Develop Reference

Configure/register depdency injection scoped service from within the scope

I have a stateless service in Azure Service Fabric, and I'm using Microsoft.Extensions.DependencyInjection, although the same issue exists for any other DI frameworks. In my Program.cs, I create a ServiceCollection, add all (but one) of my registrations, create the service provider, and pass it to my service's constructor. Any service method with external entry will create a new service scope and call the main business logic class. The issue is that one of the classes I want to have scoped lifetime needs a value that is an input parameter on the request itself. Here's a code snippet of what I would like to achieve.
internal sealed class MyService : StatelessService, IMyService
{
private IServiceProvider _serviceProvider;
private IServiceScopeFactory _scopeFactory;
public MyService(StatelessServiceContext context, IServiceProvider serviceProvider)
: base(context)
{
_serviceProvider = serviceProvider;
_scopeFactory = _serviceProvider.GetRequiredService<IServiceScopeFactory>();
}
public async Task<MyResponse> ProcessAsync(MyRequest request, string correlationId, CancellationToken cancellationToken)
{
using (var scope = _scopeFactory.CreateScope())
{
var requestContext = new RequestContext(correlationId);
//IServiceCollection serviceCollection = ??;
//serviceCollection.AddScoped<RequestContext>(di => requestContext);
var businessLogic = scope.ServiceProvider.GetRequiredService<BusinessLogic>();
return await businessLogic.ProcessAsync(request, cancellationToken);
}
}
}
The cancellation token is already passed around everywhere, including to classes that don't use it directly, just so it can be passed to dependencies that do use it, and I want to avoid doing the same with the request context.
The same issue exists in my MVC APIs. I can create middle-ware which will extract the correlation id from the HTTP headers, so the API controller doesn't need to deal with it like my service fabric service does. One way I can make it work is by giving RequestContext a default constructor, and have a mutable correlation id. However, it's absolutely critical that the correlation id doesn't get changed during a request, so I'd really like the safety of having get-only property on the context class.
My best idea at the moment is to have a scoped RequestContextFactory which has a SetCorrelationId method, and the RequestContext registration simply calls the factory to get an instance. The factory can throw an exception if a new instance is requested before the id is set, to ensure no id-less contexts are created, but it doesn't feel like a good solution.
How can I cleanly register read-only objects with a dependency injection framework, where the value depends on the incoming request?

I only had the idea for a RequestContextFactory as I was writing the original question, and I finally made time to test the idea out. It actually was less code than I expected, and worked well, so this will be my go-to solution now. But, the name factory is wrong. I'm not sure what to call it though.
First, define the context and factory classes. I even added some validation checks into the factory to ensure it worked the way I expect:
public class RequestContext
{
public RequestContext(string correlationId)
{
CorrelationId = correlationId;
}
public string CorrelationId { get; }
}
public class RequestContextFactory
{
private RequestContext _requestContext;
private bool _used = false;
public void SetContext(RequestContext requestContext)
{
if (_requestContext != null || requestContext == null)
{
throw new InvalidOperationException();
}
_requestContext = requestContext;
}
public RequestContext GetContext()
{
if (_used || _requestContext == null)
{
throw new InvalidOperationException();
}
_used = true;
return _requestContext;
}
}
Then, add registrations to your DI container:
services.AddScoped<RequestContextFactory>();
services.AddScoped<RequestContext>(di => di.GetRequiredService<RequestContextFactory>().GetContext());
Finally, the Service Fabric service method looks something like this
public async Task<MyResponse> ProcessAsync(MyRequest request, string correlationId, CancellationToken cancellationToken)
{
using (var scope = _scopeFactory.CreateScope())
{
var requestContext = new RequestContext(correlationId);
var requestContextFactory = scope.ServiceProvider.GetRequiredService<RequestContextFactory>();
requestContextFactory.SetContext(requestContext);
var businessLogic = scope.ServiceProvider.GetRequiredService<BusinessLogic>();
return await businessLogic.ProcessAsync(request, cancellationToken);
}
}
Kestrel middleware could look something like this
public async Task Invoke(HttpContext httpContext)
{
RequestContext requestContext = new RequestContext(Guid.NewGuid().ToString());
var factory = httpContext.RequestServices.GetRequiredService<RequestContextFactory>();
factory.SetContext(requestContext);
httpContext.Response.Headers["X-CorrelationId"] = requestContext.CorrelationId;
await _next(httpContext);
}
Then just do the normal thing and add a RequestContext parameter to the constructor of any class that needs to get the correlation id (or any other info you put in the request context)

