I typically resign myself to duplicating validation. I think this is ok (but annoying), because really validation is for a different purpose. UI validation is to help the user make the right choices. API validation is to make sure that requests off the wire make sense. They are often so close that literally the same validation could be used, especially in CRUD scenarios. But I do sometimes find variances where if I had applied DRY it would be harder than just validating separately. It is a fine line. :/
UI Validation does not cover all the validations necessary. So, it's pretty common to have them "redundant" through deeper layers.
Example: "name" is mandatory for the UI to have a quick feedback to the user about his small mistake leaving it empty, but the API almost must have this validation as well. But then, suddenly, a wild mobile app appears, and you need to implement this validation again for offline use!
Yep, it's one of those areas where there are significant trade-offs to set it up in a unified manner. It will be worth it in some cases (especially where you have a lot of different clients) but not in others.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
I typically resign myself to duplicating validation. I think this is ok (but annoying), because really validation is for a different purpose. UI validation is to help the user make the right choices. API validation is to make sure that requests off the wire make sense. They are often so close that literally the same validation could be used, especially in CRUD scenarios. But I do sometimes find variances where if I had applied DRY it would be harder than just validating separately. It is a fine line. :/
Good to hear it's not uncommon to have duplicate validation :) Thanks for sharing your insight.
UI Validation does not cover all the validations necessary. So, it's pretty common to have them "redundant" through deeper layers.
Example: "name" is mandatory for the UI to have a quick feedback to the user about his small mistake leaving it empty, but the API almost must have this validation as well. But then, suddenly, a wild mobile app appears, and you need to implement this validation again for offline use!
Yep, it's one of those areas where there are significant trade-offs to set it up in a unified manner. It will be worth it in some cases (especially where you have a lot of different clients) but not in others.