I would tackle this in one of two ways:
1.
Make the lifestyle of the repository be per web request and take a dependency on the User.Identity
such that this can be used inside of the repository methods. e.g.
public class Repository<ToDoItem> : IRepository<ToDoItem>
{
private IIdentity _identity;
// let the container inject the IIdentity into the repository
// (you will need to register a service with
// the container for IIdentity for this)
public Repository(IIdentity identity)
{
_identity = identity;
}
IQueryable<ToDoItem> FindAll()
{
return FromSomeContext().Where(x => x.Username == _identity.Name);
}
// ....
}
Then register a method with Ninject that it can call to resolve an IIdentity
for any component that requires it. (You may decide that injecting an IPrincipal
is more useful as you can get information about user roles with it too).
kernel.Bind<IIdentity>()
.ToMethod(ctx => HttpContext.Current.User.Identity)
.InRequestScope();
Now, assuming that Ninject is also constructing your controllers for you and you have registered components for the IRepository<T>
services that your application requires, The current user IIdentity
will be injected into the Repository<ToDoItem>
for you by Ninject.
2.
Create an extension method for IRepository<ToDoItem>
(or even IRepository<T>
if appropriate) that wraps adding the Where()
expression for limiting the returned TODO items only to those that are relevant to the current user.