SlideShare a Scribd company logo

Stop validating user input like a rookie

Download as PPTX, PDF
Roger Pence
Roger Pence

ASNApalooza 2014 session: Stop validating user input like a rookie

1 of 13
Stop validating user input like a rookie Server side data validation using data annotations and the .NET validator class Presented by Tim Daniels We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 1
Server side validation • Takes place during a post back • When the user request requires server resources • Use in conjunction with client side validation • Malicious users can easily bypass client side validation • Client side validation provides a better user experience • A more responsive web page We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 2
Server side validation • A server side validation design pattern; • Validation rules defined at the domain object model level • Each domain entity contains its own specific data validation rules • A validation class that is reusable by all domain objects We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 3
The .Net Validator Class • A helper class for validating objects • Capable of validating all properties of an object • Dependent on data annotation attributes We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 4
The .Net Validator Class • A member of the System.ComponentModel.DataAnnotations name space • A static class • Does not require instantiation • We will utilize the TryValidateObject method • The Details MSDN Validator Class We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 5
The TryValidateObject Method • A public method of the Validator class • Capable of validating all properties of an object • Returns a value of Type: System.Boolean • true if the object validates; otherwise false • The Details • MSDN Validator.TryValidateObject Method We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 6
The TryValidateObject Method • Requires four arguments passed to it; 1. Type: System.Object • The object to Validate 2. Type: ValidationContext Class • The Context that describes the object to validate 3. Type: Collections.Generic.Icollection<ValidationResult> • A Collection to hold each failed validation 4. Type: System.Boolean • true to validate all properties • false only required attributes are validated We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 7
The Object to Validate BegClass CustomerAccess(*Public) begconstructor Access(*Public) endconstructor dclprop Number type(*decimal) access(*public) attributes(Key(), ScaffoldColumn(*false)) dclprop CustomerName type(*string) access(*public) attributes(DisplayAttribute(Name:="Name"), RequiredAttribute(), + StringLengthAttribute(40, ErrorMessage:="Name cannot be longer than 40 characters")) dclprop Address type(*string) access(*public) attributes(DisplayAttribute(Name:="Street Address"), RequiredAttribute()) We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 8
The Validation Context Class • Describes the context in which a validation check is performed • The object to be validated is placed into a context suitable for input to the Validator class • The object to be validated is passed to the constructor of the Validator class • The Details • MSDN Validation Context Class We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 9
The Validation Result Class • Represents a container for the results of a validation request • Properties; • Error Message • The error message associated with the validation • Member Name • The name of the property validated • The Details • MSDN ValidationResult Class We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 10
A Boolean specifies which properties to validate • True • Validate all properties • False • Only required attributes are validated We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 11
Coding the Customer Validator Example First add a reference to this assembly: System.ComponentModel.DataAnnotations Add this using statement: Using System.ComponentModel.DataAnnotations We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 12
Customer Validator Demonstration Unit Test • Visual Studio Test Explorer • Test Validator We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 13

Recommended

Creating custom Validators on Reactive Forms using Angular 6
Creating custom Validators on Reactive Forms using Angular 6Creating custom Validators on Reactive Forms using Angular 6
Creating custom Validators on Reactive Forms using Angular 6AIMDek Technologies
 
Software design with Domain-driven design
Software design with Domain-driven design Software design with Domain-driven design
Software design with Domain-driven design Allan Mangune
 
From the Trenches: Effectively Scaling Your Cloud Infrastructure and Optimizi...
From the Trenches: Effectively Scaling Your Cloud Infrastructure and Optimizi...From the Trenches: Effectively Scaling Your Cloud Infrastructure and Optimizi...
From the Trenches: Effectively Scaling Your Cloud Infrastructure and Optimizi...Allan Mangune
 
Functional REST API testing in ASP.NET Core
Functional REST API testing in ASP.NET CoreFunctional REST API testing in ASP.NET Core
Functional REST API testing in ASP.NET CoreSorin
 
