Welcome Guest, Not a member yet? Register   Sign In
Permissions validation in model? (object belongs to user)
#3

IMO...

Model should only validate data when needed. Meaning, create, edit, delete, restore. Controller should validate, in a basic way, data the *view form* needs. Seems like a small difference, but it's major when you get into the actual application of it.

For example, allow the controller to use the built in form_validation() routine for catching user input issues before you involve a model. If those simple validation rules are met, then you have your model validate the form data against actual/strict expected values.

If you're building a 'Create Support Ticket' form, controller would validate that the title/subject isn't empty and is of some length, that they provided a description, and that they selected a priority. The model would validate that the selected priority is one of those listed in Support_ticket:TongueRIORITY_URGENT, Support_ticket:TongueRIORITY_NORMAL, Support_ticket:TongueRIORITY_LOW. Creating these model constants allows you to use them system wide and not have the actual text values scattered throughout your code base.

I'm aware the built-in validator allows for "in_list[]", but - that's not reusable, and hardly maintainable. It's best to validate those values in a subroutine within your Support_ticket::create() method.

Another use of the constants would be creating a model method like...

PHP Code:
Class Support_ticket extends MY_Model {
    const 
PRIORITY_HIGH 'high';
    const 
PRIORITY_NORMAL 'normal';
    const 
PRIORITY_LOW 'low';

    public function 
__construct($id=NULL) {
        
parent::__construct();
        
$this->loadById($id);
    }

    public function 
create($data_set=[]) {
        if(
TRUE === $this->is_loaded) {
            return 
'Model is already loaded';
        }

        if(
TRUE !== ($validation_result $this->validateDataSet($data_set))) {
            return 
$validation_result;
        }

        
// Create the record

        
return TRUE;
    }

    public function 
isHighPriority() {
        return 
TRUE === $this->is_loaded && static::PRIORITY_HIGH === $this->properties['priority'];
    }

    public function 
validateDataSet($data_set=[]) {
        if(!
is_array($data_set) || empty($data_set)) {
            return 
'Invalid $data_set';
        }

        if(
array_key_exists('priority'$data_set)) {
            if(!
in_array($data_set['priority'], [static::PRIORITY_HIGH, static::PRIORITY_NORMAL, static::PRIORITY_LOW])) {
                return 
'Invalid priority selection';
            }
        }

        return 
TRUE;
    } 
Reply


Messages In This Thread
RE: Permissions validation in model? (object belongs to user) - by SomeGuy - 03-29-2019, 11:31 PM



Theme © iAndrew 2016 - Forum software by © MyBB