Home/ Questions/Q 6598771
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-25T18:23:51+00:00

I’m building an ASP.NET MVC3 website with an code first database and have the

  • 0

I’m building an ASP.NET MVC3 website with an code first database and have the following question:

Is it possible to make an instance of MyDbContext class with an additional argument set which will be used for filtering the results of calls to mydbcontext.

I want to use this for restricting the resultset to the current user that is logged in on my asp.net mvc website.

Any directions would be great!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I don’t see why that should be a problem. Something like this should work:

    public class Northwind : DbContext
{
    public DbSet<Product> Products { get; set; }
    public DbSet<Category> Categories { get; set; }
}

public class FilteredNorthwind : Northwind
{
   public IQueryable<Products> GetFilteredProducts(string userRole)
   {
        return Products.Where(product => product.UserRole == userRole);
   }
}

    Update

    To make it impossible for your MyDbContext to be abused, you could put all your database code and models into a separate project/assembly. Then make your DbContext an internal class (instead of public), then create a public class (FilteredDbContext) that wraps your MyDbContext and exposes methods that allow you to only grab the data your allowed to see. Then in your main assembly (your web project), you will only be able to use FilteredDbContext.

    So, for example:

    internal class Northwind : DbContext // note: internal class
{
    public DbSet<Product> Products { get; set; }
    public DbSet<Category> Categories { get; set; }
}

public class FilteredNorthwind // note: does not inherit from `Northwind`
{
   private readonly _dbContext = new Northwind();

   public IQueryable<Products> GetProducts(string userRole)
   {
        return _dbContext.Products.Where(product => product.UserRole == userRole);
   }
}

    If Northwind and FilteredNorthwind are in a separate assembly from your web app, you can instantiate only FilteredNorthwind from your web app.

    Update 2

    If you use a ViewModel, then your web app can’t get back to the list of all products for a category because you extract out only the properties you need (and only the properties the user is allowed to see).

    public class ProductViewModel
{
    public int Id { get; set; }
    public string Name { get; set; }
    public decimal Price { get; set; }
}

public IEnumerable<Products> GetProducts(string userRole)
{
    return _dbContext.Products
        .Where(product => product.UserRole == userRole)
        .Select(product => new ProductViewModel
        {
            Id = product.Id,
            Name = product.Name,
            Price = product.Price
        };
}
    • 0