12:59 p.m.
Hi experts,
Emmanuel asked me to take the lead on the method validation feature,
so be prepared for related questions, API proposals and requests for
feedback via the mailing list :)
The first issue I'd like to discuss is the validation of constructor
arguments. Is this something which we want to support at all? I don't
think there are that many interception solutions which enable
constructor interception at all (for instance CDI interceptors don't,
AFAIK).
So personally I'd be fine with focussing on actual method validation
in BV 1.1, waiting for user demand for constructor validation and
adding it possibly in a later release. WDYT?
If we decide to include constructor validation, should we support the
validation of newly created objects (similar to return value
validation), e.g. like that:
public class Foo {
@Valid
public Foo() {
}
}
Here @Valid would trigger a validation of the newly instantiated Foo
object (whether to use @Valid or another annotation still needs to be
discussed). Any thoughts?
--Gunnar
3:38 p.m.
hi gunnar,
@constructor:
we tried something similar in a project. it worked but it introduced a big
performance issue and we had to remove it again.
regards,
gerhard
http://www.irian.at
Your JSF/JEE powerhouse -
JEE Consulting, Development and
Courses in English and German
Professional Support for Apache MyFaces
2011/11/30 Gunnar Morling <gunnar.morling(a)googlemail.com>
Hi experts,
Emmanuel asked me to take the lead on the method validation feature,
so be prepared for related questions, API proposals and requests for
feedback via the mailing list :)
The first issue I'd like to discuss is the validation of constructor
arguments. Is this something which we want to support at all? I don't
think there are that many interception solutions which enable
constructor interception at all (for instance CDI interceptors don't,
AFAIK).
So personally I'd be fine with focussing on actual method validation
in BV 1.1, waiting for user demand for constructor validation and
adding it possibly in a later release. WDYT?
If we decide to include constructor validation, should we support the
validation of newly created objects (similar to return value
validation), e.g. like that:
public class Foo {
@Valid
public Foo() {
}
}
Here @Valid would trigger a validation of the newly instantiated Foo
object (whether to use @Valid or another annotation still needs to be
discussed). Any thoughts?
--Gunnar
_______________________________________________
beanvalidation-dev mailing list
beanvalidation-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
3:46 p.m.
short addition:
@constructor (validation):
for sure the performance issue only appeared as soon as we started to use
it for classes which get instantiated quite often.
regards,
gerhard
http://www.irian.at
Your JSF/JEE powerhouse -
JEE Consulting, Development and
Courses in English and German
Professional Support for Apache MyFaces
2011/11/30 Gerhard Petracek <gerhard.petracek(a)gmail.com>
hi gunnar,
@constructor:
we tried something similar in a project. it worked but it introduced a big
performance issue and we had to remove it again.
regards,
gerhard
http://www.irian.at
Your JSF/JEE powerhouse -
JEE Consulting, Development and
Courses in English and German
Professional Support for Apache MyFaces
2011/11/30 Gunnar Morling <gunnar.morling(a)googlemail.com>
> Hi experts,
>
> Emmanuel asked me to take the lead on the method validation feature,
> so be prepared for related questions, API proposals and requests for
> feedback via the mailing list :)
>
> The first issue I'd like to discuss is the validation of constructor
> arguments. Is this something which we want to support at all? I don't
> think there are that many interception solutions which enable
> constructor interception at all (for instance CDI interceptors don't,
> AFAIK).
>
> So personally I'd be fine with focussing on actual method validation
> in BV 1.1, waiting for user demand for constructor validation and
> adding it possibly in a later release. WDYT?
>
> If we decide to include constructor validation, should we support the
> validation of newly created objects (similar to return value
> validation), e.g. like that:
>
> public class Foo {
>
> @Valid
> public Foo() {
>
> }
>
> }
>
> Here @Valid would trigger a validation of the newly instantiated Foo
> object (whether to use @Valid or another annotation still needs to be
> discussed). Any thoughts?
>
> --Gunnar
> _______________________________________________
> beanvalidation-dev mailing list
> beanvalidation-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
>
2:34 p.m.
I see your point. I think we should only provide the API for this. How
or for which objects constructor validation is enabled should be
decided by users and/or solutions integrating with BV from my point of
view.
--Gunnar
2011/11/30 Gerhard Petracek <gerhard.petracek(a)gmail.com>:
short addition:
@constructor (validation):
for sure the performance issue only appeared as soon as we started to use it
for classes which get instantiated quite often.
regards,
gerhard
http://www.irian.at
Your JSF/JEE powerhouse -
JEE Consulting, Development and
Courses in English and German
Professional Support for Apache MyFaces
2011/11/30 Gerhard Petracek <gerhard.petracek(a)gmail.com>
>
> hi gunnar,
>
> @constructor:
> we tried something similar in a project. it worked but it introduced a big
> performance issue and we had to remove it again.
>
> regards,
> gerhard
>
> http://www.irian.at
>
> Your JSF/JEE powerhouse -
> JEE Consulting, Development and
> Courses in English and German
>
> Professional Support for Apache MyFaces
>
>
>
>
> 2011/11/30 Gunnar Morling <gunnar.morling(a)googlemail.com>
>>
>> Hi experts,
>>
>> Emmanuel asked me to take the lead on the method validation feature,
>> so be prepared for related questions, API proposals and requests for
>> feedback via the mailing list :)
>>
>> The first issue I'd like to discuss is the validation of constructor
>> arguments. Is this something which we want to support at all? I don't
>> think there are that many interception solutions which enable
>> constructor interception at all (for instance CDI interceptors don't,
>> AFAIK).
>>
>> So personally I'd be fine with focussing on actual method validation
>> in BV 1.1, waiting for user demand for constructor validation and
>> adding it possibly in a later release. WDYT?
>>
>> If we decide to include constructor validation, should we support the
>> validation of newly created objects (similar to return value
>> validation), e.g. like that:
>>
>> public class Foo {
>>
>> @Valid
>> public Foo() {
>>
>> }
>>
>> }
>>
>> Here @Valid would trigger a validation of the newly instantiated Foo
>> object (whether to use @Valid or another annotation still needs to be
>> discussed). Any thoughts?
>>
>> --Gunnar
>> _______________________________________________
>> beanvalidation-dev mailing list
>> beanvalidation-dev(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
>
>
_______________________________________________
beanvalidation-dev mailing list
beanvalidation-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
10:09 p.m.
Supporting constructor parameter validation as well as validation of
parameters of methods not part of an interface requires some sort of
byte code enhancements and cannot be done via JDK proxying.
So if we find a sufficient solution how to achieve method parameter
validation without JDK proxies I do not see why we should not support
constructor parameter validation too.
Regards,
Seb
On 30.11.2011 19:59, Gunnar Morling wrote:
Hi experts,
Emmanuel asked me to take the lead on the method validation feature,
so be prepared for related questions, API proposals and requests for
feedback via the mailing list :)
The first issue I'd like to discuss is the validation of constructor
arguments. Is this something which we want to support at all? I don't
think there are that many interception solutions which enable
constructor interception at all (for instance CDI interceptors don't,
AFAIK).
So personally I'd be fine with focussing on actual method validation
in BV 1.1, waiting for user demand for constructor validation and
adding it possibly in a later release. WDYT?
If we decide to include constructor validation, should we support the
validation of newly created objects (similar to return value
validation), e.g. like that:
public class Foo {
@Valid
public Foo() {
}
}
Here @Valid would trigger a validation of the newly instantiated Foo
object (whether to use @Valid or another annotation still needs to be
discussed). Any thoughts?
--Gunnar
_______________________________________________
beanvalidation-dev mailing list
beanvalidation-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
2:32 p.m.
Hi Sebastian,
is this really something which we should consider in BV?
