开发者

Should DAO's validate the input

since DAO layer is typically responsible for accessing data from DB given certain input (like a user_id etc), should it concern itself with checking the validity of its input?

E.g. if there's a DAO method to fetch a user based on user_uid, which is a (> 0) primary key, then should the DAO method always check for this constraint before making the necessary DB call? Or should it assume that any layer higher up which calls this method will take care of the constraint and never pass it a -ve id? The DAO method can publish this constraint in its doc so that programmers writing 开发者_StackOverflow中文版higher layers are aware of it.

Which approach would you typically use and why?

Thanks and regards!


The DAO layer should not check the validity of the input. The integrity and coherence of the data is checked in the persistence layer (for example: foreign keys), and the "business" related validity is checked in the business layer. The only responsibility of the DAO layer is comunicate with the persistence layer to store or retrieve data.


The answer depends on whether the business layer (presumably above the data layer) is validating these values, and if the data layer can be called from any other layers (eg workflow layer).

Generally it is a good idea to bunch validation in the business layer, and constrain layer communications so the data layer can only be called via the business layer.

We also add key/null validation checking in stored procedures, in case another service in the future decides to attempt to put invalid data in.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