Christopher H. Laco wrote:
> mla wrote:
>> Matt S Trout wrote:
>>> On Tue, May 15, 2007 at 02:51:18PM -0400, Christopher H. Laco wrote:
>>>>> where do you handle the validation? Only in the controller or in
>>>>> both the model and controller?
>>>> Fail Early. Fail Often.
>>>>
>>>> Some will say redundancy sucks. I agree, except for where validation =
> is
>>>> concerned. If you're writing data from the web into a model, check th=
> e
>>>> data at the page level, and at the model level.
>>>>
>>>> If you're writing to a model from a command line utility...check data=
> at
>>>> the command line level, and the model level...
>>> The controller should validate.
>>>
>>> The model should also validate.
>>>
>>> The model should provide a way for the controller to get the constrain=
> ts.
>>> The controller should check the constraints and return errors to the
>>> user,
>>> and if there are errors NOT TRY AND UPDATE THE MODEL.
>>>
>>> The model's validation should die screaming if it doesn't pass - if
>>> bad data
>>> gets that far, either the model's changed under you or there's a bug i=
> n
>>> your code.
>> =20
>> Okay, thanks very much for this. So in terms of the model constraints,
>> you will validate everything twice. Once at the controller layer (where=
>
>> it leverages info from the model), and once in the model itself.
>> =20
>> So you can interrogate the model to find out, for example, that the
>> email column can't be longer than 100 characters and should match the
>> pattern /@/ (just to keep it simple here).
>
> Off Topic. Making a note for myself and DBIC::Validation
>
> 100 can be validated because we have %colinfo {size =3D> 100}
> Patterns could be covered in validation_profiles at the source
> level...but maybe this would be nice as well:
>
> {
> type =3D> 'VARCHAR',
> size =3D> 100,
> validation =3D> qr/[EMAIL PROTECTED]/
> #validation =3D> sub{}
> }
>
>
> /me urns for better validaiton profiles created from DBIC %colinfo
>
> -=3DChrisBack on topic... And of course, there are times where you're not doing simple CRUD...and the form/validation profile doesn't match the destination field for field...like a form that covers the data for a parent/child table... or a join... I've been known to keep the UI form and it's validation completely seperate fomr the actual model/model validation.... Damned if you do... damned if you don't. There is no one correct answer.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ List: [email protected] Listinfo: http://lists.rawmode.org/mailman/listinfo/catalyst Searchable archive: http://www.mail-archive.com/[email protected]/ Dev site: http://dev.catalyst.perl.org/