From my point of view we should only provide an API for
method/constructor validation (by adding
Validator#validateMethodParameters() for instance), but we shouldn't
provide a trigger/hook executing this validation. I'd see this as the
responsibility of technologies integrating with BV (similar to the
existing validate() methods which are invoked by JSF/JPA if
applicable).
So whether method validation is triggered via a proxy, CDI/Spring AOP
interceptor etc. should be transparent for BV IMO.
I wasn't sure about whether there is an actual need for constructor
validation, but Emmanuel's answer about JAX-RS confirmed that need :)
--Gunnar
2011/12/1 Sebastian Thomschke <sebastian.thomschke(a)web.de>:
Supporting constructor parameter validation as well as validation of
parameters of methods not part of an interface requires some sort of
byte code enhancements and cannot be done via JDK proxying.
So if we find a sufficient solution how to achieve method parameter
validation without JDK proxies I do not see why we should not support
constructor parameter validation too.
Regards,
Seb
On 30.11.2011 19:59, Gunnar Morling wrote:
> Hi experts,
>
> Emmanuel asked me to take the lead on the method validation feature,
> so be prepared for related questions, API proposals and requests for
> feedback via the mailing list :)
>
> The first issue I'd like to discuss is the validation of constructor
> arguments. Is this something which we want to support at all? I don't
> think there are that many interception solutions which enable
> constructor interception at all (for instance CDI interceptors don't,
> AFAIK).
>
> So personally I'd be fine with focussing on actual method validation
> in BV 1.1, waiting for user demand for constructor validation and
> adding it possibly in a later release. WDYT?
>
> If we decide to include constructor validation, should we support the
> validation of newly created objects (similar to return value
> validation), e.g. like that:
>
> public class Foo {
>
> @Valid
> public Foo() {
>
> }
>
> }
>
> Here @Valid would trigger a validation of the newly instantiated Foo
> object (whether to use @Valid or another annotation still needs to be
> discussed). Any thoughts?
>
> --Gunnar
> _______________________________________________
> beanvalidation-dev mailing list
> beanvalidation-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
_______________________________________________
beanvalidation-dev mailing list
beanvalidation-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
2:48 p.m.
Ok gotcha.Maybe we should make it clear in the specs that adding
parameter constraints does not necessarily mean when such a
constructor/method is invoked from somewhere in unmanaged code that an
instant validation will happen, but that the time of validation and if a
validation happens at all depends on the validator implementation.
Regards,
Seb
On 01.12.2011 21:32, Gunnar Morling wrote:
Hi Sebastian,
is this really something which we should consider in BV?
> From my point of view we should only provide an API for
method/constructor validation (by adding
Validator#validateMethodParameters() for instance), but we shouldn't
provide a trigger/hook executing this validation. I'd see this as the
responsibility of technologies integrating with BV (similar to the
existing validate() methods which are invoked by JSF/JPA if
applicable).
So whether method validation is triggered via a proxy, CDI/Spring AOP
interceptor etc. should be transparent for BV IMO.
I wasn't sure about whether there is an actual need for constructor
validation, but Emmanuel's answer about JAX-RS confirmed that need :)
--Gunnar
2011/12/1 Sebastian Thomschke<sebastian.thomschke(a)web.de>:
> Supporting constructor parameter validation as well as validation of
> parameters of methods not part of an interface requires some sort of
> byte code enhancements and cannot be done via JDK proxying.
> So if we find a sufficient solution how to achieve method parameter
> validation without JDK proxies I do not see why we should not support
> constructor parameter validation too.
>
> Regards,
> Seb
>
> On 30.11.2011 19:59, Gunnar Morling wrote:
>> Hi experts,
>>
>> Emmanuel asked me to take the lead on the method validation feature,
>> so be prepared for related questions, API proposals and requests for
>> feedback via the mailing list :)
>>
>> The first issue I'd like to discuss is the validation of constructor
>> arguments. Is this something which we want to support at all? I don't
>> think there are that many interception solutions which enable
>> constructor interception at all (for instance CDI interceptors don't,
>> AFAIK).
>>
>> So personally I'd be fine with focussing on actual method validation
>> in BV 1.1, waiting for user demand for constructor validation and
>> adding it possibly in a later release. WDYT?
>>
>> If we decide to include constructor validation, should we support the
>> validation of newly created objects (similar to return value
>> validation), e.g. like that:
>>
>> public class Foo {
>>
>> @Valid
>> public Foo() {
>>
>> }
>>
>> }
>>
>> Here @Valid would trigger a validation of the newly instantiated Foo
>> object (whether to use @Valid or another annotation still needs to be
>> discussed). Any thoughts?
>>
>> --Gunnar
>> _______________________________________________
>> beanvalidation-dev mailing list
>> beanvalidation-dev(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
> _______________________________________________
> beanvalidation-dev mailing list
> beanvalidation-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
_______________________________________________
beanvalidation-dev mailing list
beanvalidation-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
4:53 p.m.
Yes. That concerns me a bit to be honest especially when more technologies will offer BV
integrations. We need to think this through before opening pandora's box even more :)
On 1 déc. 2011, at 21:48, Sebastian Thomschke <sebastian.thomschke(a)web.de> wrote:
Ok gotcha.Maybe we should make it clear in the specs that adding
parameter constraints does not necessarily mean when such a
constructor/method is invoked from somewhere in unmanaged code that an
instant validation will happen, but that the time of validation and if a
validation happens at all depends on the validator implementation.
Regards,
Seb
On 01.12.2011 21:32, Gunnar Morling wrote:
> Hi Sebastian,
>
> is this really something which we should consider in BV?
>
>> From my point of view we should only provide an API for
> method/constructor validation (by adding
> Validator#validateMethodParameters() for instance), but we shouldn't
> provide a trigger/hook executing this validation. I'd see this as the
> responsibility of technologies integrating with BV (similar to the
> existing validate() methods which are invoked by JSF/JPA if
> applicable).
>
> So whether method validation is triggered via a proxy, CDI/Spring AOP
> interceptor etc. should be transparent for BV IMO.
>
> I wasn't sure about whether there is an actual need for constructor
> validation, but Emmanuel's answer about JAX-RS confirmed that need :)
>
> --Gunnar
>
>
> 2011/12/1 Sebastian Thomschke<sebastian.thomschke(a)web.de>:
>> Supporting constructor parameter validation as well as validation of
>> parameters of methods not part of an interface requires some sort of
>> byte code enhancements and cannot be done via JDK proxying.
>> So if we find a sufficient solution how to achieve method parameter
>> validation without JDK proxies I do not see why we should not support
>> constructor parameter validation too.
>>
>> Regards,
>> Seb
>>
>> On 30.11.2011 19:59, Gunnar Morling wrote:
>>> Hi experts,
>>>
>>> Emmanuel asked me to take the lead on the method validation feature,
>>> so be prepared for related questions, API proposals and requests for
>>> feedback via the mailing list :)
>>>
>>> The first issue I'd like to discuss is the validation of constructor
>>> arguments. Is this something which we want to support at all? I don't
>>> think there are that many interception solutions which enable
>>> constructor interception at all (for instance CDI interceptors don't,
>>> AFAIK).
>>>
>>> So personally I'd be fine with focussing on actual method validation
>>> in BV 1.1, waiting for user demand for constructor validation and
>>> adding it possibly in a later release. WDYT?
>>>
>>> If we decide to include constructor validation, should we support the
>>> validation of newly created objects (similar to return value
>>> validation), e.g. like that:
>>>
>>> public class Foo {
>>>
>>> @Valid
>>> public Foo() {
>>>
>>> }
>>>
>>> }
>>>
>>> Here @Valid would trigger a validation of the newly instantiated Foo
>>> object (whether to use @Valid or another annotation still needs to be
>>> discussed). Any thoughts?
