Hi guys,
I'm trying to implement something with swagger. Basically i have enabled swagger for my new app. For the swagger, i have created a custom filter named HideInDocs which uses regex to hide some framework default methods from swagger ui page (ie app/user, app/tenant, app/session)
Now, i need to also hide authorized methods that current has no permissions to access it. this works fine if the methods are webapi methods. Using apiDescription.GetControllerAndActionAttributes<object>(); i can get required permissions for the method and then check if a permission is granted for current user and decide whether to include it in swagger ui page or not.
The problem arises when i'm trying to do the same for dynamicApi generated methods as var test = apiDescription.GetControllerAndActionAttributes<object>(); returns nothing. Seems that attributes are not reflected for dynamically generated methods.
Is there any way to achieve the same functionality on dynamicWebapi methods?
Below is my DocFilter:
public class HideInDocsFilter : IDocumentFilter
{
public void Apply(SwaggerDocument swaggerDoc, SchemaRegistry schemaRegistry, IApiExplorer apiExplorer)
{
foreach (var apiDescription in apiExplorer.ApiDescriptions)
{
var test = apiDescription.GetControllerAndActionAttributes<object>();
//remove from docs autogenerated services
Regex r = new Regex("AbpCache|AbpServiceProxies|app/session|app/tenant|app/user|ServiceProxies|TypeScript");
if (r.IsMatch(apiDescription.ID))
{
swaggerDoc.paths.Remove("/" + apiDescription.RelativePath.Split('?')[0]);
}
}
}
}