Limiting access to fields for web service client

[dev]

Hello,

I have a web service that returns an entity (C# class). I would like to
disallow access to some of the members in write access to the WebService
clients. Setting them private or protected in the class definition can
not be achieved since in the WebService they must be writeable.

Dummy example to explain if it is not clear:

In WebService definition:

// ...
class MyClass
{
public int id;
public int name;
};

// ...
MyClass WebService_GetMyClass()
{
MyClass mc = new MyClass();
mc.id = 1; // id must be public
mc.name = "foo";
return mc;
}

void WebService_UpdateMyClass(MyClass mc)
{
// ...
}

WebService client:

MyClass mc = WS.WebService_GetMyClass();
mc.id = 22; // <== this is what I want to avoid *******
WS.WebService_UpdateMyClass(mc);


Thanks for your answers.

 

[Laurent Bugnion]

Hi,

Hello,

I have a web service that returns an entity (C# class). I would like to
disallow access to some of the members in write access to the WebService
clients. Setting them private or protected in the class definition can
not be achieved since in the WebService they must be writeable.

<example snipped>

Difficult. As you found out, the fields (be it attributes or properties)
of the returned classes must be public, or else they won't even be
passed in the SOAP response.

I would use an intermediate layer performing the request, and then
mapping the returned values into a client class, with the desired
visibility.

Something like

public class MyClassEx
{
private int id;
private string name;

public string Name
{
get
{
return name;
}
}

public MyClassEx()
{
MyClass mc = WS.WebService_GetMyClass();
this.id = mc.id;
this.name = mc.name:
}
}

Note however that this only works if the web service call is
synchronous, which is not really recommended. If the call is
asynchronous, you'll need to modify the code.

HTH,
Laurent