>>>
>>> --Gunnar
>>> _______________________________________________
>>> beanvalidation-dev mailing list
>>> beanvalidation-dev(a)lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
>> _______________________________________________
>> beanvalidation-dev mailing list
>> beanvalidation-dev(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
> _______________________________________________
> beanvalidation-dev mailing list
> beanvalidation-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
_______________________________________________
beanvalidation-dev mailing list
beanvalidation-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
3:25 p.m.
Yes, I see. I'm not really sure, what we can do about this except
making this very clear in the spec/documentation.
After all it's the same thing with "normal" constraints, such as
property constraints. Only adding a constraint to a property doesn't
cause it to be validated automatically.
Or did you have something else in mind?
2011/12/1 Emmanuel Bernard <emmanuel(a)hibernate.org>:
Yes. That concerns me a bit to be honest especially when more
technologies will offer BV integrations. We need to think this through before opening
pandora's box even more :)
On 1 déc. 2011, at 21:48, Sebastian Thomschke <sebastian.thomschke(a)web.de> wrote:
> Ok gotcha.Maybe we should make it clear in the specs that adding
> parameter constraints does not necessarily mean when such a
> constructor/method is invoked from somewhere in unmanaged code that an
> instant validation will happen, but that the time of validation and if a
> validation happens at all depends on the validator implementation.
>
> Regards,
> Seb
>
> On 01.12.2011 21:32, Gunnar Morling wrote:
>> Hi Sebastian,
>>
>> is this really something which we should consider in BV?
>>
>>> From my point of view we should only provide an API for
>> method/constructor validation (by adding
>> Validator#validateMethodParameters() for instance), but we shouldn't
>> provide a trigger/hook executing this validation. I'd see this as the
>> responsibility of technologies integrating with BV (similar to the
>> existing validate() methods which are invoked by JSF/JPA if
>> applicable).
>>
>> So whether method validation is triggered via a proxy, CDI/Spring AOP
>> interceptor etc. should be transparent for BV IMO.
>>
>> I wasn't sure about whether there is an actual need for constructor
>> validation, but Emmanuel's answer about JAX-RS confirmed that need :)
>>
>> --Gunnar
>>
>>
>> 2011/12/1 Sebastian Thomschke<sebastian.thomschke(a)web.de>:
>>> Supporting constructor parameter validation as well as validation of
>>> parameters of methods not part of an interface requires some sort of
>>> byte code enhancements and cannot be done via JDK proxying.
>>> So if we find a sufficient solution how to achieve method parameter
>>> validation without JDK proxies I do not see why we should not support
>>> constructor parameter validation too.
>>>
>>> Regards,
>>> Seb
>>>
>>> On 30.11.2011 19:59, Gunnar Morling wrote:
>>>> Hi experts,
>>>>
>>>> Emmanuel asked me to take the lead on the method validation feature,
>>>> so be prepared for related questions, API proposals and requests for
>>>> feedback via the mailing list :)
>>>>
>>>> The first issue I'd like to discuss is the validation of constructor
>>>> arguments. Is this something which we want to support at all? I
don't
>>>> think there are that many interception solutions which enable
>>>> constructor interception at all (for instance CDI interceptors
don't,
>>>> AFAIK).
>>>>
>>>> So personally I'd be fine with focussing on actual method validation
>>>> in BV 1.1, waiting for user demand for constructor validation and
>>>> adding it possibly in a later release. WDYT?
>>>>
>>>> If we decide to include constructor validation, should we support the
>>>> validation of newly created objects (similar to return value
>>>> validation), e.g. like that:
>>>>
>>>> public class Foo {
>>>>
>>>> @Valid
>>>> public Foo() {
>>>>
>>>> }
>>>>
>>>> }
>>>>
>>>> Here @Valid would trigger a validation of the newly instantiated Foo
>>>> object (whether to use @Valid or another annotation still needs to be
>>>> discussed). Any thoughts?
>>>>
>>>> --Gunnar
>>>> _______________________________________________
>>>> beanvalidation-dev mailing list
>>>> beanvalidation-dev(a)lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
>>> _______________________________________________
>>> beanvalidation-dev mailing list
>>> beanvalidation-dev(a)lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
>> _______________________________________________
>> beanvalidation-dev mailing list
>> beanvalidation-dev(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
>
> _______________________________________________
> beanvalidation-dev mailing list
> beanvalidation-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
_______________________________________________
beanvalidation-dev mailing list
beanvalidation-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
3:42 p.m.
+1
regards,
gerhard
2011/12/2 Gunnar Morling <gunnar.morling(a)googlemail.com>
Yes, I see. I'm not really sure, what we can do about this
except
making this very clear in the spec/documentation.
After all it's the same thing with "normal" constraints, such as
property constraints. Only adding a constraint to a property doesn't
cause it to be validated automatically.
Or did you have something else in mind?
2011/12/1 Emmanuel Bernard <emmanuel(a)hibernate.org>:
> Yes. That concerns me a bit to be honest especially when more
technologies will offer BV integrations. We need to think this through
before opening pandora's box even more :)
>
> On 1 déc. 2011, at 21:48, Sebastian Thomschke <
sebastian.thomschke(a)web.de> wrote:
>
>> Ok gotcha.Maybe we should make it clear in the specs that adding
>> parameter constraints does not necessarily mean when such a
>> constructor/method is invoked from somewhere in unmanaged code that an
>> instant validation will happen, but that the time of validation and if a
>> validation happens at all depends on the validator implementation.
>>
>> Regards,
>> Seb
>>
>> On 01.12.2011 21:32, Gunnar Morling wrote:
>>> Hi Sebastian,
>>>
>>> is this really something which we should consider in BV?
>>>
>>>> From my point of view we should only provide an API for
>>> method/constructor validation (by adding
>>> Validator#validateMethodParameters() for instance), but we shouldn't
>>> provide a trigger/hook executing this validation. I'd see this as the
>>> responsibility of technologies integrating with BV (similar to the
>>> existing validate() methods which are invoked by JSF/JPA if
>>> applicable).
>>>
>>> So whether method validation is triggered via a proxy, CDI/Spring AOP
>>> interceptor etc. should be transparent for BV IMO.
>>>
>>> I wasn't sure about whether there is an actual need for constructor
>>> validation, but Emmanuel's answer about JAX-RS confirmed that need :)
>>>
>>> --Gunnar
>>>
>>>
>>> 2011/12/1 Sebastian Thomschke<sebastian.thomschke(a)web.de>:
>>>> Supporting constructor parameter validation as well as validation of
>>>> parameters of methods not part of an interface requires some sort of
>>>> byte code enhancements and cannot be done via JDK proxying.
>>>> So if we find a sufficient solution how to achieve method parameter
>>>> validation without JDK proxies I do not see why we should not support
>>>> constructor parameter validation too.
>>>>
>>>> Regards,
>>>> Seb
>>>>
>>>> On 30.11.2011 19:59, Gunnar Morling wrote:
>>>>> Hi experts,
>>>>>
>>>>> Emmanuel asked me to take the lead on the method validation
feature,
>>>>> so be prepared for related questions, API proposals and requests
for
>>>>> feedback via the mailing list :)
>>>>>
>>>>> The first issue I'd like to discuss is the validation of
constructor
>>>>> arguments. Is this something which we want to support at all? I
don't
>>>>> think there are that many interception solutions which enable
>>>>> constructor interception at all (for instance CDI interceptors
don't,
>>>>> AFAIK).
>>>>>
>>>>> So personally I'd be fine with focussing on actual method
validation
>>>>> in BV 1.1, waiting for user demand for constructor validation and
>>>>> adding it possibly in a later release. WDYT?