webapi pagedresult failes when using $expand

To get the inline count in odata style from a webapi2 controller I read on this page:
http://www.asp.net/web-api/overview/odata-support-in-aspnet-web-api/supporting-odata-query-options that I should return a PagedResult from my method. I made my method in my apicontroller like this:
public PageResult<Software> Get(ODataQueryOptions<Software> options)
{
ODataQuerySettings settings = new ODataQuerySettings()
{
};
IQueryable results = options.ApplyTo(db.Software, settings);
return new PageResult<Software>(
results as IEnumerable<Software>,
Request.ODataProperties().NextLink,
Request.ODataProperties().TotalCount
);
}
This works fine for request like this:
http://dummy.com/api/Softwareapi?$inlinecount=allpages&$filter=Deleted%20eq%20false&$orderby=SequenceNo&$top=7&$skip=0
But for a request like this:
http://dummy.com/api/Softwareapi?$inlinecount=allpages&$filter=Deleted%20eq%20false&$orderby=SequenceNo&$top=7&$skip=0&$expand=Supplier
I get:
<Error>
<Message>An error has occurred.</Message>
<ExceptionMessage>Value cannot be null. Parameter name: data</ExceptionMessage>
<ExceptionType>System.ArgumentNullException</ExceptionType>
<StackTrace>
at System.Web.Http.OData.PageResult`1..ctor(IEnumerable`1 items, Uri nextPageLink, Nullable`1 count) at DigiCampuz.Controllers.SoftwareApiController.Get(ODataQueryOptions`1 options) in c:\Users\bzs\Documents\Visual Studio 2012\Projects\DigiCampuz Webapp\DigiCampuz\Controllers\SoftwareApiController.cs:line 41 at lambda_method(Closure , Object , Object[] ) at System.Web.Http.Controllers.ReflectedHttpActionDescriptor.ActionExecutor.<>c__DisplayClass10.<GetExecutor>b__9(Object instance, Object[] methodParameters) at System.Web.Http.Controllers.ReflectedHttpActionDescriptor.ActionExecutor.Execute(Object instance, Object[] arguments) at System.Web.Http.Controllers.ReflectedHttpActionDescriptor.ExecuteAsync(HttpControllerContext controllerContext, IDictionary`2 arguments, CancellationToken cancellationToken) --- End of stack trace from previous location where exception was thrown --- at System.Runtime.CompilerServices.TaskAwaiter.ThrowForNonSuccess(Task task) at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task
If I use quick-watch feature in the vs debugger I can see results has the correct amount of items and those items have suppliers, but I cannot seem to get pagedresult to see that.
Does anybody here want to help me with this?

How can I keep an object that was returned from an already disposed of DataContext?

Get User Action
[HttpGet]
[ActionName("Index")]
public ActionResult Get(int id)
{
User u = UserCore.GetUser(id);
if (u == null)
return Content("user not found", "text/plain");
return new XmlResult(u);
}
UserCore.GetUser
public static User GetUser(int UserID)
{
using (PanamaDataContext db = new PanamaDataContext())
{
return (from u in db.Users where u.UserID == UserID select u).FirstOrDefault();
}
}
The Route
routes.MapRoute(
"GetUser",
"user/{id}",
new { controller = "Users", action = "Index" }
);
And finally the test URLs
/user/9000 returns "user not found" as expected (does not exist currently)
/user/75 (actually exists in the DB) however returns:
Cannot access a disposed object. Object name: 'DataContext accessed
after Dispose.'.
[ObjectDisposedException: Cannot access a disposed object. Object
name: 'DataContext accessed after Dispose.'.]
System.Data.Linq.DataContext.GetTable(Type type) +1020550
System.Data.Linq.CommonDataServices.GetDataMemberQuery(MetaDataMember
member, Expression[] keyValues) +120
System.Data.Linq.DeferredSourceFactory1.ExecuteKeyQuery(Object[]
keyValues) +258
System.Data.Linq.DeferredSourceFactory1.Execute(Object instance) +928
System.Data.Linq.DeferredSource.GetEnumerator() +53
System.Data.Linq.EntitySet1.Load() +112
System.Data.Linq.EntitySet1.get_Count() +9
Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationWriterUser.Write14_User(String
n, String ns, User o, Boolean isNullable, Boolean needType) +5060
Microsoft.Xml.Serialization.GeneratedAssembly.XmlSerializationWriterUser.Write15_User(Object
o) +144
[InvalidOperationException: There was an error generating the XML
document.]
System.Xml.Serialization.XmlSerializer.Serialize(XmlWriter xmlWriter,
Object o, XmlSerializerNamespaces namespaces, String encodingStyle,
String id) +646
System.Xml.Serialization.XmlSerializer.Serialize(TextWriter
textWriter, Object o, XmlSerializerNamespaces namespaces) +72
System.Xml.Serialization.XmlSerializer.Serialize(TextWriter
textWriter, Object o) +10 ...
I'm assuming this is because the referenced object no longer exists but what can I do? Somehow copy the object that is returned from the DataContext?
Either way it should be returning XML and not that error.

You should use view models. Basically you should construct a view model inside the lifetime of the DataContext and pass this view model to the view result (in your case the XmlResult). This view model should be constructed by mapping properties of the actual domain model returned by your datacontext and all this should happen inside this context lifetime. Ayende Rahien has a great series of blog posts about view models (It's for NHibernate but the problem of disposed context is exactly the same as with EF data datacontexts).

You need to eagerly include the child rows using the Include() method.

How to check record ownership in controllers?

