Geek Answers Handbook

Best Practice Authentication in ASP.NET MVC and ADO.NET Entity Framework

I am using ASP.NET MVC and ADO.NET Entity Framework in a project. I want to add validation logic to my objects through partial classes. It works similarly, as shown in the NerdDinner.com ASP.NET MVC Application , which uses LINQ2SQL. The main difference is that I should use the OnPropertyChanging event instead of "OnValidating", as in LINQ2SQL.

There are some problems when doing this: - The "OnPropertyChanging" event is not an optimal point in the call verification logic, since it always fires even when a call is made by the default constructor. This can really cause serious problems (not just performance issues). - Together with the MVC infrastructure, problems arise when using "EntityState.Detached" (I could not find another way) to determine whether to check the object or not. Since the object loses its essence of the object during its display in the view (because a new entity object is created in the POST event instead of returning the original one).

My question is: is there a better way to add validation to ADO.NET objects? I could not find any tutorials using a practical way to add validation to ADO.NET objects.

+3
source share
4 answers

Personally, I did not put a check in the objects themselves. I use the xVal library to handle my authentication.

xVal recommends that you annotate entity classes (or, in fact, related metadata classes) with attributes that describe different validation rules. These validation attributes are standard that come with .NET in System.ComponentModel.DataAnnotations.

You then manually verify your objects at your business level. This is done using a method that runs the System.ComponentModel.DataAnnotations validation logic. I wrote one that looks like this:

/// <summary> /// Gets the validation errors for the passed in object by using reflection to retrieve the /// <see cref="ValidationAttribute"/>s placed on its properties or on the properties of the object's /// metadata class (as specified by a <see cref="MetadataTypeAttribute"/> placed on the object class) /// </summary> /// <param name="instance">The object to validate</param> /// <returns>Any validation errors</returns> /// <remarks> /// Borrowed (and cleaned up) from /// http://goneale.com/2009/03/04/using-metadatatype-attribute-with-aspnet-mvc-xval-validation-framework/ /// </remarks> public static IEnumerable<ErrorInfo> Validate(object instance) { //Try to get the MetadataType attribute from the object MetadataTypeAttribute metadataAttrib = instance.GetType().GetCustomAttributes(typeof(MetadataTypeAttribute), true).OfType<MetadataTypeAttribute>().FirstOrDefault(); //If the MetadataType attribute existed, get the metadata class //else just use the class of the object Type buddyClassOrModelClass = metadataAttrib != null ? metadataAttrib.MetadataClassType : instance.GetType(); IEnumerable<PropertyDescriptor> buddyClassProperties = TypeDescriptor.GetProperties(buddyClassOrModelClass).Cast<PropertyDescriptor>(); IEnumerable<PropertyDescriptor> modelClassProperties = TypeDescriptor.GetProperties(instance.GetType()).Cast<PropertyDescriptor>(); //This query matches each property on the model class against the buddy class //gets a list of all invalid validation attributes and returns a list of //validation errors return from buddyProp in buddyClassProperties join modelProp in modelClassProperties on buddyProp.Name equals modelProp.Name from attribute in buddyProp.Attributes.OfType<ValidationAttribute>() where !attribute.IsValid(modelProp.GetValue(instance)) select new ErrorInfo(buddyProp.Name, attribute.FormatErrorMessage(String.Empty), instance); }

xVal provides a neat type of exception that you can throw that encapsulates validation errors and makes it easy to add them to ModelState in your controller.

xVal will also auto-generate client-side JavaScript form validation code for you using jQuery.Validate by providing the HtmlHelper method.

Check out http://blog.codeville.net/2009/01/10/xval-a-validation-framework-for-aspnet-mvc/ for a walk through using it. I found this to be a very good way to do validation, which is not a complete job. It is suitable for ASP.NET MVC to do something.

+4
source

Personally, I do not use OnXChanging partial. You should have another partial class for the object that did something for this method signature.

I have one centralized save (either using a helper method for this object, or save in the repository template implementation for this object), where I check the values ​​that match my criteria before executing my context.SaveChanges() .

Also, I would not use the onpropertychanging event to check, if I have a centralized save, then I only need to check in one place, I would leave this for certain triggers at other points. (As if the user changed X, update Y)

+1
source

One easy way to validate EF entity objects is to use DataAnnotations in your model classes. There are two obvious advantages to this approach. First, the same validation logic can be reused in many views, such as editing and creating. Another thing is that when data annotations are available in our entity classes, ASP.NET MVC provides the ability to check both on the client side and on the server side outside the box without significant settings and coding.

This http://theminimalistdeveloper.com/2010/07/23/how-to-do-client-side-validation-in-asp-net-mvc-2/ shows the simple steps how this can be achieved in EF 4.0

0
source

You have studied the implementation of IValidatableObject. I am not sure if this answers your question; however, your verification will remain with your domain object.

See the example for more details: How to use the IValidatableObject document?

DataAnnotations are designed to perform common validations; however, if there are complex checks, you can create your own ValidationAttribute or implement an IValidatableObject. If you go this route, you can use a combination of both. I usually do it.

0
source

More articles:


All Articles