You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/usage/common-pitfalls.md
+6-1
Original file line number
Diff line number
Diff line change
@@ -50,7 +50,7 @@ Did you notice the missing type of the `LoginAccount.Customer` property? We must
50
50
This is only one of the issues you'll run into. Just don't go there.
51
51
52
52
The right way to model this is by having only `Customer` instead of `WebCustomer` and `AdminCustomer`. And then:
53
-
- Hide the `CreditRating` property for web users using [this](https://www.jsonapi.net/usage/extensibility/resource-definitions.html#excluding-fields) approach.
53
+
- Hide the `CreditRating` property for web users using [this](~/usage/extensibility/resource-definitions.md#excluding-fields) approach.
54
54
- Block web users from setting the `CreditRating` property from POST/PATCH resource endpoints by either:
55
55
- Detecting if the `CreditRating` property has changed, such as done [here](https://github.com/json-api-dotnet/JsonApiDotNetCore/blob/master/test/JsonApiDotNetCoreTests/IntegrationTests/InputValidation/RequestBody/WorkflowDefinition.cs).
56
56
- Injecting `ITargetedFields`, throwing an error when it contains the `CreditRating` property.
@@ -87,6 +87,11 @@ Neither sounds very compelling. If stored procedures is what you need, you're be
87
87
Although recommended by Microsoft for hard-written controllers, the opinionated behavior of [`[ApiController]`](https://learn.microsoft.com/en-us/aspnet/core/web-api/?view=aspnetcore-7.0#apicontroller-attribute) violates the JSON:API specification.
88
88
Despite JsonApiDotNetCore trying its best to deal with it, the experience won't be as good as leaving it out.
89
89
90
+
#### Don't use auto-generated controllers with shared models
91
+
92
+
When model classes are defined in a separate project, the controllers are generated in that project as well, which is probably not what you want.
93
+
For details, see [here](~/usage/extensibility/controllers.md#auto-generated-controllers).
94
+
90
95
#### Register/override injectable services
91
96
Register your JSON:API resource services, resource definitions and repositories with `services.AddResourceService/AddResourceDefinition/AddResourceRepository()` instead of `services.AddScoped()`.
92
97
When using [Auto-discovery](~/usage/resource-graph.md#auto-discovery), you don't need to register these at all.
0 commit comments