An application permits users to create records. For our purposes, let's call those records Goals.
One user should not be able to see Goals created by another user.
What is the best method for preventing UserA from accessing UserB's Goal?
I can do it like this:
//using asp.net membership
Guid uId = (Guid)System.Web.Security.Membership.GetUser().ProviderUserKey;
//goal records contain a foreign key to users, so I know who owns what
Goal theGoal = db.Goals.SingleOrDefault(g => g.GoalId == goalId
&& g.UserId == uId);
if (null == theGoal)
{
ViewData["error"] = "Can't find that goal.";
return View("Error");
}
else
{
return View(theGoal);
}
This works fine. The problem is that I've got similar code littered in every action that accesses goals.
Is there a more re-usable way of accomplishing this?
I thought of implementing it as an Authorization Filter. 2 problems with that scheme:
1) Requires the filter to know about and use the DB.
2) Requires 2 queries(1 in the filter, another in the action) instead of just the 1 query in the action that I have now.
What's a more DRY way of accomplishing this?

A custom model binder is a great place to do this:
public class GoalModelBinder : DefaultModelBinder
{
private readonly IGoalRepository _repository;
public GoalModelBinder(IGoalRepository repository)
{
_repository = repository;
}
protected override object CreateModel(ControllerContext controllerContext, ModelBindingContext bindingContext, Type modelType)
{
// Here the default model binder does his job of binding stuff
// like the goal id which you would use in the repository to check
var goal = base.CreateModel(controllerContext, bindingContext, modelType) as Goal;
var user = controllerContext.HttpContext.User;
var theGoal = _repository.GetGoal(user, goal);
if (theGoal == null)
{
throw new HttpException(403, "Not authorized");
}
// It's OK, we've checked that the Goal belongs to the user
// => return it
return theGoal;
}
}
and then in your Application_Start register this model binder:
// some implementation of your repo
var sqlRepo = new SqlGoalRepository();
ModelBinders.Binders.Add(typeof(Goal), new GoalModelBinder(sqlRepo));
Now your controller action becomes less littered:
[Authorize]
public ActionResult Edit(Goal goal)
{
// if we get that far we are fine => we've got our goal
// and we are sure that it belongs to the currently logged user
return View(goal);
}

Extending Sanderson's custom mvc ModelBinder for an object stored in session

In his wonderful MVC book Steven Sanderson gives an example of a custom model binder that sets and retrieves a session variable, hiding the data storage element from the controller.
I'm trying to extend this to cater for a pretty common scenario: I'm storing a User object in the session and making this available to every action method as a parameter. Sanderson's class worked ok when the User details weren't changing, but now i need to let the user edit their details and save the amended object back to the session.
My problem is that I can't work out how to distinguish a GET from a POST other than by checking the number of keys in bindingContext.ValueProvider.Keys, and this seems so wrong I'm sure I'm misunderstanding something.
Can anyone point me in the right direction? Basically all Actions need access to the current user, and the UpdateMyDetails action needs to update that same object, all backed by the Session. Here's my code...
public class CurrentUserModelBinder : IModelBinder
{
private const string userSessionKey = "_currentuser";
public object BindModel(ControllerContext controllerContext, ModelBindingContext bindingContext) {
var user = controllerContext.HttpContext.Session[userSessionKey];
if (user == null)
throw new NullReferenceException("The CurrentUser was requested from the CurrentUserModelBinder but no IUser was present in the Session.");
var currentUser = (CCL.IUser)user;
if (bindingContext.ValueProvider.Keys.Count > 3)
{
var firstName = GetValue<string>(bindingContext, "FirstName");
if (string.IsNullOrEmpty(firstName))
bindingContext.ModelState.AddModelError("FirstName", "Please tell us your first name.");
else
currentUser.FirstName = firstName;
var lastName = GetValue<string>(bindingContext, "LastName");
if (string.IsNullOrEmpty(lastName))
bindingContext.ModelState.AddModelError("LastName", "Please tell us your last name.");
else
currentUser.LastName = lastName;
if (bindingContext.ModelState.IsValid)
controllerContext.HttpContext.Session[userSessionKey] = currentUser;
}
return currentUser;
}
private T GetValue<T>(ModelBindingContext bindingContext, string key)
{
ValueProviderResult valueResult;
bindingContext.ValueProvider.TryGetValue(key, out valueResult);
bindingContext.ModelState.SetModelValue(key, valueResult);
return (T)valueResult.ConvertTo(typeof(T));
}
}

Try inheriting from DefaultModelBinder instead of IModelBinder, then you can call base.BindModel to populate bindingContext.Model for mvc 1.0 or bindingContext.ModelMetadata.Model for mvc 2.0
To trigger bindingContext.Model to populate, call UpdateModel on the controller.
You need to add the statement from the book back in
if(bindingContext.Model != null)
throw new InvalidOperationException("Cannot update instances");
but change it to populate model and save on the session.
if(bindingContext.Model != null)
{
base.BindModel(controllerContext, bindingContext);
//save bindingContext.Model to session, overwriting current.
return bindingContext.Model
}