[Catalyst] Validating single arg id

Bill Moseley moseley at hank.org
Fri Oct 16 13:45:53 GMT 2009

I have a number of methods that start something like this:

sub view : Local Args(1) {
    my ( $self, $c, $id ) =3D @_;

    my $obj =3D $c->model( 'DB::Foo' )->find( $id )
       || return $c->res->status( 404 );

If $id is not valid then I might, as in that example, return with a 404

Of course, if $id is suppose to be an integer and a non-integer or an
integer out of range is provided then the the database will throw an
exception, which I want to prevent.  I want valid ids to return an object
and *anything* else to return undef before hitting the database.

This is pretty low-level validation -- just validating primary key.  For
more complex validation I use a form validation module.

Obviously, I could do something like

return $c->res->status(404) unless $c->model('DB::Foo')->is_valid_id( $id )

in every method, but that's not very DRY.

What I've done in the past is override the find() or search() method in my
model base class so that whatever $id is passed it is validated.  Specific
model classes can override the is_valid_id()  method if they use keys that
are not a common key format (i.e. different integer range or non-integer

What's you approach to validating that $id in situations like this where
there's a single id?

Do you just let the database throw the exception?  I prefer to return 404s
for invalid ids, regardless of their format (and likewise for ids that point
to valid object, but are not owned by the current user instead of a 403).

-- =

Bill Moseley
moseley at hank.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20091016/fd5d5=

More information about the Catalyst mailing list