ASP.NET WebAPI创建一级JSON [英] ASP.NET WebAPI Creating one-level JSON
问题描述
域组合中有许多相关实体。例如 People
,其导航属性(Level1)为 FamilyRelations
, Houses
和人
。除此之外,房屋
拥有自己的nav.prop(Level2)到地址
和地址
(Level3)必须
City
, Street
...等
。直接跟踪您的实时跟踪对象同样如此。如果用户看到他们的数据IsAdmin:false,他们可能会得到狡猾,并发布IsAdmin:true。这可以通过盲目分配保存到数据库。
There are many related entities in Domain assembly. For example People
that has navigation properties (Level1) to FamilyRelations
, Houses
and Persons
. Beside this the Houses
has own nav.prop (Level2) to Address
and Address
(Level3) has to City
, Street
... etc.
When I set LazyLoadingEnabled
to true then I'm getting JSON (on the left side in screen) with all related entities.
How can I get only one level of nesting (as on the right side in scree) or set other levels to NULL
value (because I had setting Newtonsoft.Json.NullValueHandling.Ignore)?
Can I implement it without use .Include
to each entity?
My class of People:
public class People : BaseEntity
{
public int PersonID { get; set; }
public int HouseID { get; set; }
public int PeopleNumber { get; set; }
public int? FamilyRelationID { get; set; }
//FK to House
public virtual House Houses { get; set; }
//FK to Person
public virtual Person Persons { get; set; }
//FK to FamilyRelations
public virtual FamilyRelations FamilyRelations { get; set; }
}
WebAPI config:
config.Formatters.JsonFormatter.SupportedMediaTypes.Add(new MediaTypeHeaderValue("text/html"));
config.Formatters.JsonFormatter.SerializerSettings.ReferenceLoopHandling
= Newtonsoft.Json.ReferenceLoopHandling.Ignore;
config.Formatters.JsonFormatter.SerializerSettings.NullValueHandling
= Newtonsoft.Json.NullValueHandling.Ignore;
I do not have any solution because I did not have enough experience with it.
So, I need your suggestions, advices about it. Sorry for my English and if I have to add more informations, please let me know. Thanks
UPDATE
I've tried to add [JsonIgnore]
or ignore those properties in mapping class but when I do request get/House
then I need to get field from Address
without nav.prop and when request get/People
then I do not nedd Address
. As a result I can't ingnore it.
Never return tracked objects to the controller. Your business logic code (which should not exist in the controller) should map your database aware objects to POCOs. This can be as simple as using
var poco = AutoMapper.Map<People>(livePerson)
And you setup in your mapping profile to ignore those properties so they're not copied.
Note my automapper-fu is rusty that syntax is rough code.
You want to be very careful with any blind mapping as it opens you up to the Mass Assignment vulnerability. This is equally true for going straight to your live tracked objects. If a user sees in their data IsAdmin: false, they might get crafty and post IsAdmin: true. This can be saved to your database with blind assignments.
这篇关于ASP.NET WebAPI创建一级JSON的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!