Class EnableQueryAttribute
This class defines an attribute that can be applied to an action to enable querying using the OData query syntax. To avoid processing unexpected or malicious queries, use the validation settings on EnableQueryAttribute to validate incoming queries. For more information, visit http://go.microsoft.com/fwlink/?LinkId=279712.
[AttributeUsage(AttributeTargets.Class|AttributeTargets.Method, Inherited = true, AllowMultiple = false)]
public class EnableQueryAttribute : ActionFilterAttribute- Inheritance
-
EnableQueryAttribute
- Derived
Constructors
EnableQueryAttribute()
Enables a controller action to support OData query parameters.
public EnableQueryAttribute()Properties
AllowedArithmeticOperators
Gets or sets a value that represents a list of allowed arithmetic operators including 'add', 'sub', 'mul', 'div', 'mod'.
public AllowedArithmeticOperators AllowedArithmeticOperators { get; set; }Property Value
AllowedFunctions
Gets or sets a value that represents a list of allowed functions used in the $filter query. The allowed functions include the following:[list type="definition"] [item] [term]String related[/term] [description]substringof, endswith, startswith, length, indexof, substring, tolower, toupper, trim, concat e.g. ~/Customers?$filter=length(CompanyName) eq 19[/description] [/item] [item] [term]DateTime related[/term] [description]year, years, month, months, day, days, hour, hours, minute, minutes, second, seconds e.g. ~/Employees?$filter=year(BirthDate) eq 1971[/description] [/item] [item] [term]Math related[/term] [description]round, floor, ceiling[/description] [/item] [item] [term]Type related[/term] [description]isof, cast[/description] [/item] [item] [term]Collection related[/term] [description]any, all[/description] [/item] [/list]
public AllowedFunctions AllowedFunctions { get; set; }Property Value
AllowedLogicalOperators
Gets or sets a value that represents a list of allowed logical Operators such as 'eq', 'ne', 'gt', 'ge', 'lt', 'le', 'and', 'or', 'not'.
public AllowedLogicalOperators AllowedLogicalOperators { get; set; }Property Value
AllowedOrderByProperties
Gets or sets a string with comma seperated list of property names. The queryable result can only be ordered by those properties defined in this list.Note, by default this string is null, which means it can be ordered by any property.For example, setting this value to null or empty string means that we allow ordering the queryable result by any properties. Setting this value to "Name" means we only allow queryable result to be ordered by Name property.
public string AllowedOrderByProperties { get; set; }Property Value
AllowedQueryOptions
Gets or sets the query parameters that are allowed in queries. The default is all query options, including $filter, $skip, $top, $orderby, $expand, $select, $inlineCount, $format and $skiptoken.
public AllowedQueryOptions AllowedQueryOptions { get; set; }Property Value
EnableConstantParameterization
Gets or sets a value indicating whether constants should be parameterized. Parameterizing constants would result in better performance with Entity framework.
public bool EnableConstantParameterization { get; set; }Property Value
- bool
The default value is true.
EnsureStableOrdering
Gets or sets a value indicating whether query composition should alter the original query when necessary to ensure a stable sort order.
public bool EnsureStableOrdering { get; set; }Property Value
- bool
A true value indicates the original query should be modified when necessary to guarantee a stable sort order. A false value indicates the sort order can be considered stable without modifying the query. Query providers that ensure a stable sort order should set this value to false. The default value is true.
HandleNullPropagation
Gets or sets a value indicating how null propagation should be handled during query composition.
public HandleNullPropagationOption HandleNullPropagation { get; set; }Property Value
- HandleNullPropagationOption
The default is Default.
MaxAnyAllExpressionDepth
Gets or sets the maximum depth of the Any or All elements nested inside the query. This limit helps prevent Denial of Service attacks. The default value is 1.
public int MaxAnyAllExpressionDepth { get; set; }Property Value
- int
The maxiumum depth of the Any or All elements nested inside the query.
MaxExpansionDepth
Gets or sets the max expansion depth for the $expand query option. To disable the maximum expansion depth check, set this property to 0.
public int MaxExpansionDepth { get; set; }Property Value
MaxNodeCount
Gets or sets the maximum number of nodes inside the $filter syntax tree. The default value is 100.
public int MaxNodeCount { get; set; }Property Value
MaxOrderByNodeCount
Gets or sets the maximum number of expressions that can be present in the $orderby.
public int MaxOrderByNodeCount { get; set; }Property Value
MaxSkip
Gets or sets the max value of $skip that a client can request.
public int MaxSkip { get; set; }Property Value
MaxTop
Gets or sets the max value of $top that a client can request.
public int MaxTop { get; set; }Property Value
PageSize
Gets or sets the maximum number of query results to send back to clients.
public int PageSize { get; set; }Property Value
- int
The maximum number of query results to send back to clients.
Methods
ApplyQuery(IQueryable, ODataQueryOptions)
Applies the query to the given IQueryable based on incoming query from uri and query settings. By default, the implementation supports $top, $skip, $orderby and $filter. Override this method to perform additional query composition of the query.
public virtual IQueryable ApplyQuery(IQueryable queryable, ODataQueryOptions queryOptions)Parameters
queryableIQueryableThe original queryable instance from the response message.
queryOptionsODataQueryOptionsThe ODataQueryOptions instance constructed based on the incoming request.
Returns
ApplyQuery(object, ODataQueryOptions)
Applies the query to the given entity based on incoming query from uri and query settings.
public virtual object ApplyQuery(object entity, ODataQueryOptions queryOptions)Parameters
entityobjectThe original entity from the response message.
queryOptionsODataQueryOptionsThe ODataQueryOptions instance constructed based on the incoming request.
Returns
- object
The new entity after the $select and $expand query has been applied to.
GetModel(Type, HttpRequestMessage, HttpActionDescriptor)
Gets the EDM model for the given type and request. Override this method to customize the EDM model used for querying.
public virtual IEdmModel GetModel(Type elementClrType, HttpRequestMessage request, HttpActionDescriptor actionDescriptor)Parameters
elementClrTypeTypeThe CLR type to retrieve a model for.
requestHttpRequestMessageThe request message to retrieve a model for.
actionDescriptorHttpActionDescriptorThe action descriptor for the action being queried on.
Returns
- IEdmModel
The EDM model for the given type and request.
OnActionExecuted(HttpActionExecutedContext)
Performs the query composition after action is executed. It first tries to retrieve the IQueryable from the returning response message. It then validates the query from uri based on the validation settings on EnableQueryAttribute. It finally applies the query appropriately, and reset it back on the response message.
public override void OnActionExecuted(HttpActionExecutedContext actionExecutedContext)Parameters
actionExecutedContextHttpActionExecutedContextThe context related to this action, including the response message, request message and HttpConfiguration etc.
ValidateQuery(HttpRequestMessage, ODataQueryOptions)
Validates the OData query in the incoming request. By default, the implementation throws an exception if the query contains unsupported query parameters. Override this method to perform additional validation of the query.
public virtual void ValidateQuery(HttpRequestMessage request, ODataQueryOptions queryOptions)Parameters
requestHttpRequestMessageThe incoming request.
queryOptionsODataQueryOptionsThe ODataQueryOptions instance constructed based on the incoming request.