3

I have a registration page and would like to perform some validation (in addition to the StringLength and Required annotations on my ViewModel) for duplicate usernames and email addresses. Currently I perform this validation in my controller when the registration form is posted back. I'm not sure if this is the right place to do it though.

I can't imagine the ViewModel to be the right place as it would require the ViewModel to have a reference to my UserRepository. Does it make sense to have this kind of validation in the model classes?

If so, how do I implement this on the model so I can check if the information is valid before I sent it into my repository?

Update

Code of my controller action:

if (ModelState.IsValid)
        {
            if (!_userRepository.Exists(registerViewModel.Username))
            {
                if (!_userRepository.EmailExists(registerViewModel.Email))
                {
                    _userRepository.Add(
                        new User
                            {
                                Created = DateTime.Now, 
                                Email = registerViewModel.Email, 
                                Password = registerViewModel.Password, 
                                Username = registerViewModel.Username
                            });

                    _userRepository.SaveChanges();
                    TempData["registrationDetails"] = registerViewModel;

                    return RedirectToAction("Confirm");
                }
                else
                {
                    ModelState.AddModelError(string.Empty, "This email address is already in use.");
                }
            }
            else
            {
                ModelState.AddModelError(string.Empty, "This username is already taken.");
            }
        }

        return View(registerViewModel);
    }

Update 2

Should the domain model care about such constraints as duplicate user names or email addresses or is this something that the controller layer should worry about?

Update 3

It seems that putting the validation logic in the controller makes the most sense as it can be reused in remote validation and in model validation on submit. Is something like checking for duplicates generally a thing that should be done in controllers or does it make sense to have these kind of checks in a domain model?

Thanks,

b3n
  • 3,595
  • 5
  • 27
  • 46
  • It might depend on your application more than anything - 90% of my application's ViewModels are my data layer models which is where I define my validation so that I can re-use them - doing it in the controller means you have to re-write your validation code any time you re-use the model/ViewModel – Rob Mar 02 '11 at 04:10
  • That's currently one of the problems I am facing with ViewModels. I have validation in there but I also have validation on my model classes. This feels like quite a bit of duplication here. – b3n Mar 02 '11 at 04:20

5 Answers5

1

I would perform it both on the frontend (ajax perhaps) and backend - which depends on your solutions architecture.

I like to let users know immediately if there's going to be a registration issues. In my typical setup of a data layer / business layer and presentation layer, I would perform the dup checks in the business logic and have the controller call that piece of code (in addition to an ajax lookup on the front end for users).

As a bit of a side note: I generally prefer to only use MVVM (with view models) in windows applications. Combining MVC with MVVM can make things unnecessarily complicated

Chris Klepeis
  • 9,204
  • 16
  • 80
  • 147
  • I do perform this on my ViewModel. However the ViewModel only holds the username, email and password. So the only things I can check there are if anything was entered at all and if the email address is valid. Using the IsValid method I can't check for duplicate email addresses or users. – b3n Mar 02 '11 at 04:28
  • @b3n - You'll have to create functions for the dup check in your business logic and call that after your IsValid check passes. If the dup check fails then just pass the same view back with the appropriate error message to display to the user - Edit - I see this is what you're doing from the code sample above – Chris Klepeis Mar 02 '11 at 04:32
  • This is pretty much what I am doing now. Does it make sense though to move these methods in my model class and then for example implement the IValidatableObject on my modelclass. Then I can create a User object and call Validate on my user before passing it in to the repository. Then the validation logic would reside in my model class and not the controller anymore. – b3n Mar 02 '11 at 04:37
  • I really don't agree with here. Libraries like knockoutjs/backbone allows creating very usable websites using MVVM and in todays age I can't don't think you can settle for anything less. IMO MVVM is the way forward (even if its slightly more work) and for the same reason I disagree with using your Model layer as your ViewModels. – neebz Mar 02 '11 at 05:22
  • @nEEbz - Thanks for the feedback. As with everything, its a ongoing learning process. I'll take a look into those libraries you referenced. – Chris Klepeis Mar 16 '11 at 18:38
0

As Rob said in the comments, it does depend on the structure of your application. I tend to have a double validation (Validation on my ViewModels as well as validation on my service layer) to ensure that the data that hits the service is valid. This helps because my services get used by multiple clients, but the views and ViewModels are client specific. Front end validations have the advantage of instant feedback, and the backend validations help keep your data clean.

AshtonKJ
  • 1,346
  • 2
  • 14
  • 21
0

My suggestion is - For validation, such as duplicate email address and user name- to keep your validation methods in controller.

Or in your Validation Layer - which will be used in between view model and data layer

for MVC3 you will be able to add methods in controller as a actions using Remote attribute to your property in view model for instant results

swapneel
  • 2,931
  • 1
  • 22
  • 31
0

I would suggest that you do this in Controllers.

The main reason is that whatever the structure of the app be, you would definitely need to use Ajax to notify the user whether the username has already been taken or not. Otherwise it's just bad usability which doesn't justify your code structure.

And for that you would like to have a action method which could ajax-ly see if the username exists or not.

Overall, it does mean you may end up with two sets of validation method (UI and model) but its all for a good cause.

Also to make a good usable site you would definitely be using a Javascript framework like knockoutjs or backbone. Thats true MVVM and in that case having your ViewModels being the Model layer classes (as Chris mentioned) is not a good idea. So basically you'll end up with two sets of validation anyways.

neebz
  • 10,993
  • 6
  • 44
  • 61
  • I do plan to have RemoteValidation on my pages at a future stage. For now I am just trying to understand where I would put the validation duplicate name/email validation. I do too think that viewmodels are cleaner than using domain model classes as they contain more information than needed on the view. – b3n Mar 02 '11 at 06:06
  • Its not just about cleaner code. Sometimes you would need some View Model data at the client side. Json-ing Model classes is big no-no. No matter how you see it, for a better usable website + manageable client-side code, you need to have separate ViewModels. Cheers – neebz Mar 03 '11 at 17:34
0

You should validate in both the View (client-side) and Controller (server-side). If you have MVC 3, you can use the new RemoteAttribute. It uses jQuery to make a server-side call, in which you could check for the existence of a user or email address.

neontapir
  • 4,450
  • 3
  • 35
  • 51