Automated tests to a REST API
Automated tests to a REST APIAutomated tests to a REST API
Automated tests to a REST APILuís Barros Nóbrega
 
Belajar Postman test runner
Belajar Postman test runnerBelajar Postman test runner
Belajar Postman test runnerFachrul Choliluddin
 
Stop coding start testing
Stop coding start testingStop coding start testing
Stop coding start testingPascal Dufour
 
Api Testing
Api TestingApi Testing
Api TestingVishwanath KC
 

Recommended

Creating custom Validators on Reactive Forms using Angular 6
Creating custom Validators on Reactive Forms using Angular 6Creating custom Validators on Reactive Forms using Angular 6
Creating custom Validators on Reactive Forms using Angular 6AIMDek Technologies
 
Software design with Domain-driven design
Software design with Domain-driven design Software design with Domain-driven design
Software design with Domain-driven design Allan Mangune
 
From the Trenches: Effectively Scaling Your Cloud Infrastructure and Optimizi...
From the Trenches: Effectively Scaling Your Cloud Infrastructure and Optimizi...From the Trenches: Effectively Scaling Your Cloud Infrastructure and Optimizi...
From the Trenches: Effectively Scaling Your Cloud Infrastructure and Optimizi...Allan Mangune
 
Functional REST API testing in ASP.NET Core
Functional REST API testing in ASP.NET CoreFunctional REST API testing in ASP.NET Core
Functional REST API testing in ASP.NET CoreSorin
 
Automated tests to a REST API
Automated tests to a REST APIAutomated tests to a REST API
Automated tests to a REST APILuís Barros Nóbrega
 
Belajar Postman test runner
Belajar Postman test runnerBelajar Postman test runner
Belajar Postman test runnerFachrul Choliluddin
 
Stop coding start testing
Stop coding start testingStop coding start testing
Stop coding start testingPascal Dufour
 
Api Testing
Api TestingApi Testing
Api TestingVishwanath KC
 
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
2016 - Easing Your Way Into Docker: Lessons From a Journey to Productiondevopsdaysaustin
 
Test your microservices with REST-Assured
Test your microservices with REST-AssuredTest your microservices with REST-Assured
Test your microservices with REST-AssuredMichel Schudel
 
Test Design and Automation for REST API
Test Design and Automation for REST APITest Design and Automation for REST API
Test Design and Automation for REST APIIvan Katunou
 
REST API testing with SpecFlow
REST API testing with SpecFlowREST API testing with SpecFlow
REST API testing with SpecFlowAiste Stikliute
 
Durable Functions vs Logic App : la guerra dei workflow!!
Durable Functions vs Logic App : la guerra dei workflow!!Durable Functions vs Logic App : la guerra dei workflow!!
Durable Functions vs Logic App : la guerra dei workflow!!Massimo Bonanni
 
2016 - Serverless Microservices on AWS with API Gateway and Lambda
2016 - Serverless Microservices on AWS with API Gateway and Lambda2016 - Serverless Microservices on AWS with API Gateway and Lambda
2016 - Serverless Microservices on AWS with API Gateway and Lambdadevopsdaysaustin
 
Api testing
Api testingApi testing
Api testingtest test
 
How to Automate API Testing
How to Automate API TestingHow to Automate API Testing
How to Automate API TestingBruno Pedro
 
Introduction to APIs & how to automate APIs testing with selenium web driver?
Introduction to APIs & how to automate APIs testing with selenium web driver?Introduction to APIs & how to automate APIs testing with selenium web driver?
Introduction to APIs & how to automate APIs testing with selenium web driver?BugRaptors
 
AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...
AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...
AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...Amazon Web Services
 
Automation testing API in Java
Automation testing API in JavaAutomation testing API in Java
Automation testing API in JavaWix.com
 
Workflow as code with Azure Durable Functions
Workflow as code with Azure Durable FunctionsWorkflow as code with Azure Durable Functions
Workflow as code with Azure Durable FunctionsMassimo Bonanni
 
