CODEWITHSUNDEEP
servicestackservicestack-autoquery
Shawn de Wet
Shawn de Wet

Reputation: 5996

ServiceStack ValidationRules not honored after migration from SSv6.x to SS8.x

We have a project built on .Net 6, ServiceStack 6.x, in which we used AutoQuery to generate DTOs. We then saved those DTOs (by running x csharp) in the project. Here is a sample of what they look like:

[Route("/vehicles", "GET")]
[Route("/vehicles/{Id}", "GET")]
[DataContract]
public class QueryVehicles
    : QueryDb<Vehicle>, IReturn<QueryResponse<Vehicle>>, IGet
{
    [DataMember(Order = 1)]
    public long? Id { get; set; }
}

[Route("/vehicletypes", "GET")]
[Route("/vehicletypes/{Id}", "GET")]
[DataContract]
public class QueryVehicleTypes
    : QueryDb<VehicleType>, IReturn<QueryResponse<VehicleType>>, IGet
{
    [DataMember(Order = 1)]
    public long? Id { get; set; }
}

We use the ValidationRule table to assign dynamic validation rules, and in the case of the two above, the IsAuthenticated validation rule applies.

This all works fine in .Net6/SS6.x. But after migrating to .Net8/SS8.2.2, the IsAuthenticated validation rule is not being honored. I am able to query them without logging in first.

What's interesting is that there are a couple of endpoints in which we have overridden the AutoQuery-based Services, like this one:

public class CompaniesService : Service
{
    public IAutoQueryDb AutoQuery { get; set; }
    public IDbConnectionFactory ConnectionFactory { get; set; }

    public CompaniesService(IDbConnectionFactory dbConnectionFactory)
    {
        ConnectionFactory = dbConnectionFactory;
    }
    public async Task<object> Any(QueryCompanies query)
    {
        using var db = AutoQuery.GetDb(query, base.Request);
        var q = AutoQuery.CreateQuery(query, base.Request, db);
        if (query.CompanyTypeId.HasValue)
        {
            var session = await SessionAsAsync<SeritiUserSession>();
            q = q
                .Join<CompanyCompanyTypeMapping>()
                .Where<CompanyCompanyTypeMapping>(x => x.CompanyTypeId == query.CompanyTypeId)
                .Where<Company>(x => x.CountryId == session.CountryId);
            var implicitJoin = db.Select(q);
            return await AutoQuery.ExecuteAsync(query, q, base.Request, db);
        }
        else
        {
            return await AutoQuery.ExecuteAsync(query, q, base.Request, db);
        }

    }
}

And in that case, the IsAuthenticated ValidationRule IS honored.

What am I missing?

Upvotes: 0

Views: 17

Answers (0)

Related Questions