UPDATE - Due to lack of explanation from my side, I've rewritten the post.
What do you think about using Code Contracts to throw exceptions on invalid input? (I'm coding against a contract for my Service which requires the UserName not to be null or contain whitespaces)
MembershipServiceContracts.cs - Located in the service layer in a subfolder
[ContractClassFor(typeof (IMemberShipService))]
internal abstract class MemberShipServiceContracts : IMemberShipService
{
#region IMemberShipService Members
public MembershipCreateStatus CreateUser(string userName, string password, string email)
{
Contract.Requires(!String.IsNullOrWhiteSpace(userName), "Test");
Contract.Requires(!String.IsNullOrWhiteSpace(password));
Contract.Requires(!String.IsNullOrWhiteSpace(email));
return default(MembershipCreateStatus);
}
#endregion
}
MembershipService.cs - Located in my service layer
[ContractClass(typeof (MemberShipServiceContracts))]
public interface IMemberShipService
{
MembershipCreateStatus CreateUser(string userName, string password, string email);
}
public class MemberShipService : IMemberShipService
{
private readonly MembershipProvider _provider;
public MemberShipService()
: this(null)
{ }
public MemberShipService(MembershipProvider provider)
{
_provider = provider ?? Membership.Provider;
}
#region IMemberShipService Members
public MembershipCreateStatus CreateUser(string userName, string password, string email)
{
MembershipCreateStatus status;
_provider.CreateUser(userName, password, email, null, null, true, null, out status);
return status;
}
#endregion
}
AccountController.cs - located at the UI layer
Now this is the interesting part...
Should I use:
[Authorize(Roles = "Developer")]
[HttpPost]
public ActionResult Create(CreateUserViewModel model)
{
if (!String.IsNullOrEmpty(model.UserName))
{
throw new ArgumentException("UserName May not be null or contain only white spaces.", model.UserName);
}
if (!String.IsNullOrEmpty(model.Password))
{
throw new ArgumentException("Password May not be null or contain only white spaces", model.Password);
}
if (!String.IsNullOrEmpty(model.Email))
{
throw new ArgumentException("Email May not be null or contain only white spaces", model.Email);
}
if (!ModelState.IsValid)
{
return Json("Model validation failed");
}
MembershipCreateStatus newUser = _memberShipService.CreateUser(model.UserName, model.Password,
model.Email);
return Json(newUser != MembershipCreateStatus.Success ? "Failed" : "Success");
}
or:
[Authorize(Roles = "Developer")]
[HttpPost]
public ActionResult Create(CreateUserViewModel model)
{
Contract.Requires<ArgumentException>(!String.IsNullOrWhiteSpace(model.UserName),
"UserName May not be null or contain only white spaces.");
Contract.Requires<ArgumentException>(!String.IsNullOrWhiteSpace(model.Password),
"Password May not be null or contain only white spaces");
Contract.Requires<ArgumentException>(!String.IsNullOrWhiteSpace(model.Email),
"Email May not be null or contain only white spaces");
if (!ModelState.IsValid)
{
return Json("Model validation failed");
}
MembershipCreateStatus newUser = _memberShipService.CreateUser(model.UserName, model.Password,
model.Email);
return Json(newUser != MembershipCreateStatus.Success ? "Failed" : "Success");
}
to throw the an exception if the code contracts for the CreateUser() method isnt fulfilled?
Thanks in advance.
A failure in a Code Contract indicates that your code has a serious bug that should be fixed. It doesn't replace validation of user input. Rather, you would first validate your user input, then attempt to process the data if determined to be valid (otherwise prompt the user to re-enter). If you then don't satisfy the target contract with your valid data, then an uncatchable exception will be thrown as you pretty obviously have a bug.
I hoped it would be a silver bullet but quickly realised I still needed my validation. After that, I grew to really love the way code contracts will replace all of my usual guard code.
Think of all the times you would get a NullReferenceException (too many for me!). Code Contracts can take that pain all away.
R.
P.s. Also, don't use contracts to validate security-sensitive data as code contracts can be turned off at runtime...