Connect your SharePoint forms to external sources
Connect your SharePoint forms to external sourcesConnect your SharePoint forms to external sources
Connect your SharePoint forms to external sourcesNimrod Geva
 
API Test Automation Using Karate (Anil Kumar Moka)
API Test Automation Using Karate (Anil Kumar Moka)API Test Automation Using Karate (Anil Kumar Moka)
API Test Automation Using Karate (Anil Kumar Moka)Peter Thomas
 
Welcome Azure Functions 2. 0
Welcome Azure Functions 2. 0Welcome Azure Functions 2. 0
Welcome Azure Functions 2. 0Massimo Bonanni
 
API Testing
API TestingAPI Testing
API TestingBikash Sharma
 
Building trust between modern distributed systems with spiffe
Building trust between modern distributed systems with spiffeBuilding trust between modern distributed systems with spiffe
Building trust between modern distributed systems with spiffeajessup
 
Wax on, wax off
Wax on, wax offWax on, wax off
Wax on, wax offBol.com Techlab
 
Alex Thissen "It depends: loving .NET Core dependency injection or not"
Alex Thissen "It depends: loving .NET Core dependency injection or not"Alex Thissen "It depends: loving .NET Core dependency injection or not"
Alex Thissen "It depends: loving .NET Core dependency injection or not"Fwdays
 
Salesforce winter 16 release
Salesforce winter 16 releaseSalesforce winter 16 release
Salesforce winter 16 releaseJitendra Zaa
 
Introduction to cypress in Angular (Chinese)
Introduction to cypress in Angular (Chinese)Introduction to cypress in Angular (Chinese)
Introduction to cypress in Angular (Chinese)Hong Tat Yew
 
Testing Angular
Testing AngularTesting Angular
Testing AngularLilia Sfaxi
 

More Related Content

What's hot

2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
2016 - Easing Your Way Into Docker: Lessons From a Journey to Productiondevopsdaysaustin
 
Test your microservices with REST-Assured
Test your microservices with REST-AssuredTest your microservices with REST-Assured
Test your microservices with REST-AssuredMichel Schudel
 
Test Design and Automation for REST API
Test Design and Automation for REST APITest Design and Automation for REST API
Test Design and Automation for REST APIIvan Katunou
 
REST API testing with SpecFlow
REST API testing with SpecFlowREST API testing with SpecFlow
REST API testing with SpecFlowAiste Stikliute
 
Durable Functions vs Logic App : la guerra dei workflow!!
Durable Functions vs Logic App : la guerra dei workflow!!Durable Functions vs Logic App : la guerra dei workflow!!
Durable Functions vs Logic App : la guerra dei workflow!!Massimo Bonanni
 
2016 - Serverless Microservices on AWS with API Gateway and Lambda
2016 - Serverless Microservices on AWS with API Gateway and Lambda2016 - Serverless Microservices on AWS with API Gateway and Lambda
2016 - Serverless Microservices on AWS with API Gateway and Lambdadevopsdaysaustin
 
How to Automate API Testing
How to Automate API TestingHow to Automate API Testing
How to Automate API TestingBruno Pedro
 
Introduction to APIs & how to automate APIs testing with selenium web driver?
Introduction to APIs & how to automate APIs testing with selenium web driver?Introduction to APIs & how to automate APIs testing with selenium web driver?
Introduction to APIs & how to automate APIs testing with selenium web driver?BugRaptors
 
AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...
AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...
AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...Amazon Web Services
 
Automation testing API in Java
Automation testing API in JavaAutomation testing API in Java
Automation testing API in JavaWix.com
 
Workflow as code with Azure Durable Functions
Workflow as code with Azure Durable FunctionsWorkflow as code with Azure Durable Functions
Workflow as code with Azure Durable FunctionsMassimo Bonanni
 
