Controllers must control. Always everything?

Ytsu Ytsuevich2015-05-12 22:28:39

Python

Ytsu Ytsuevich, 2015-05-12 22:28:39

The language is not important, in my case it is PHP !!!
I do everything without encapsulation!
Let there be some model that interacts with the database ( save saves to the database).

$user = new UserModel();
$user->email = '[email protected]';   // email  - верный
$user->password = '123';          // пароль - неверный, меньше 6-ти символов
$user->save();                    // должна ли быть тут ошибка (wrong password)?

Should?
Or we in the same place should check the email and password for validity.
Where should this be checked?
Second example:
Suppose there is some product in the store, which must have a name, and the remaining fields (price, description) may be absent.

$order = new Order();
$order->save();           // ошибка, $order->name = null - по умолчанию;

Should the model throw an exception in this case? Or should we check before saving?
Where should this be checked?
And the last one:
Let the price field (price) should be a number, and we put a string (for example)

$order = new Order();
$order->name = 'example order';
$order->price = 'error here!';     // не число!

I grew up with "hard-wired" languages (C#, Java), where we can't pull this off at all, but what if it's a dynamically typed PL?
It's just that the model knows exactly about the columns, which of them are Nullable , and "burp". But everyone writes that controllers should validate input!

Answer the question

In order to leave comments, you need to log in

7 answer(s)

Fixid, 2018-06-03
@Fixid

Quite. Python is now an extremely "scientific" language.
A bunch of scientific libs, the most needed have been optimized for a long time. For extreme cases, they came up with Cython

asd111, 2018-06-03
@asd111

Python is a good choice.
If you buy something intel Core i9 or AMD thread ripper and it will be absolutely wonderful.

Itsu Itsuevich, 2015-05-13
@kofon

In general, people, I learned the following lessons.
1) The password can be stored in the database in any form, but not NULL . This means that if there is a password, then it can be saved. Let the one who needs it ( controller ) do the check for validity .
2) If the field is NO NULL , and NULL is thrown into the model , then it throws an exception , because she knows how it is stored in the database itself , null or not null
3) The model will check the passed number for type matching, and in case of failure ( , because it is illogical to do such a thing: And if suddenly the string is "Vasya" a string instead of a number ), it will throw an exception
? Then it will simply store "1" , how so, it is illogical!
However, [ price = -10 ] the model will eat, because it can be written in the database.
If someone has a different opinion, please discuss!
If time has passed (now: 05/13/15 ), but you do not agree with me, please write to me: [email protected]
I'm serious!

D', 2015-05-12
@Denormalization

I make separate validation classes.
In controller:

// ...
$input = $request->all();
$validator = new OrderValidator($input);
if ($validator->fails())
  // ошибка, обрабатываем

$model = new Order;
$model->create($input);

Something like this. IMHO the model should not be too smart. She should do what she was told, she should not decide for herself whether she wants to keep or not.

evnuh, 2015-05-12
@evnuh

In the model. The controller is the link, it should route, but not think.

marble, 2015-05-12
_

$order->price = 'error here!'; // не число!
Already a number :) Control depends purely on the programmer, no one forces you. If you are not used to it, then PHP can be hard-typed.
My personal opinion is that you need to check everything, cast it to the right types before saving it to the database.

entermix, 2015-05-12
@entermix

If there are errors while saving the model, it should throw an exception.
Something like this:

$user = new UserModel();
$user->email = '[email protected]';   // email  - верный
$user->password = '123';          // пароль - неверный, меньше 6-ти символов

try {
   $user>save();
}
catch ($e) {
// Ошибки
}