Operation Configuration

By default, MapCrud<T> registers all five CRUD endpoints. You can disable individual operations or restrict an entity to a specific subset using the fluent configuration API.

Default: Full CRUD

app.MapCrud<Product>("products");
// Registers: GET /, GET /{id}, POST /, PUT /{id}, DELETE /{id}

Disable Individual Operations

Use the DisableX() methods to remove specific endpoints:

app.MapCrud<Order>("orders", o => o
    .DisableDelete()  // No DELETE endpoint
    .DisablePut());   // No PUT endpoint

Available disable methods:

Method	Removes
`DisableGet()`	Both `GET /` and `GET /{id}`
`DisableDelete()`	`DELETE /{id}`
`DisablePut()`	`PUT /{id}`
`DisablePost()`	`POST /`

Restrict to a Single Operation

Use the OnlyX() methods to disable everything except one operation:

// Read-only entity
app.MapCrud<Category>("categories", o => o.OnlyGet());

// Create-only (audit log, event store)
app.MapCrud<AuditLog>("audit-logs", o => o.OnlyPost());

// Update-only
app.MapCrud<UserPreference>("user-preferences", o => o.OnlyPut());

// Delete-only
app.MapCrud<Session>("sessions", o => o.OnlyDelete());

OnlyX() methods are last-call-wins and override any previous DisableX() or OnlyX() calls.

HTTP Status Codes for Disabled Endpoints

When a route is registered but the operation is disabled:

ASP.NET Core returns 405 Method Not Allowed when the route path exists for other methods
Returns 404 Not Found when no other methods exist at that route

In integration tests, assert that disabled operations return either 404 or 405.

Soft Delete — The DELETE endpoint behavior for ISoftDeletable entities
DTO Mapping — Configure request/response DTO types

Table of Contents

Operation Configuration

Default: Full CRUD

Disable Individual Operations

Restrict to a Single Operation

HTTP Status Codes for Disabled Endpoints

Related Features