I have a method in the controller that calls a service, specifically this method that returns quotes for activities. I'm unsure about the correctness of the logic. Is it correct to pass the parameters as UUIDs to the service and then convert them internally to obtain the internal ID? Internally, I work with IDs, while publicly, I expose UUIDs.
Thank you!
public function getQuotes(string $businessUUID, string $businessTypeUUID, array $filters): Collection
{
// Get the internal id from the uuid
$filters['business_id'] = $this->businessService->getBusinessByUUID($businessUUID)->id;
$filters['business_type_id'] = $this->businessTypeService->getBusinessTypeByUUID($businessTypeUUID)->id;
// Retrieve the quotes that match the given filters
$quotes = BusinessQuote::query()->withFilters($filters)->get();
// If no quotes match the given filters
if ($quotes->isEmpty()) {
throw new ModelNotFoundException(__('Quotes not found'));
}
// Return the quotes
return $quotes;
}
Yes, this approach is correct and safe because a chance to guess UUID is currently impossible. Using integer IDs you get better performance than working with UUID internally. Keep in mind, is recommended to use UUID v4 for maximum security.