>>>>>
>>>>> If we decide to include constructor validation, should we support
the
>>>>> validation of newly created objects (similar to return value
>>>>> validation), e.g. like that:
>>>>>
>>>>> public class Foo {
>>>>>
>>>>> @Valid
>>>>> public Foo() {
>>>>>
>>>>> }
>>>>>
>>>>> }
>>>>>
>>>>> Here @Valid would trigger a validation of the newly instantiated
Foo
>>>>> object (whether to use @Valid or another annotation still needs to
be
>>>>> discussed). Any thoughts?
>>>>>
>>>>> --Gunnar
>>>>> _______________________________________________
>>>>> beanvalidation-dev mailing list
>>>>> beanvalidation-dev(a)lists.jboss.org
>>>>> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
>>>> _______________________________________________
>>>> beanvalidation-dev mailing list
>>>> beanvalidation-dev(a)lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
>>> _______________________________________________
>>> beanvalidation-dev mailing list
>>> beanvalidation-dev(a)lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
>>
>> _______________________________________________
>> beanvalidation-dev mailing list
>> beanvalidation-dev(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
>
> _______________________________________________
> beanvalidation-dev mailing list
> beanvalidation-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
_______________________________________________
beanvalidation-dev mailing list
beanvalidation-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
5:28 p.m.
Constraints you add to a property are constraints that are used to
determine an object's state (valid or invalid).
Constraints you add to parameters are preconditions and must be
satisfied before the method body is allowed to be executed. So yes, I
think there is a semantic difference.
Now the question is in which cases are those preconditions evaluated?
When you manually invoke the method somewhere in your code or only when
the method is invoked explicitly via e.g. a DI framework that itself
utilizes BV.
As long as this is addressed in the specs I'm fine.
In OVal for example preconditions are only evaluated automatically when
your project is setup for programming by contract correctly as
documented here:
http://oval.sourceforge.net/userguide.html#programming-by-contract
Other interesting aspects regarding constructor/method validation that
should be addressed are:
- do we support parameters on static methods?
- which visibilities do we support? public, private, package, protected?
all?
- inheritance: you pass a java.lang.Method object of class A to
validateMethodParameters() and an object of class B extending class A
which overrides this method. Which constraints are checked, the ones of
the method declared on class A, the ones declared on the method of class
B or the sum of the methods in A & B?
- When you add a method return value constraint to a parameterized
method and you do Validator.validate(object), thoses constraints are not
evaluated. But when you add a constraint to a getter-style method (which
also looks and actually is a method return value constraint). They are
evaluated by Validator.validate(object). What if someone wants to add a
method return value constraint to a getter-style method, that is not
evaluated when Validator.validate(object) is executed but after the
method itself has been invoked? In OVal you have to explicitely add the
@IsInvariant annotation to getter methods if their constraints should be
evaluated too when Validator.validate(object) is executed. If so, OVal
will invoke the getter and test the returned value against the
constraints specified.
Regards,
Seb
On 02.12.2011 22:25, Gunnar Morling wrote:
Yes, I see. I'm not really sure, what we can do about this
except
making this very clear in the spec/documentation.
After all it's the same thing with "normal" constraints, such as
property constraints. Only adding a constraint to a property doesn't
cause it to be validated automatically.
Or did you have something else in mind?
2011/12/1 Emmanuel Bernard<emmanuel(a)hibernate.org>:
> Yes. That concerns me a bit to be honest especially when more technologies will offer
BV integrations. We need to think this through before opening pandora's box even more
:)
>
> On 1 déc. 2011, at 21:48, Sebastian Thomschke<sebastian.thomschke(a)web.de>
wrote:
>
>> Ok gotcha.Maybe we should make it clear in the specs that adding
>> parameter constraints does not necessarily mean when such a
>> constructor/method is invoked from somewhere in unmanaged code that an
>> instant validation will happen, but that the time of validation and if a
>> validation happens at all depends on the validator implementation.
>>
>> Regards,
>> Seb
>>
>> On 01.12.2011 21:32, Gunnar Morling wrote:
>>> Hi Sebastian,
>>>
>>> is this really something which we should consider in BV?
>>>
>>>> From my point of view we should only provide an API for
>>> method/constructor validation (by adding
>>> Validator#validateMethodParameters() for instance), but we shouldn't
>>> provide a trigger/hook executing this validation. I'd see this as the
>>> responsibility of technologies integrating with BV (similar to the
>>> existing validate() methods which are invoked by JSF/JPA if
>>> applicable).
>>>
>>> So whether method validation is triggered via a proxy, CDI/Spring AOP
>>> interceptor etc. should be transparent for BV IMO.
>>>
>>> I wasn't sure about whether there is an actual need for constructor
>>> validation, but Emmanuel's answer about JAX-RS confirmed that need :)
>>>
>>> --Gunnar
>>>
>>>
>>> 2011/12/1 Sebastian Thomschke<sebastian.thomschke(a)web.de>:
>>>> Supporting constructor parameter validation as well as validation of
>>>> parameters of methods not part of an interface requires some sort of
>>>> byte code enhancements and cannot be done via JDK proxying.
>>>> So if we find a sufficient solution how to achieve method parameter
>>>> validation without JDK proxies I do not see why we should not support
>>>> constructor parameter validation too.
>>>>
>>>> Regards,
>>>> Seb
>>>>
>>>> On 30.11.2011 19:59, Gunnar Morling wrote:
>>>>> Hi experts,
>>>>>
>>>>> Emmanuel asked me to take the lead on the method validation feature,
>>>>> so be prepared for related questions, API proposals and requests for
>>>>> feedback via the mailing list :)
>>>>>
>>>>> The first issue I'd like to discuss is the validation of
constructor
>>>>> arguments. Is this something which we want to support at all? I
don't
>>>>> think there are that many interception solutions which enable
>>>>> constructor interception at all (for instance CDI interceptors
don't,
>>>>> AFAIK).
>>>>>
>>>>> So personally I'd be fine with focussing on actual method
validation
>>>>> in BV 1.1, waiting for user demand for constructor validation and
>>>>> adding it possibly in a later release. WDYT?
>>>>>
>>>>> If we decide to include constructor validation, should we support
the
>>>>> validation of newly created objects (similar to return value
>>>>> validation), e.g. like that:
>>>>>
>>>>> public class Foo {
>>>>>
>>>>> @Valid
>>>>> public Foo() {
>>>>>
>>>>> }
>>>>>
>>>>> }
>>>>>
>>>>> Here @Valid would trigger a validation of the newly instantiated Foo
>>>>> object (whether to use @Valid or another annotation still needs to
be
>>>>> discussed). Any thoughts?
>>>>>
>>>>> --Gunnar
>>>>> _______________________________________________
>>>>> beanvalidation-dev mailing list
>>>>> beanvalidation-dev(a)lists.jboss.org
>>>>> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
>>>> _______________________________________________
>>>> beanvalidation-dev mailing list
>>>> beanvalidation-dev(a)lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
>>> _______________________________________________
>>> beanvalidation-dev mailing list
>>> beanvalidation-dev(a)lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
>> _______________________________________________
>> beanvalidation-dev mailing list
>> beanvalidation-dev(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
> _______________________________________________
> beanvalidation-dev mailing list
> beanvalidation-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
_______________________________________________
beanvalidation-dev mailing list
beanvalidation-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
9:50 a.m.
Hi Sebastian,
thanks for your message. You're raising a couple of important points
here. Some answers inline.
--Gunnar
[1]
http://docs.jboss.org/hibernate/stable/validator/reference/en-US/html_sin...
2011/12/3 Sebastian Thomschke <sebastian.thomschke(a)web.de>:
Constraints you add to a property are constraints that are used to
determine an object's state (valid or invalid).
Constraints you add to parameters are preconditions and must be
satisfied before the method body is allowed to be executed. So yes, I
think there is a semantic difference.
