[katello-devel] Apipie and validation.
Dmitri Dolguikh
dmitri at redhat.com
Wed Dec 5 10:11:49 UTC 2012
On 05/12/12 09:07 AM, Petr Chalupa wrote:
> I agree that domain validation/consistency checks belongs to the
> models. Nevertheless definition of the API is other thing entirely. It
> should be defined and validated on its own with re-usage of
> information provided by models (domain) to avoid duplications. It
> should not be delegated to model to deal with it by adding other
> responsibility.
This statement is only valid if we are talking about cross-concerns
(think authentication, security-related stuff, etc). Everything else
will result in duplicated, non-consistent validations. Take a look at
current state of validations in foreman api.
I don't want to be jumping through hoops, and fixing/adding
code/meta-data in multiple places, so just the documentation is
up-to-date. It's a process/organizational issue, and tools do not fix those.
And, once again, validations belong in the model. Let's get rid of
validations in apipie, fix issues we have with domain logic leaking into
controllers.
>
> So I strongly suggest to fix the duplication issue [1] and keep things
> separate.
> * Apipie for API validations.
> * Model validations for domain logic.
>
> ## Fix Apipie
>
> Enable Apipie to read model definitions and validations to set param
> validations automatically for parts of request representing a domain
> model, see [1].
Agree with defining docs based on model (and I would suggest routes).
Disagree with everything else. No point in intercepting validations, the
most you could do in the controller is map exceptions thrown by the
model to http errors/statuses.
>
>
> + api documentation generated from api specification
> + api specification is kept up to date (has to be because validation
> is turned on)
> + api validation/specification is separated from domain validations/logic
>
> ## Remove validations from Apipie
>
> + api documentation generated from api specification
> - api specification is not kept up to date (has to be ensured in an
> extra task)
> - no api validation, it's partially handled by models, errors can be
> ugly, models have another responsibility
Again, tools are not the way to enforce process deficiencies. The last
statement is FUD.
>
>
> [1] - https://github.com/Pajk/apipie-rails/issues/67
>
> ## Other notes
>
> > The second issue is that apipie validations are stricter than AR
> ones: array validation assumes that there's an array in place, while
> AR would accept a nil. These two combined lead to even more false
> positives during apipie validation.
>
> I think be more consistent and strict is a good thing, it prevents
> confusion. Empty Array is an empty Array not a nil.
It's not good, because depending on how you use foreman, you'll get
different results. What's considered valid/correct by foreman proper
should be valid by any other means, period.
-d
>
> Petr
>
> On 04.12.12 22:47, Ivan Necas wrote:
>>
>>
>> ----- Original Message -----
>>> On Tue 04 Dec 2012 05:10:28 AM MST, Dmitri Dolguikh wrote:
>>>> On 03/12/12 09:36 AM, Lukas Zapletal wrote:
>>>>>> Step #1 - let's get rid of controller validations.
>>>>> Again, you can only do this for CRUD actions in the controllers.
>>>>> For all
>>>>> other methods we need validations. And we have those, not all our
>>>>> controllers are plain REST-driven. We do have procedure-like
>>>>> actions.
>>>>> Maybe more then we should have, but this is a fact.
>>>>>
>>>>> You say all the validations should be done in models, thus you
>>>>> essentially say let's put all our code logic there. Because it
>>>>> does not
>>>>> make sense to do validations in models while doing anything else
>>>>> (that
>>>>> also requires some level of validations) in controllers or a logic
>>>>> layer. A fact: you need to do validations also outside of models.
>>>>
>>>> Domain logic belongs in the model layer. We can discuss how to
>>>> better
>>>> factor model layer code, but not where to put it.
>>>>
>>>> -d
>>>>
>>>> A lot of rationalizations to keep validations in apipie have been
>>>> put
>>>> forward, *all* of them attempting to deal with various smells, code
>>>> or
>>>> process ones. Let's fix the root issues.
>>>>
>>>> Again, Let's get rid of validations in apipie. Refactor the
>>>> controllers when needed. If apipie is not useful without those
>>>> validations, let's suspend/stop use of it.
>>
>> Am I reading it correctly you suggesting getting rid of API
>> documentation?
>>
>> -- Ivan
>>
>>>>
>>>> -d
>>>>
>>> +1
>>>>
>>>>>
>>>>> It is wrong to put all your code logic into models. And
>>>>> unfortunately we
>>>>> have most of it there. Rails follows MVC pattern and what we have
>>>>> is
>>>>> those
>>>>> messy Models-for-everything approach. If you mix this with our
>>>>> orchestration, it is deadly combination. Difficult testability,
>>>>> huge
>>>>> objects with no responsibility split, unable to mock things and so
>>>>> on.
>>>>> Code logic in models works well for small projects and it is
>>>>> de-facto
>>>>> standard in Rails world. People just blindly follow this wrong
>>>>> pattern.
>>>>>
>>>>> So I don't agree with this simplification you offer. We will
>>>>> likely
>>>>> start to refactor our orchestration creating new layer of code
>>>>> logic,
>>>>> which is the right approach to do things. And we should move
>>>>> complex
>>>>> methods like activation key subscription from models there. Then
>>>>> we will
>>>>> need validations on the controller side (or on the newly created
>>>>> logic
>>>>> layer or orchestration layer - depends on how are we gonna name
>>>>> it).
>>>>>
>>>>> So yes, it has something to do with REST. My counter proposal is:
>>>>>
>>>>> #2 Let's get rid of validations where they duplicate model
>>>>> validators,
>>>>> but let's keep them for (usually non-CRUD) methods which need
>>>>> then. We
>>>>> will likely be extending those soon.
>>>>>
>>>>
>>>> _______________________________________________
>>>> katello-devel mailing list
>>>> katello-devel at redhat.com
>>>> https://www.redhat.com/mailman/listinfo/katello-devel
>>>
>>>
>>>
>>> --
>>> Jason E. Rist
>>> Senior Software Engineer
>>> Systems Management and Cloud Enablement
>>> Red Hat, Inc.
>>> +1.919.754.4048
>>> Freenode: jrist
>>> github/identi.ca: knowncitizen
>>>
>>> _______________________________________________
>>> katello-devel mailing list
>>> katello-devel at redhat.com
>>> https://www.redhat.com/mailman/listinfo/katello-devel
>>>
>>
>> _______________________________________________
>> katello-devel mailing list
>> katello-devel at redhat.com
>> https://www.redhat.com/mailman/listinfo/katello-devel
>>
>
> _______________________________________________
> katello-devel mailing list
> katello-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/katello-devel
More information about the katello-devel
mailing list