header of an authorization request?
I would also like to hide the tenant_id column from my EDM - is there a mechanism for this?
source
share