How can I access a ServiceStack.net session in my validation code?
public class UserSettingsValidator : AbstractValidator<UserSettingsRequest>
{
public UserSettingsValidator()
{
RuleFor(x => x.UserId)
.SetValidator(new PositiveIntegerValidator())
.SetValidator(new UserAccessValidator(session.UserId)); //<-- I need to pass the UserID from the session here
}
}
In the Service Implementation I just do:
var session = base.SessionAs<UserSession>();
but this does not work for my abstract validator.
Thanks!
Edit: this is version 3.9.71.0
I assume you are just using the
ValidationFeature
plugin, as most do. If that's the case, then I don't think it is possible. Ultimately theValidationFeature
is a plugin which uses aRequestFilter
.I wanted to do something similar before too, then realised it wasn't possible.
The
RequestFilter
is run before theServiceRunner
. See the order of operations guide here.What this means to you is your populated request DTO reaches your service, and the validation feature's request filter will try validate your request, before it has even created the
ServiceRunner
.The
ServiceRunner
is where an instance of your service class becomes active. It is your service class instance that will be injected with yourUserSession
object.So effectively you can't do any validation that relies on the session at this point.
Overcomplicated ?:
It is possible to do validation in your service method, and you could create a custom object that would allow you pass the session along with the object you want to validate. (See next section). But I would ask yourself, are you overcomplicating your validation?
For a simple check of the request
UserId
matching the session'sUserId
, presumably you are doing this so the user can only make changes to their own records; Why not check in the service's action method and throw anException
? I am guessing people shouldn't be changing this Id, so it's not so much a validation issue, but more a security exception. But like I say, maybe your scenario is different.Validation in the Service Action:
You should read up on using Fluent Validators. You can call the custom validator yourself in your service method.
Then to actually use the validator in your service:
I hope this helps. Note: code is untested
It appears that after reading from a bunch of people experiencing similar problems, then many hours of playing with several solutions based on the SS4 Cookbook etc, this is a problem that is already solved:
https://forums.servicestack.net/t/blaz-miheljak-355-feb-3-2015/176/2
Implement the IRequiresRequest interface on your validator, and voila.