Connect your SharePoint forms to external sources
Connect your SharePoint forms to external sourcesConnect your SharePoint forms to external sources
Connect your SharePoint forms to external sourcesNimrod Geva
 
API Test Automation Using Karate (Anil Kumar Moka)
API Test Automation Using Karate (Anil Kumar Moka)API Test Automation Using Karate (Anil Kumar Moka)
API Test Automation Using Karate (Anil Kumar Moka)Peter Thomas
 
Welcome Azure Functions 2. 0
Welcome Azure Functions 2. 0Welcome Azure Functions 2. 0
Welcome Azure Functions 2. 0Massimo Bonanni
 
Building trust between modern distributed systems with spiffe
Building trust between modern distributed systems with spiffeBuilding trust between modern distributed systems with spiffe
Building trust between modern distributed systems with spiffeajessup
 
Alex Thissen "It depends: loving .NET Core dependency injection or not"
Alex Thissen "It depends: loving .NET Core dependency injection or not"Alex Thissen "It depends: loving .NET Core dependency injection or not"
Alex Thissen "It depends: loving .NET Core dependency injection or not"Fwdays
 
Salesforce winter 16 release
Salesforce winter 16 releaseSalesforce winter 16 release
Salesforce winter 16 releaseJitendra Zaa
 

What's hot (20)

2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
2016 - Easing Your Way Into Docker: Lessons From a Journey to Production
 
Test your microservices with REST-Assured
Test your microservices with REST-AssuredTest your microservices with REST-Assured
Test your microservices with REST-Assured
 
Test Design and Automation for REST API
Test Design and Automation for REST APITest Design and Automation for REST API
Test Design and Automation for REST API
 
REST API testing with SpecFlow
REST API testing with SpecFlowREST API testing with SpecFlow
REST API testing with SpecFlow
 
Durable Functions vs Logic App : la guerra dei workflow!!
Durable Functions vs Logic App : la guerra dei workflow!!Durable Functions vs Logic App : la guerra dei workflow!!
Durable Functions vs Logic App : la guerra dei workflow!!
 
2016 - Serverless Microservices on AWS with API Gateway and Lambda
2016 - Serverless Microservices on AWS with API Gateway and Lambda2016 - Serverless Microservices on AWS with API Gateway and Lambda
2016 - Serverless Microservices on AWS with API Gateway and Lambda
 
Api testing
Api testingApi testing
Api testing
 
How to Automate API Testing
How to Automate API TestingHow to Automate API Testing
How to Automate API Testing
 
Introduction to APIs & how to automate APIs testing with selenium web driver?
Introduction to APIs & how to automate APIs testing with selenium web driver?Introduction to APIs & how to automate APIs testing with selenium web driver?
Introduction to APIs & how to automate APIs testing with selenium web driver?
 
AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...
AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...
AWS July Webinar Series: Overview: Build and Manage your APIs with Amazon API...
 
Automation testing API in Java
Automation testing API in JavaAutomation testing API in Java
Automation testing API in Java
 
Workflow as code with Azure Durable Functions
Workflow as code with Azure Durable FunctionsWorkflow as code with Azure Durable Functions
Workflow as code with Azure Durable Functions
 
Connect your SharePoint forms to external sources
Connect your SharePoint forms to external sourcesConnect your SharePoint forms to external sources
Connect your SharePoint forms to external sources
 
API Test Automation Using Karate (Anil Kumar Moka)
API Test Automation Using Karate (Anil Kumar Moka)API Test Automation Using Karate (Anil Kumar Moka)
API Test Automation Using Karate (Anil Kumar Moka)
 
Welcome Azure Functions 2. 0
Welcome Azure Functions 2. 0Welcome Azure Functions 2. 0
Welcome Azure Functions 2. 0
 
API Testing
API TestingAPI Testing
API Testing
 
Building trust between modern distributed systems with spiffe
Building trust between modern distributed systems with spiffeBuilding trust between modern distributed systems with spiffe
Building trust between modern distributed systems with spiffe
 
