I've got an existing ASP.NET Core web application that uses EF Core for the database queries. A requirement has come up that requires me to basically filter every query's result using some logic that takes into consideration a user's "permissions". So like, if a user should not be allowed to ever see a particular column in the results, or if a user should never be able to see a particular row with a specific id, etc.
Like I said, this is an existing application and so I'm wondering if there's a nice spot to put some sort of global EF filter in place? As opposed to writing my own method and going through the entire ASP.NET application and modifying every location that uses EF Core.
Is there something like a middleware for EF Core perhaps? Or global filtering before or after a query is realized?
I'm trying to get an idea of what my options might be here before I go and modify hundreds of lines of code.