Hide Properties on Odata Controllers responses

Jose_Carrillo · November 2, 2019, 8:07pm

Hi, is there a way to hide properties from Odata EF controllers response, like using
[IgnoreDataMember]
[NotMapped]

I dont want the passwordHash property to be returned on any query related to users.

Thanks

korchev · November 3, 2019, 6:57am

Those should be excluded by default.

    public partial class ApplicationUser : IdentityUser
    {
        [NotMapped]
        public IEnumerable<string> RoleNames { get; set; }

        [IgnoreDataMember]
        public override string PasswordHash { get; set; }

        [IgnoreDataMember, NotMapped]
        public string Password { get; set; }

        [IgnoreDataMember, NotMapped]
        public string ConfirmPassword { get; set; }
    }

Here is how the response looks like:

GET http://localhost:5000/auth/ApplicationUsers

GET http://localhost:5000/auth/ApplicationUsers('1242b847-df4a-4525-ba9d-05bd3e1d7f06')

Jose_Carrillo · November 4, 2019, 11:17pm

Thanks Atanas, just to let you know, I have a custom security where I use a custom table for authentication.

korchev · November 5, 2019, 9:06am

How does your implementation differ from the default Radzen one? Using the IgnoreDataMember and NotMapped attributes are sufficient in the default scenario and the PasswordHash properties are not serialized by OData.