ABP框架系列之五十三：(Web-API-Controllers-Web-API-控制器)

Introduction

ASP.NET Boilerplate is integrated to ASP.NET Web API Controllers via Abp.Web.Api nuget package. You can create regular ASP.NET Web API Controllers as you always do. Dependency Injection properly works for regular ApiControllers. But you should derive your controllers from AbpApiController, which provides several benefits and better integrates to ASP.NET Boilerplate.

ASP.NET样板集成到ASP.NET Web API控制器通过abp.web.api NuGet包。您可以创建普通的ASP.NET Web API控制器总是为你做的。依赖注入为规定的apicontrollers正确的工作。但是你应该得到你abpapicontroller控制器，它提供了几个好处，更好的融入到ASP.NET样板。

AbpApiController Base Class

This is a simple api controller derived from AbpApiController:

public class UsersController : AbpApiController

{

}

Localization

AbpApiController defines L method to make localization easier. Example:

public class UsersController : AbpApiController

{

    public UsersController()

    {

        LocalizationSourceName = "MySourceName";

    }

    public UserDto Get(long id)

    {

        var helloWorldText = L("HelloWorld");

        //...

    }

}

You should set LocalizationSourceName to make L method working. You can set it in your own base api controller class, to not repeat for each api controller.

Others

You can also use pre-injected AbpSession, EventBus, PermissionManager, PermissionChecker, SettingManager, FeatureManager, FeatureChecker, LocalizationManager, Logger, CurrentUnitOfWork base properties and more.

Filters

ABP defines some pre-built filters for AspNet Web API. All of them are added to all actions of all controllers by default.

ABP定义了预建的过滤器ASPNET Web API。所有这些都默认添加到所有控制器的所有操作中。

Audit Logging

AbpApiAuditFilter is used to integrate to audit logging system. It logs all requests to all actions by default (if auditing is not disabled). You can control audit logging using Audited and DisableAuditing attributes for actions and controllers.

abpapiauditfilter是用来整合审计日志系统。默认情况下，它将所有请求记录到所有操作（如果没有禁用审核）。你可以控制审计日志审计和disableauditing使用动作和控制器属性。

Authorization

You can use AbpApiAuthorize attribute for your api controllers or actions to prevent unauthorized users to use your controllers and actions. Example:

你可以使用abpapiauthorize属性为你的API控制器或行动来防止未经授权的用户使用你的控制器和动作。例子:

public class UsersController : AbpApiController

{

    [AbpApiAuthorize("MyPermissionName")]

    public UserDto Get(long id)

    {

        //...

    }

}

You can define AllowAnonymous attribute for actions or controllers to suppress authentication/authorization. AbpApiController also defines IsGranted method as a shortcut to check permissions in the code.

你可以定义为行动或控制器来抑制认证/授权allowanonymous属性。AbpApiController还定义了权限法作为一种快捷方式来检查代码的权限。

See authorization documentation for more.

Anti Forgery Filter（防伪过滤器）

AbpAntiForgeryApiFilter is used to auto protect ASP.NET Web API actions (including dynamic web api) for POST, PUT and DELETE requests from CSRF/XSRF attacks. See CSRF documentation for more.

abpantiforgeryapifilter用于自动保护ASP.NET Web API的行为（包括动态Web API）后，将删除CSRF / XSRF攻击的请求。更看CSRF的文档。

Unit Of Work

AbpApiUowFilter is used to integrate to Unit of Work system. It automatically begins a new unit of work before an action execution and completes unit of work after action exucition (if no exception is thrown).

You can use UnitOfWork attribute to control behaviour of UOW for an action. You can also use startup configuration to change default unit of work attribute for all actions.

abpapiuowfilter是用来整合的工作系统。它会自动开始一个新的工作单位前一个动作的执行和完成行动后exucition工作单位（如果没有抛出异常）。

你可以使用属性来控制一个动作UnitOfWork UOW的行为。还可以使用启动配置更改所有操作的默认工作单元属性。

Result Wrapping & Exception Handling（结果包装和异常处理）

ASP.NET Boilerplate does not wrap Web API actions by default if action has successfully executed. But it handles and wraps for exceptions. You can add WrapResult/DontWrapResult to actions and controllers if you need. You can change this default behaviour from startup configuration (using Configuration.Modules.AbpWebApi()...). See AJAX document for more about result wrapping.

ASP.NET样板不包Web API的行为默认如果行动已成功执行。但是它处理和包装异常。您可以添加wrapresult / dontwrapresult行动和控制器，如果你需要。您可以更改此默认行为的启动配置（使用配置模块。abpwebapi()…）。有关结果包装的更多内容，请参见Ajax文档。

Result Caching（结果缓存）

ASP.NET Boilerplate adds Cache-Control header (no-cache, no-store) to the response for Web API requests. Thus, it prevents browser caching of responses even for GET requests. This behaviour can be disabled by the configuration.

ASP.NET的模板添加缓存控制头（没有缓存，没有存储）的响应的Web API请求。因此，即使GET请求，它也阻止浏览器缓存响应。可以通过配置禁用此行为。

Validation

AbpApiValidationFilter automatically checks ModelState.IsValid and prevents execution of the action if it's not valid. Also, implements input DTO validation described in the validation documentation.

abpapivalidationfilter modelstate.isvalid防止自动检查和执行行动，如果它不是有效的。因此，输入验证工具验证文件中描述的DTO的。

Model Binders（模型绑定）

AbpApiDateTimeBinder is used to normalize DateTime (and Nullable<DateTime>) inputs using Clock.Normalize method.