Now the question is in which cases are those preconditions evaluated?
When you manually invoke the method somewhere in your code or only when
the method is invoked explicitly via e.g. a DI framework that itself
utilizes BV.
As long as this is addressed in the specs I'm fine.
In OVal for example preconditions are only evaluated automatically when
your project is setup for programming by contract correctly as
documented here:
http://oval.sourceforge.net/userguide.html#programming-by-contract
Other interesting aspects regarding constructor/method validation that
should be addressed are:
- do we support parameters on static methods?
Personally I don't think we should. Static members are excluded for
standard bean validation (see section 3.1), and I think we should be
consistent with that for method validation (or remove that restriction
also for standard validation).
- which visibilities do we support? public, private, package,
protected?
all?
Is there any reason to limit this? If not, I wouldn't restrict the
supported visibility from the Bean Validation side. I think this
mainly depends on how method validation is integrated.
As validation is typically triggered by some container, only "managed"
method invocations can usually be validated, i.e. methods invoked by
other managed beans, but not directly invoked private methods.
If OTOH someone builds an integration of the method validation feature
using AOP/byte code manipulation, I guess also private methods
wouldn't be a problem.
- inheritance: you pass a java.lang.Method object of class A to
validateMethodParameters() and an object of class B extending class A
which overrides this method. Which constraints are checked, the ones of
the method declared on class A, the ones declared on the method of class
B or the sum of the methods in A & B?
That's a very good question.
In fact in Hibernate Validator we don't support parameter constraints
in overriding methods at all (so if A#foo() has parameter constraints,
B#foo() must not declare any parameter constraints), as this
represents a strengthening of preconditions in sub-types for clients
of A, which violates the Liskov substitution principle. Some more
reasoning can be found in the HV reference guide in section 8.3.1.1
[1].
I'm preferring this approach, though it is rather conservate. Some
"programming by contract" solutions deal with this by OR-ing the
preconditions in a method's hierarchy (so an invocation would be
valid, if the constraints at A#foo() OR B#foo() are satisfied),
actually applying the "weakest" contract in the hierarchy. How is this
done in OVal? And does anyone know how it is in Apache BVAL?
- When you add a method return value constraint to a parameterized
method and you do Validator.validate(object), thoses constraints are not
evaluated. But when you add a constraint to a getter-style method (which
also looks and actually is a method return value constraint). They are
evaluated by Validator.validate(object). What if someone wants to add a
method return value constraint to a getter-style method, that is not
evaluated when Validator.validate(object) is executed but after the
method itself has been invoked? In OVal you have to explicitely add the
@IsInvariant annotation to getter methods if their constraints should be
evaluated too when Validator.validate(object) is executed. If so, OVal
will invoke the getter and test the returned value against the
constraints specified.
Personally I'd say getters are methods such as any other methods, too.
So if a getter method is invoked one some bean generally qualifying
for method validation (however that is decided by the method
validation integration layer) the method's constraints should be
validated in the same way as any other method constraints. If the bean
is validated using Validator#validate(), the getter method's
constraints should be handled as property constraints as it's the case
today IMO.
Regards,
Seb
On 02.12.2011 22:25, Gunnar Morling wrote:
> Yes, I see. I'm not really sure, what we can do about this except
> making this very clear in the spec/documentation.
>
> After all it's the same thing with "normal" constraints, such as
> property constraints. Only adding a constraint to a property doesn't
> cause it to be validated automatically.
>
> Or did you have something else in mind?
>
>
> 2011/12/1 Emmanuel Bernard<emmanuel(a)hibernate.org>:
>> Yes. That concerns me a bit to be honest especially when more technologies will
offer BV integrations. We need to think this through before opening pandora's box even
more :)
>>
>> On 1 déc. 2011, at 21:48, Sebastian Thomschke<sebastian.thomschke(a)web.de>
wrote:
>>
>>> Ok gotcha.Maybe we should make it clear in the specs that adding
>>> parameter constraints does not necessarily mean when such a
>>> constructor/method is invoked from somewhere in unmanaged code that an
>>> instant validation will happen, but that the time of validation and if a
>>> validation happens at all depends on the validator implementation.
>>>
>>> Regards,
>>> Seb
>>>
>>> On 01.12.2011 21:32, Gunnar Morling wrote:
>>>> Hi Sebastian,
>>>>
>>>> is this really something which we should consider in BV?
>>>>
>>>>> From my point of view we should only provide an API for
>>>> method/constructor validation (by adding
>>>> Validator#validateMethodParameters() for instance), but we shouldn't
>>>> provide a trigger/hook executing this validation. I'd see this as
the
>>>> responsibility of technologies integrating with BV (similar to the
>>>> existing validate() methods which are invoked by JSF/JPA if
>>>> applicable).
>>>>
>>>> So whether method validation is triggered via a proxy, CDI/Spring AOP
>>>> interceptor etc. should be transparent for BV IMO.
>>>>
>>>> I wasn't sure about whether there is an actual need for constructor
>>>> validation, but Emmanuel's answer about JAX-RS confirmed that need
:)
>>>>
>>>> --Gunnar
>>>>
>>>>
>>>> 2011/12/1 Sebastian Thomschke<sebastian.thomschke(a)web.de>:
>>>>> Supporting constructor parameter validation as well as validation of
>>>>> parameters of methods not part of an interface requires some sort of
>>>>> byte code enhancements and cannot be done via JDK proxying.
>>>>> So if we find a sufficient solution how to achieve method parameter
>>>>> validation without JDK proxies I do not see why we should not
support
>>>>> constructor parameter validation too.
>>>>>
>>>>> Regards,
>>>>> Seb
>>>>>
>>>>> On 30.11.2011 19:59, Gunnar Morling wrote:
>>>>>> Hi experts,
>>>>>>
>>>>>> Emmanuel asked me to take the lead on the method validation
feature,
>>>>>> so be prepared for related questions, API proposals and requests
for
>>>>>> feedback via the mailing list :)
>>>>>>
>>>>>> The first issue I'd like to discuss is the validation of
constructor
>>>>>> arguments. Is this something which we want to support at all? I
don't
>>>>>> think there are that many interception solutions which enable
>>>>>> constructor interception at all (for instance CDI interceptors
don't,
>>>>>> AFAIK).
>>>>>>
>>>>>> So personally I'd be fine with focussing on actual method
validation
>>>>>> in BV 1.1, waiting for user demand for constructor validation
and
>>>>>> adding it possibly in a later release. WDYT?
>>>>>>
>>>>>> If we decide to include constructor validation, should we support
the
>>>>>> validation of newly created objects (similar to return value
>>>>>> validation), e.g. like that:
>>>>>>
>>>>>> public class Foo {
>>>>>>
>>>>>> @Valid
>>>>>> public Foo() {
>>>>>>
>>>>>> }
>>>>>>
>>>>>> }
>>>>>>
>>>>>> Here @Valid would trigger a validation of the newly instantiated
Foo
>>>>>> object (whether to use @Valid or another annotation still needs
to be
>>>>>> discussed). Any thoughts?
>>>>>>
>>>>>> --Gunnar
>>>>>> _______________________________________________
>>>>>> beanvalidation-dev mailing list
>>>>>> beanvalidation-dev(a)lists.jboss.org
>>>>>> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
>>>>> _______________________________________________
>>>>> beanvalidation-dev mailing list
>>>>> beanvalidation-dev(a)lists.jboss.org
>>>>> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
>>>> _______________________________________________
>>>> beanvalidation-dev mailing list
>>>> beanvalidation-dev(a)lists.jboss.org
>>>> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
>>> _______________________________________________
>>> beanvalidation-dev mailing list
>>> beanvalidation-dev(a)lists.jboss.org
>>> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
>> _______________________________________________
>> beanvalidation-dev mailing list
>> beanvalidation-dev(a)lists.jboss.org
>> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
> _______________________________________________
> beanvalidation-dev mailing list
> beanvalidation-dev(a)lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
_______________________________________________
beanvalidation-dev mailing list
beanvalidation-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
2:09 p.m.
