使用 Asp.net MVC2 RTM 中的可枚举属性进行模型验证
我使用 DataAnnotations 属性来验证我的模型对象。我的模型类看起来与此类似:
public class MyModel
{
[Required]
public string Title { get; set; }
[Required(ErrorMessage = "At least one editor is required.")]
public List<User> Editors { get; set; }
}
public class User
{
public int Id { get; set; }
[Required]
public string FullName { get; set; }
[Required]
[DataType(DataType.Email)]
public string Email { get; set; }
}
我的控制器操作如下所示:
public ActionResult NewItem(MyModel data)
{
if (!this.Model.IsValid)
{
// invalid processing
}
// valid processing
}
向用户呈现一个视图,该视图具有以下形式:
- 带有虚拟名称的文本框,用户在其中输入用户名。对于他们输入的每个用户,都有一个客户端脚本与 ajax 结合使用,为以下对象创建一个
每个用户输入(因此枚举索引并不总是 0,如此处所写),因此默认模型绑定器能够毫无问题地使用和绑定表单。 - 用户输入标题的文本框
由于我使用 Asp.net MVC 2 RTM 进行模型验证而不是输入验证,所以我不知道如何避免验证错误。由于用户提供了 User.Id,因此整个 User 对象实例都会得到验证。这并不困扰我,只要我知道如何排除其他属性的验证即可。
问题是我必须在控制器操作上使用 BindAttribute。我必须提供属性的白名单或黑名单。提供白名单始终是更好的做法。这也更有利于未来。
问题
我的表单工作正常,但我收到有关用户的 FullName 和 Email 属性的验证错误,因为未提供它们。我也不应该将它们提供给客户端(当用户输入用户数据时通过ajax),因为电子邮件是个人联系数据,不会在用户之间共享。
如果 MyModel 上只有一个用户引用,我会写
[Bind(Include = "Title, Editor.Id")]
但是我有它们的枚举。 如何提供Bind白名单来与我的模型一起使用?
一种可能的解决方案是
我可以为User创建一个单独的视图模型输入 MyModel 对象。我会放置实际的验证属性并省略我不需要的属性。
public class MyModelUser
{
[Required]
public int Id { get; set; }
}
I'm using DataAnnotations attributes to validate my model objects. My model class looks similar to this:
public class MyModel
{
[Required]
public string Title { get; set; }
[Required(ErrorMessage = "At least one editor is required.")]
public List<User> Editors { get; set; }
}
public class User
{
public int Id { get; set; }
[Required]
public string FullName { get; set; }
[Required]
[DataType(DataType.Email)]
public string Email { get; set; }
}
My controller action looks like:
public ActionResult NewItem(MyModel data)
{
if (!this.Model.IsValid)
{
// invalid processing
}
// valid processing
}
User is presented with a view that has a form with:
- a text box with dummy name where users enter user's names. For each user they enter, there's a client script coupled with ajax that creates an
<input type="hidden" name="Editors[0].Id" value="userId" />for each user entered (enumeration index is therefore not always 0 as written here), so default model binder is able to consume and bind the form without any problems. - a text box where users enter the title
Since I'm using Asp.net MVC 2 RTM which does model validation instead of input validation I don't know how to avoid validation errors. And since users provide User.Id, the whole User object instance is being validated. Which doesn't bother me, as long I would know how to exclude other properties' validation.
The thing is I have to use BindAttribute on my controller action. I would have to either provide a white or a black list of properties. It's always a better practice to provide a white list. It's also more future proof.
The problem
My form works fine, but I get validation errors about user's FullName and Email properties since they are not provided. I also shouldn't feed them to the client (via ajax when user enters user data), because email is personal contact data and is not shared between users.
If there was just a single user reference on MyModel I would write
[Bind(Include = "Title, Editor.Id")]
But I have an enumeration of them. How do I provide Bind white list to work with my model?
One possible solution
I could create a separate view model for User just for the sake of entering MyModel objects. I would put actual validation attributes and omit properties I don't need.
public class MyModelUser
{
[Required]
public int Id { get; set; }
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
我最终使用了一个单独的视图模型(如我的问题中的一个可能的解决方案中所述),该模型可以得到充分验证。这是一种解决方法,我仍然想知道如何正确执行。
I ended up using a separate view model (as described in One possible solution in my question), that can be fully validated. It's a workaround and I would still like to know how to do it properly.