We have a WCF-service with a method that, for example, cancels an order by given id. This method can be called from the web by any user of our site.
Somewhere inside this method we have to check that order with given id belongs to the user that is currently logged in (we read authorization cookies).
Where is it better to perform this check?
In WCF method we start business process and somewhere inside it we ask a repository to load an order by id.
We can have a number of such opened-to-web operations. And I want to make the possibility to forget to make such an ownership check as low as possible - I want to implement such a check in some narrow place which every code branch will go though.
I can make such a check in the very repository, but I'm now sure that this kind of validation is of its responsibility. Also I can implement some kind of declarative validation by applying a behavior attribute to the service or its operations, but I'm not sure this is the right place, because we would have to load an order at least twice - first when performing an ownership test, and then in the business-process.