Answers inline
On Dec 4, 2011, at 4:50 PM, Gunnar Morling wrote:
> - which visibilities do we support? public, private, package,
protected?
> all?
Is there any reason to limit this? If not, I wouldn't restrict the
supported visibility from the Bean Validation side. I think this
mainly depends on how method validation is integrated.
+1. I don't think that there is a reason to restrict that
> - inheritance: you pass a java.lang.Method object of class A to
> validateMethodParameters() and an object of class B extending class A
> which overrides this method. Which constraints are checked, the ones of
> the method declared on class A, the ones declared on the method of class
> B or the sum of the methods in A & B?
That's a very good question.
Gunnar already summarized this quite well. For your reference there is a
discussion about this also on the Hibernate Validator issue tracker
https://hibernate.onjira.com/browse/HV-421
I consider this the most important decisions we have to make/specify related
to method level validation.
Other important questions are:
* Do we provide the possibility to specify parameter names (HV-409)
We already discussed this on this list and I think we agreed that an interface approach
makes
sense here
* How do we extend the metadata API?
> - When you add a method return value constraint to a
parameterized
> method and you do Validator.validate(object), thoses constraints are not
> evaluated. But when you add a constraint to a getter-style method (which
> also looks and actually is a method return value constraint). They are
> evaluated by Validator.validate(object). What if someone wants to add a
> method return value constraint to a getter-style method, that is not
> evaluated when Validator.validate(object) is executed but after the
> method itself has been invoked? In OVal you have to explicitely add the
> @IsInvariant annotation to getter methods if their constraints should be
> evaluated too when Validator.validate(object) is executed. If so, OVal
> will invoke the getter and test the returned value against the
> constraints specified.
I think the ability to clearly separate property validation from return value validation
makes
sense.
--Hardy
4:46 a.m.
On 4 déc. 2011, at 16:50, Gunnar Morling wrote:
>
> - inheritance: you pass a java.lang.Method object of class A to
> validateMethodParameters() and an object of class B extending class A
> which overrides this method. Which constraints are checked, the ones of
> the method declared on class A, the ones declared on the method of class
> B or the sum of the methods in A & B?
That's a very good question.
In fact in Hibernate Validator we don't support parameter constraints
in overriding methods at all (so if A#foo() has parameter constraints,
B#foo() must not declare any parameter constraints), as this
represents a strengthening of preconditions in sub-types for clients
of A, which violates the Liskov substitution principle. Some more
reasoning can be found in the HV reference guide in section 8.3.1.1
[1].
I'm preferring this approach, though it is rather conservate. Some
"programming by contract" solutions deal with this by OR-ing the
preconditions in a method's hierarchy (so an invocation would be
valid, if the constraints at A#foo() OR B#foo() are satisfied),
actually applying the "weakest" contract in the hierarchy. How is this
done in OVal? And does anyone know how it is in Apache BVAL?
Note that return type constraints could be refined theoretically and be compliant with the
Liskov substitution principle. We might want to still disallow this to limit confusion. It
will all depend on the set of use case we can think of.
> - When you add a method return value constraint to a parameterized
> method and you do Validator.validate(object), thoses constraints are not
> evaluated. But when you add a constraint to a getter-style method (which
> also looks and actually is a method return value constraint). They are
> evaluated by Validator.validate(object). What if someone wants to add a
> method return value constraint to a getter-style method, that is not
> evaluated when Validator.validate(object) is executed but after the
> method itself has been invoked? In OVal you have to explicitely add the
> @IsInvariant annotation to getter methods if their constraints should be
> evaluated too when Validator.validate(object) is executed. If so, OVal
> will invoke the getter and test the returned value against the
> constraints specified.
Personally I'd say getters are methods such as any other methods, too.
So if a getter method is invoked one some bean generally qualifying
for method validation (however that is decided by the method
validation integration layer) the method's constraints should be
validated in the same way as any other method constraints. If the bean
is validated using Validator#validate(), the getter method's
constraints should be handled as property constraints as it's the case
today IMO.
@IsInvariant is not much different from a group (though a bit more elegant). I don't
think we should add something explicit in the spec to address this problem as we already
can solve it with groups.
Note that getters are not like ordinary methods, they are (by convention) Java properties
and that's exactly what validator.validate processes (properties).
3:48 p.m.
2011/12/5 Emmanuel Bernard <emmanuel(a)hibernate.org>:
On 4 déc. 2011, at 16:50, Gunnar Morling wrote:
>>
>> - inheritance: you pass a java.lang.Method object of class A to
>> validateMethodParameters() and an object of class B extending class A
>> which overrides this method. Which constraints are checked, the ones of
>> the method declared on class A, the ones declared on the method of class
>> B or the sum of the methods in A & B?
>
> That's a very good question.
>
> In fact in Hibernate Validator we don't support parameter constraints
> in overriding methods at all (so if A#foo() has parameter constraints,
> B#foo() must not declare any parameter constraints), as this
> represents a strengthening of preconditions in sub-types for clients
> of A, which violates the Liskov substitution principle. Some more
> reasoning can be found in the HV reference guide in section 8.3.1.1
> [1].
>
> I'm preferring this approach, though it is rather conservate. Some
> "programming by contract" solutions deal with this by OR-ing the
> preconditions in a method's hierarchy (so an invocation would be
> valid, if the constraints at A#foo() OR B#foo() are satisfied),
> actually applying the "weakest" contract in the hierarchy. How is this
> done in OVal? And does anyone know how it is in Apache BVAL?
Note that return type constraints could be refined theoretically and be compliant with
the Liskov substitution principle. We might want to still disallow this to limit
confusion. It will all depend on the set of use case we can think of.
In HV we are currently allowing to define additional return value
constraints on methods overridden in sub types, and so far I haven't
heard of any problems with that. AFAICS that's also what most
programming by contract solutions do.
What's your opinion on parameter constraints? Would you prefer to
OR-join them or to prohibit constraints in overridden methods at all?
>> - When you add a method return value constraint to a
parameterized
>> method and you do Validator.validate(object), thoses constraints are not
>> evaluated. But when you add a constraint to a getter-style method (which
>> also looks and actually is a method return value constraint). They are
>> evaluated by Validator.validate(object). What if someone wants to add a
>> method return value constraint to a getter-style method, that is not
>> evaluated when Validator.validate(object) is executed but after the
>> method itself has been invoked? In OVal you have to explicitely add the
>> @IsInvariant annotation to getter methods if their constraints should be
>> evaluated too when Validator.validate(object) is executed. If so, OVal
>> will invoke the getter and test the returned value against the
>> constraints specified.
>
> Personally I'd say getters are methods such as any other methods, too.
> So if a getter method is invoked one some bean generally qualifying
> for method validation (however that is decided by the method
> validation integration layer) the method's constraints should be
> validated in the same way as any other method constraints. If the bean
> is validated using Validator#validate(), the getter method's
> constraints should be handled as property constraints as it's the case
> today IMO.
@IsInvariant is not much different from a group (though a bit more elegant). I don't
think we should add something explicit in the spec to address this problem as we already
can solve it with groups.
Note that getters are not like ordinary methods, they are (by convention) Java properties
and that's exactly what validator.validate processes (properties).
Yes, getters are considered as properties for standard bean validation
(Validator#validate()). But in the context of method validation I
would handle them as return value constraints as on any other method.
If I understand correctly, @IsInvariant as described above would be
breaking with the current spec behavior as it is needed to explicitly
enable a constraint on a getter for property validation, which is in
BV the case by default.
