IDBConnectionInterceptor Interface
Allows you to intercept operations on a connection to a database.
Namespace: DevExpress.DataAccess.Sql
Assembly: DevExpress.DataAccess.v24.2.dll
Declaration
Remarks
Implement IDBConnectionInterceptor to intercept, modify, and/or suppress SQL operations. The list includes low-level database operations such as executing a command or setting a key-value pair in a session context. Once the connection is open, you can store values in the session context and execute any request you require.
You can register an interceptor in dashboard and report control service providers. The registration method depends on the control type and platform:
- In Web dashboard applications, call the ASPxDashboard.SetDBConnectionInterceptor(IDBCommandInterceptor) or DashboardConfigurator.SetDBConnectionInterceptor(IDBConnectionInterceptor) methods.
- In WinForms dashboard applications, assign an
IDBConnectionInterceptorobject to the control’sCustomDBConnectionInterceptorproperty. For example, use the DashboardDesigner.CustomDBConnectionInterceptor property. - In Web reporting applications, register an
IDBConnectionInterceptorobject as an extension inIServiceCollection. - In WinForms reporting applications, call the XRDesignMdiController.AddService method.
Example: BI Dashboard for ASP.NET Core - Implement Row-Level Security
This example shows how you can implement connection filtering in an application where users (tenants) share the same SQL Server user. Once the application connects to the database, it stores the current user ID in SESSION_CONTEXT. Security policies filter rows that shouldn’t be visible to this ID.
Refer to the following example for complete source code that implements the scenario listed above:
The following image displays the registration form where you can select a user to see the dashboard that displays filtered data based on your selection.
The following code snippet shows how to implement IDBConnectionInterceptor that filters data when the application connects to the database:
Implement the
IDBConnectionInterceptorinterface (RLSConnectionInterceptor.csin this example). When the database connection opens, store the current user ID in SESSION_CONTEXT. Modify queries to the Order table - filter data by user ID. This way you implement database behavior equivalent to connection filtering.using DevExpress.DataAccess.Sql; using System.Data; using WebDashboard.Code; namespace WebDashboard { public class RLSConnectionInterceptor : IDBConnectionInterceptor { IHttpContextAccessor contextAccessor; public RLSConnectionInterceptor(IHttpContextAccessor contextAccessor) { this.contextAccessor = contextAccessor; } public void ConnectionOpened(string sqlDataConnectionName, IDbConnection connection) { int employeeId = contextAccessor.GetCurrentUserId(); using(var command = connection.CreateCommand()) { command.CommandText = $"EXEC sp_set_session_context @key = N'EmployeeId', @value = {employeeId}"; command.ExecuteNonQuery(); } } } }Register the interceptor in
DashboardConfigurator.using DevExpress.DashboardCommon; using DevExpress.DashboardWeb; using DevExpress.DataAccess.Sql; using Microsoft.Extensions.FileProviders; namespace WebDashboard { public static class DashboardUtils { public static DashboardConfigurator CreateDashboardConfigurator(IConfiguration configuration, IFileProvider fileProvider, IHttpContextAccessor contextAccessor) { DashboardConfigurator configurator = new DashboardConfigurator(); // ... configurator.SetDBConnectionInterceptor(new RLSConnectionInterceptor(contextAccessor)); // ... return configurator; } } }