Wax on, wax off
Wax on, wax offWax on, wax off
Wax on, wax off
 
Alex Thissen "It depends: loving .NET Core dependency injection or not"
Alex Thissen "It depends: loving .NET Core dependency injection or not"Alex Thissen "It depends: loving .NET Core dependency injection or not"
Alex Thissen "It depends: loving .NET Core dependency injection or not"
 
Salesforce winter 16 release
Salesforce winter 16 releaseSalesforce winter 16 release
Salesforce winter 16 release
 

Similar to Stop validating user input like a rookie

Introduction to cypress in Angular (Chinese)
Introduction to cypress in Angular (Chinese)Introduction to cypress in Angular (Chinese)
Introduction to cypress in Angular (Chinese)Hong Tat Yew
 
SFDC Inbound Integrations
SFDC Inbound IntegrationsSFDC Inbound Integrations
SFDC Inbound IntegrationsSujit Kumar
 
React.js - The Dawn of Virtual DOM
React.js - The Dawn of Virtual DOMReact.js - The Dawn of Virtual DOM
React.js - The Dawn of Virtual DOMJimit Shah
 
Deep-Dive to Application Insights
Deep-Dive to Application Insights Deep-Dive to Application Insights
Deep-Dive to Application Insights Gunnar Peipman
 
Using formal testing to make better AVR apps
Using formal testing to make better AVR appsUsing formal testing to make better AVR apps
Using formal testing to make better AVR appsRoger Pence
 
IBM Spectrum Scale Authentication For Object - Deep Dive
IBM Spectrum Scale Authentication For Object - Deep Dive IBM Spectrum Scale Authentication For Object - Deep Dive
IBM Spectrum Scale Authentication For Object - Deep Dive Smita Raut
 
API Testing with Open Source Code and Cucumber
API Testing with Open Source Code and CucumberAPI Testing with Open Source Code and Cucumber
API Testing with Open Source Code and CucumberSmartBear
 
Attributes, reflection, and dynamic programming
Attributes, reflection, and dynamic programmingAttributes, reflection, and dynamic programming
Attributes, reflection, and dynamic programmingLearnNowOnline
 
Unit testing and mocking in Python - PyCon 2018 - Kenya
Unit testing and mocking in Python - PyCon 2018 - KenyaUnit testing and mocking in Python - PyCon 2018 - Kenya
Unit testing and mocking in Python - PyCon 2018 - KenyaErick M'bwana
 
Angular Application Testing
Angular Application TestingAngular Application Testing
Angular Application TestingTroy Miles
 
Building reliable web applications using Cypress
Building reliable web applications using CypressBuilding reliable web applications using Cypress
Building reliable web applications using CypressMaurice De Beijer [MVP]
 
Testing Tools Online Training.pdf
Testing Tools Online Training.pdfTesting Tools Online Training.pdf
Testing Tools Online Training.pdfSpiritsoftsTraining
 
Effective java
Effective javaEffective java
Effective javaEmprovise
 
Functional Testing of RESTful Applications
Functional Testing of RESTful ApplicationsFunctional Testing of RESTful Applications
Functional Testing of RESTful ApplicationsNenad Bozic
 
Implementing Test Automation in Agile Projects
Implementing Test Automation in Agile ProjectsImplementing Test Automation in Agile Projects
Implementing Test Automation in Agile ProjectsMichael Palotas
 
Extreme
ExtremeExtreme
ExtremeESUG
 
Continuous Integration on AWS
Continuous Integration on AWSContinuous Integration on AWS
Continuous Integration on AWSPetar Petrov
 
Getting Started with Serverless Architectures
Getting Started with Serverless ArchitecturesGetting Started with Serverless Architectures
Getting Started with Serverless ArchitecturesAmazon Web Services
 

Similar to Stop validating user input like a rookie (20)