Using groups for cases, where a getter's constraints should be handled
different for property and method validation seems reasonable to me,
too.
An additional idea would be some option to apply a getter's
constraints also as method parameter constraints on the corresponding
setter. So if method validation for that bean is enabled, illegal
values couldn't be set at all. Would that be useful?
_______________________________________________
beanvalidation-dev mailing list
beanvalidation-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
7:11 p.m.
On Tue, Dec 6, 2011 at 6:48 PM, Gunnar Morling
<gunnar.morling(a)googlemail.com> wrote:
In HV we are currently allowing to define additional return value
constraints on methods overridden in sub types, and so far I haven't
heard of any problems with that. AFAICS that's also what most
programming by contract solutions do.
This makes a lot of sense to me. It should be supported. Constraints
on parameters of overriding methods shouldn't, following the same
reasoning already discussed.
Regards,
Michael
3:09 a.m.
> Note that return type constraints could be refined theoretically
and be compliant with the Liskov substitution principle. We might want to still disallow
this to limit confusion. It will all depend on the set of use case we can think of.
In HV we are currently allowing to define additional return value
constraints on methods overridden in sub types, and so far I haven't
heard of any problems with that. AFAICS that's also what most
programming by contract solutions do.
What's your opinion on parameter constraints? Would you prefer to
OR-join them or to prohibit constraints in overridden methods at all?
I am neutral to against in the ground that it's not exactly trivial to understand and
that the fact that return values behave differently is counter-intuitive even if it's
logical. My logic applies for letting returned type be refined.
We have three options:
1. not allow refinement
2. allow return value refinement (AND style)
3. allow param (OR style) and return value (AND style) refinement
We can go from 1 to 3 in the lifetime of the spec but not back.
What do others think? Could we work out 3-5 use cases for each to better see the merit of
refinement?
>>> - When you add a method return value constraint to a parameterized
>>> method and you do Validator.validate(object), thoses constraints are not
>>> evaluated. But when you add a constraint to a getter-style method (which
>>> also looks and actually is a method return value constraint). They are
>>> evaluated by Validator.validate(object). What if someone wants to add a
>>> method return value constraint to a getter-style method, that is not
>>> evaluated when Validator.validate(object) is executed but after the
>>> method itself has been invoked? In OVal you have to explicitely add the
>>> @IsInvariant annotation to getter methods if their constraints should be
>>> evaluated too when Validator.validate(object) is executed. If so, OVal
>>> will invoke the getter and test the returned value against the
>>> constraints specified.
>>
>> Personally I'd say getters are methods such as any other methods, too.
>> So if a getter method is invoked one some bean generally qualifying
>> for method validation (however that is decided by the method
>> validation integration layer) the method's constraints should be
>> validated in the same way as any other method constraints. If the bean
>> is validated using Validator#validate(), the getter method's
>> constraints should be handled as property constraints as it's the case
>> today IMO.
>
> @IsInvariant is not much different from a group (though a bit more elegant). I
don't think we should add something explicit in the spec to address this problem as we
already can solve it with groups.
> Note that getters are not like ordinary methods, they are (by convention) Java
properties and that's exactly what validator.validate processes (properties).
Yes, getters are considered as properties for standard bean validation
(Validator#validate()). But in the context of method validation I
would handle them as return value constraints as on any other method.
If I understand correctly, @IsInvariant as described above would be
breaking with the current spec behavior as it is needed to explicitly
enable a constraint on a getter for property validation, which is in
BV the case by default.
Using groups for cases, where a getter's constraints should be handled
different for property and method validation seems reasonable to me,
too.
I have a small concern with that. Granted is compatible with the spec but if people have
been investing in constraints that are validated at specific time, should we carry them by
default as legit method constraints validated upon calls (that's assuming some AOP
style interception)?
An additional idea would be some option to apply a getter's
constraints also as method parameter constraints on the corresponding
setter. So if method validation for that bean is enabled, illegal
values couldn't be set at all. Would that be useful?
Global setting or local setting?
3:49 a.m.
>> Note that return type constraints could be refined
theoretically and be compliant with the Liskov substitution principle. We might want to
still disallow this to limit confusion. It will all depend on the set of use case we can
think of.
>
> In HV we are currently allowing to define additional return value
> constraints on methods overridden in sub types, and so far I haven't
> heard of any problems with that. AFAICS that's also what most
> programming by contract solutions do.
>
> What's your opinion on parameter constraints? Would you prefer to
> OR-join them or to prohibit constraints in overridden methods at all?
I am neutral to against in the ground that it's not exactly trivial to understand and
that the fact that return values behave differently is counter-intuitive even if it's
logical. My logic applies for letting returned type be refined.
We have three options:
1. not allow refinement
2. allow return value refinement (AND style)
3. allow param (OR style) and return value (AND style) refinement
We can go from 1 to 3 in the lifetime of the spec but not back.
What do others think? Could we work out 3-5 use cases for each to better see the merit of
refinement?
+1 for option #2
>> @IsInvariant is not much different from a group (though a bit
more elegant). I don't think we should add something explicit in the spec to address
this problem as we already can solve it with groups.
I guess you can solve the problem with groups somehow, but this probably means that you
have to pull all your method constraints into a group. As you already say, it is not
elegant.
I think something like @IsInvariant or @InvariantOnly is a much more expressive solution
and is also backward compatible. We are just extending existing functionality.
>> Note that getters are not like ordinary methods, they are (by
convention) Java properties and that's exactly what validator.validate processes
(properties).
Not all getters are necessary properties.
> An additional idea would be some option to apply a getter's
> constraints also as method parameter constraints on the corresponding
> setter. So if method validation for that bean is enabled, illegal
> values couldn't be set at all. Would that be useful?
Global setting or local setting?
Could we have an example for this? I don't quite get what this is about.
--Hardy
3:48 p.m.
>> An additional idea would be some option to apply a
getter's>>> constraints also as method parameter constraints on the
corresponding>>> setter. So if method validation for that bean is enabled,
illegal>>> values couldn't be set at all. Would that be useful?>
Could we have an example for this? I don't quite get what this is about.
Let's assume there is a bean with some property constraint:
public class Foo {
private int bar;
@Min(5) public int getBar() { return bar; }
public void setBar(int bar) { this.bar = bar; }
}
If this bean is subject to method validation, the @Min constraint will
be validated automatically when getBar() is invoked (assuming some AOP
layer executing the validation is in place).
The idea now was to provide some option to apply the constraint also
to the parameter of the setBar() method. That way invalid Foo
instances couldn't be created at all. Of course one simply could add
the constraint manually to the parameter, but given that this might be
a rather common use case, it might be good to have a less redundant
way for this.
Some possible ways:
#1 A class-level annotation:
@ApplyPropertyConstraintsToSetters
public class Foo {
}
#2 A property level annotation:
public class Foo {
@ApplyToSetter
@Min(5)
public int getBar() {
return bar;
}
}
#3 An option in the configuration API:
Validator validator = Validation.byDefaultProvider()
.configure()
.applyPropertyConstraintsToSetters()
.buildValidatorFactory()
.getValidator();
2011/12/7 Hardy Ferentschik <hardy(a)hibernate.org>:
>>> Note that return type constraints could be refined theoretically and be
compliant with the Liskov substitution principle. We might want to still disallow this to
limit confusion. It will all depend on the set of use case we can think of.
>>
>> In HV we are currently allowing to define additional return value
>> constraints on methods overridden in sub types, and so far I haven't
>> heard of any problems with that. AFAICS that's also what most
>> programming by contract solutions do.
>>
>> What's your opinion on parameter constraints? Would you prefer to
>> OR-join them or to prohibit constraints in overridden methods at all?
