Search code examples
c#asp.net-web-apiasp.net-web-api2action-filteractionfilterattribute

Model Validation in Web API

I have to validate three things when a consumer of my API tries to do an update on a customer.

Prevent the customer to be updated if:

  1. The first name or last name are blank

  2. For a certain country, if the customer's inner collection of X is empty, then throw an exception. X is hard to explain, so just assume it's some collection. For all other countries, X doesn't apply / will always be empty. But if it's a certain country, then X is required. So it's almost a conditional required attribute. A customer belongs to a country, so it's figured out from the JSON being sent.

  3. Prevent the customer from being updated if some conditions in the database are true.

So basically i'm stuck with the following problem, and I wanted some advice on the most appropriately way to solve it:

Do I create an Action Filter to do the validation on the customer entity before the saving takes place? Or would it be better to create custom validation attribute derived from ValidationAttribute and override the IsValid member function.

Basically a question of saying if (first name is empty, if x, if y, etc) vs (!ModelState.IsValid)

And then using IsValid to cause the custom attributes to work.

It seems like validation attributes are best for "simple" validation, i.e. required field. But once you start getting into things like "I need to look at my database, or analyze the http request header for custom values, and based on that, invalid = false" then it almost seems wrong to do this sort of stuff so close to the entity.

Thoughts?

Thanks!

Solution

  • I like FluentValidation a lot: https://github.com/JeremySkinner/FluentValidation

    As you mentioned built-in validation attributes are limited. For complex validations you had better implement your own attributes or use a library like this.

    One thing I like about FluentValidation is that it performs at model-level rather than field-level, meaning that you can use related fields' values for validation. For example

    RuleFor(customer => customer.Discount).NotEqual(0).When(customer => customer.HasDiscount);

    (Code excerpt taken from project's Wiki page)

    It's also extensible so you can develop your own custom validators on top of this library as well.