Introduction to cypress in Angular (Chinese)
Introduction to cypress in Angular (Chinese)Introduction to cypress in Angular (Chinese)
Introduction to cypress in Angular (Chinese)
 
Testing Angular
Testing AngularTesting Angular
Testing Angular
 
SFDC Inbound Integrations
SFDC Inbound IntegrationsSFDC Inbound Integrations
SFDC Inbound Integrations
 
React.js - The Dawn of Virtual DOM
React.js - The Dawn of Virtual DOMReact.js - The Dawn of Virtual DOM
React.js - The Dawn of Virtual DOM
 
Deep-Dive to Application Insights
Deep-Dive to Application Insights Deep-Dive to Application Insights
Deep-Dive to Application Insights
 
Using formal testing to make better AVR apps
Using formal testing to make better AVR appsUsing formal testing to make better AVR apps
Using formal testing to make better AVR apps
 
IBM Spectrum Scale Authentication For Object - Deep Dive
IBM Spectrum Scale Authentication For Object - Deep Dive IBM Spectrum Scale Authentication For Object - Deep Dive
IBM Spectrum Scale Authentication For Object - Deep Dive
 
API Testing with Open Source Code and Cucumber
API Testing with Open Source Code and CucumberAPI Testing with Open Source Code and Cucumber
API Testing with Open Source Code and Cucumber
 
Attributes, reflection, and dynamic programming
Attributes, reflection, and dynamic programmingAttributes, reflection, and dynamic programming
Attributes, reflection, and dynamic programming
 
Unit testing and mocking in Python - PyCon 2018 - Kenya
Unit testing and mocking in Python - PyCon 2018 - KenyaUnit testing and mocking in Python - PyCon 2018 - Kenya
Unit testing and mocking in Python - PyCon 2018 - Kenya
 
Angular Application Testing
Angular Application TestingAngular Application Testing
Angular Application Testing
 
Building reliable web applications using Cypress
Building reliable web applications using CypressBuilding reliable web applications using Cypress
Building reliable web applications using Cypress
 
Testing Tools Online Training.pdf
Testing Tools Online Training.pdfTesting Tools Online Training.pdf
Testing Tools Online Training.pdf
 
Effective java
Effective javaEffective java
Effective java
 
Functional Testing of RESTful Applications
Functional Testing of RESTful ApplicationsFunctional Testing of RESTful Applications
Functional Testing of RESTful Applications
 
Implementing Test Automation in Agile Projects
Implementing Test Automation in Agile ProjectsImplementing Test Automation in Agile Projects
Implementing Test Automation in Agile Projects
 
Extreme
ExtremeExtreme
Extreme
 
Continuous Integration on AWS
Continuous Integration on AWSContinuous Integration on AWS
Continuous Integration on AWS
 
Getting Started with Serverless Architectures
Getting Started with Serverless ArchitecturesGetting Started with Serverless Architectures
Getting Started with Serverless Architectures
 
Asp.Net MVC 5 in Arabic
Asp.Net MVC 5 in ArabicAsp.Net MVC 5 in Arabic
Asp.Net MVC 5 in Arabic
 

More from Roger Pence

What's new in AVR 12.0 and VS 2013
What's new in AVR 12.0 and VS 2013What's new in AVR 12.0 and VS 2013
What's new in AVR 12.0 and VS 2013Roger Pence
 
All you know about ASP.NET deployment is wrong!
All you know about ASP.NET deployment is wrong!All you know about ASP.NET deployment is wrong!
All you know about ASP.NET deployment is wrong!Roger Pence
 
Using connection pooling for better AVR Web performance
Using connection pooling for better AVR Web performanceUsing connection pooling for better AVR Web performance
Using connection pooling for better AVR Web performanceRoger Pence
 
Strategic guidance
Strategic guidanceStrategic guidance
Strategic guidanceRoger Pence
 
Fixing an annoying GridView problem
Fixing an annoying GridView problemFixing an annoying GridView problem
Fixing an annoying GridView problemRoger Pence
 

More from Roger Pence (6)

What's new in AVR 12.0 and VS 2013
What's new in AVR 12.0 and VS 2013What's new in AVR 12.0 and VS 2013
What's new in AVR 12.0 and VS 2013
 
All you know about ASP.NET deployment is wrong!
All you know about ASP.NET deployment is wrong!All you know about ASP.NET deployment is wrong!
All you know about ASP.NET deployment is wrong!
 
