[Catalyst] Validating single arg id

J. Shirley jshirley at gmail.com
Fri Oct 16 14:31:35 GMT 2009 

On Fri, Oct 16, 2009 at 6:45 AM, Bill Moseley <moseley at hank.org> wrote:

>
> I have a number of methods that start something like this:
>
> sub view : Local Args(1) {
>     my ( $self, $c, $id ) =3D @_;
>
>     my $obj =3D $c->model( 'DB::Foo' )->find( $id )
>        || return $c->res->status( 404 );
>
> If $id is not valid then I might, as in that example, return with a 404
> status.
>
> Of course, if $id is suppose to be an integer and a non-integer or an
> integer out of range is provided then the the database will throw an
> exception, which I want to prevent.  I want valid ids to return an object
> and *anything* else to return undef before hitting the database.
>
> This is pretty low-level validation -- just validating primary key.  For
> more complex validation I use a form validation module.
>
> Obviously, I could do something like
>
> return $c->res->status(404) unless $c->model('DB::Foo')->is_valid_id( $id=
 )
>
> in every method, but that's not very DRY.
>
> What I've done in the past is override the find() or search() method in my
> model base class so that whatever $id is passed it is validated.  Specific
> model classes can override the is_valid_id()  method if they use keys that
> are not a common key format (i.e. different integer range or non-integer
> key).
>
> What's you approach to validating that $id in situations like this where
> there's a single id?
>
> Do you just let the database throw the exception?  I prefer to return 404s
> for invalid ids, regardless of their format (and likewise for ids that po=
int
> to valid object, but are not owned by the current user instead of a 403).
>
>
>
What database do you use?  In MySQL and SQLite I get no exception at all:

$ perl -Ilib -e 'use MyApp; my $obj =3D
MyApp->model('Schema::User')->find("bogus"); print "defined? " . ( defined
$obj ? "yes" : "no" ) . "\n"';
 no
$

I'd be more inclined to use Try::Tiny and wrap it that way if you're up
against annoying exceptions.

-J
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.scsys.co.uk/pipermail/catalyst/attachments/20091016/d0312=
ffa/attachment.htm

More information about the Catalyst mailing list