Browser tools
Browser toolsBrowser tools
Browser tools
 
Using connection pooling for better AVR Web performance
Using connection pooling for better AVR Web performanceUsing connection pooling for better AVR Web performance
Using connection pooling for better AVR Web performance
 
Strategic guidance
Strategic guidanceStrategic guidance
Strategic guidance
 
Fixing an annoying GridView problem
Fixing an annoying GridView problemFixing an annoying GridView problem
Fixing an annoying GridView problem
 

Stop validating user input like a rookie

  • 1. Stop validating user input like a rookie Server side data validation using data annotations and the .NET validator class Presented by Tim Daniels We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 1
  • 2. Server side validation • Takes place during a post back • When the user request requires server resources • Use in conjunction with client side validation • Malicious users can easily bypass client side validation • Client side validation provides a better user experience • A more responsive web page We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 2
  • 3. Server side validation • A server side validation design pattern; • Validation rules defined at the domain object model level • Each domain entity contains its own specific data validation rules • A validation class that is reusable by all domain objects We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 3
  • 4. The .Net Validator Class • A helper class for validating objects • Capable of validating all properties of an object • Dependent on data annotation attributes We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 4
  • 5. The .Net Validator Class • A member of the System.ComponentModel.DataAnnotations name space • A static class • Does not require instantiation • We will utilize the TryValidateObject method • The Details MSDN Validator Class We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 5
  • 6. The TryValidateObject Method • A public method of the Validator class • Capable of validating all properties of an object • Returns a value of Type: System.Boolean • true if the object validates; otherwise false • The Details • MSDN Validator.TryValidateObject Method We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 6
  • 7. The TryValidateObject Method • Requires four arguments passed to it; 1. Type: System.Object • The object to Validate 2. Type: ValidationContext Class • The Context that describes the object to validate 3. Type: Collections.Generic.Icollection<ValidationResult> • A Collection to hold each failed validation 4. Type: System.Boolean • true to validate all properties • false only required attributes are validated We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 7
  • 8. The Object to Validate BegClass CustomerAccess(*Public) begconstructor Access(*Public) endconstructor dclprop Number type(*decimal) access(*public) attributes(Key(), ScaffoldColumn(*false)) dclprop CustomerName type(*string) access(*public) attributes(DisplayAttribute(Name:="Name"), RequiredAttribute(), + StringLengthAttribute(40, ErrorMessage:="Name cannot be longer than 40 characters")) dclprop Address type(*string) access(*public) attributes(DisplayAttribute(Name:="Street Address"), RequiredAttribute()) We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 8
  • 9. The Validation Context Class • Describes the context in which a validation check is performed • The object to be validated is placed into a context suitable for input to the Validator class • The object to be validated is passed to the constructor of the Validator class • The Details • MSDN Validation Context Class We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 9
  • 10. The Validation Result Class • Represents a container for the results of a validation request • Properties; • Error Message • The error message associated with the validation • Member Name • The name of the property validated • The Details • MSDN ValidationResult Class We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 10
  • 11. A Boolean specifies which properties to validate • True • Validate all properties • False • Only required attributes are validated We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 11
  • 12. Coding the Customer Validator Example First add a reference to this assembly: System.ComponentModel.DataAnnotations Add this using statement: Using System.ComponentModel.DataAnnotations We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 12
  • 13. Customer Validator Demonstration Unit Test • Visual Studio Test Explorer • Test Validator We bring IBM i RPG assets forward © 2014 by ASNA. All rights reserved. 13