>
> I am neutral to against in the ground that it's not exactly trivial to understand
and that the fact that return values behave differently is counter-intuitive even if
it's logical. My logic applies for letting returned type be refined.
>
> We have three options:
>
> 1. not allow refinement
> 2. allow return value refinement (AND style)
> 3. allow param (OR style) and return value (AND style) refinement
>
> We can go from 1 to 3 in the lifetime of the spec but not back.
>
> What do others think? Could we work out 3-5 use cases for each to better see the
merit of refinement?
+1 for option #2
>>> @IsInvariant is not much different from a group (though a bit more elegant).
I don't think we should add something explicit in the spec to address this problem as
we already can solve it with groups.
I guess you can solve the problem with groups somehow, but this probably means that you
have to pull all your method constraints into a group. As you already say, it is not
elegant.
I think something like @IsInvariant or @InvariantOnly is a much more expressive solution
and is also backward compatible. We are just extending existing functionality.
>>> Note that getters are not like ordinary methods, they are (by convention)
Java properties and that's exactly what validator.validate processes (properties).
Not all getters are necessary properties.
>> An additional idea would be some option to apply a getter's
>> constraints also as method parameter constraints on the corresponding
>> setter. So if method validation for that bean is enabled, illegal
>> values couldn't be set at all. Would that be useful?
>
> Global setting or local setting?
Could we have an example for this? I don't quite get what this is about.
--Hardy
_______________________________________________
beanvalidation-dev mailing list
beanvalidation-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
7:36 a.m.
On 7 December 2011 10:09, Emmanuel Bernard <emmanuel(a)hibernate.org> wrote:
>> Note that return type constraints could be refined theoretically and be
compliant with the Liskov substitution principle. We might want to still
disallow this to limit confusion. It will all depend on the set of use case
we can think of.
>
> In HV we are currently allowing to define additional return value
> constraints on methods overridden in sub types, and so far I haven't
> heard of any problems with that. AFAICS that's also what most
> programming by contract solutions do.
>
> What's your opinion on parameter constraints? Would you prefer to
> OR-join them or to prohibit constraints in overridden methods at all?
I am neutral to against in the ground that it's not exactly trivial to
understand and that the fact that return values behave differently is
counter-intuitive even if it's logical. My logic applies for letting
returned type be refined.
We have three options:
1. not allow refinement
2. allow return value refinement (AND style)
3. allow param (OR style) and return value (AND style) refinement
We can go from 1 to 3 in the lifetime of the spec but not back.
What do others think? Could we work out 3-5 use cases for each to better
see the merit of refinement?
+1 for #2.
I think writing use cases is a good idea and they can be reused in the spec.
>
>>>> - When you add a method return value constraint to a parameterized
>>>> method and you do Validator.validate(object), thoses constraints are
not
>>>> evaluated. But when you add a constraint to a getter-style method
(which
>>>> also looks and actually is a method return value constraint). They are
>>>> evaluated by Validator.validate(object). What if someone wants to add
a
>>>> method return value constraint to a getter-style method, that is not
>>>> evaluated when Validator.validate(object) is executed but after the
>>>> method itself has been invoked? In OVal you have to explicitely add
the
>>>> @IsInvariant annotation to getter methods if their constraints should
be
>>>> evaluated too when Validator.validate(object) is executed. If so, OVal
>>>> will invoke the getter and test the returned value against the
>>>> constraints specified.
>>>
>>> Personally I'd say getters are methods such as any other methods, too.
>>> So if a getter method is invoked one some bean generally qualifying
>>> for method validation (however that is decided by the method
>>> validation integration layer) the method's constraints should be
>>> validated in the same way as any other method constraints. If the bean
>>> is validated using Validator#validate(), the getter method's
>>> constraints should be handled as property constraints as it's the case
>>> today IMO.
>>
>> @IsInvariant is not much different from a group (though a bit more
elegant). I don't think we should add something explicit in the spec to
address this problem as we already can solve it with groups.
>> Note that getters are not like ordinary methods, they are (by
convention) Java properties and that's exactly what validator.validate
processes (properties).
>
> Yes, getters are considered as properties for standard bean validation
> (Validator#validate()). But in the context of method validation I
> would handle them as return value constraints as on any other method.
>
> If I understand correctly, @IsInvariant as described above would be
> breaking with the current spec behavior as it is needed to explicitly
> enable a constraint on a getter for property validation, which is in
> BV the case by default.
>
> Using groups for cases, where a getter's constraints should be handled
> different for property and method validation seems reasonable to me,
> too.
I have a small concern with that. Granted is compatible with the spec but
if people have been investing in constraints that are validated at specific
time, should we carry them by default as legit method constraints validated
upon calls (that's assuming some AOP style interception)?
>
> An additional idea would be some option to apply a getter's
> constraints also as method parameter constraints on the corresponding
> setter. So if method validation for that bean is enabled, illegal
> values couldn't be set at all. Would that be useful?
Global setting or local setting?
_______________________________________________
beanvalidation-dev mailing list
beanvalidation-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
3:32 p.m.
> An additional idea would be some option to apply a
getter's>> constraints also as method parameter constraints on the
corresponding>> setter. So if method validation for that bean is enabled,
illegal>> values couldn't be set at all. Would that be useful?>> Global
setting or local setting?
Haven't thought that far :) Probably both would make sense. Globally
via the configuration API, locally via an annotation, for instance.
2011/12/7 Emmanuel Bernard <emmanuel(a)hibernate.org>:
>> Note that return type constraints could be refined theoretically and be compliant
with the Liskov substitution principle. We might want to still disallow this to limit
confusion. It will all depend on the set of use case we can think of.
>
> In HV we are currently allowing to define additional return value
> constraints on methods overridden in sub types, and so far I haven't
> heard of any problems with that. AFAICS that's also what most
> programming by contract solutions do.
>
> What's your opinion on parameter constraints? Would you prefer to
> OR-join them or to prohibit constraints in overridden methods at all?
I am neutral to against in the ground that it's not exactly trivial to understand and
that the fact that return values behave differently is counter-intuitive even if it's
logical. My logic applies for letting returned type be refined.
We have three options:
1. not allow refinement
2. allow return value refinement (AND style)
3. allow param (OR style) and return value (AND style) refinement
We can go from 1 to 3 in the lifetime of the spec but not back.
What do others think? Could we work out 3-5 use cases for each to better see the merit of
refinement?
>
>>>> - When you add a method return value constraint to a parameterized
>>>> method and you do Validator.validate(object), thoses constraints are not
>>>> evaluated. But when you add a constraint to a getter-style method (which
>>>> also looks and actually is a method return value constraint). They are
>>>> evaluated by Validator.validate(object). What if someone wants to add a
>>>> method return value constraint to a getter-style method, that is not
>>>> evaluated when Validator.validate(object) is executed but after the
>>>> method itself has been invoked? In OVal you have to explicitely add the
>>>> @IsInvariant annotation to getter methods if their constraints should be
>>>> evaluated too when Validator.validate(object) is executed. If so, OVal
>>>> will invoke the getter and test the returned value against the
>>>> constraints specified.
>>>
>>> Personally I'd say getters are methods such as any other methods, too.
>>> So if a getter method is invoked one some bean generally qualifying
>>> for method validation (however that is decided by the method
>>> validation integration layer) the method's constraints should be
>>> validated in the same way as any other method constraints. If the bean
>>> is validated using Validator#validate(), the getter method's
>>> constraints should be handled as property constraints as it's the case
>>> today IMO.
>>
>> @IsInvariant is not much different from a group (though a bit more elegant). I
don't think we should add something explicit in the spec to address this problem as we
already can solve it with groups.
>> Note that getters are not like ordinary methods, they are (by convention) Java
properties and that's exactly what validator.validate processes (properties).
>
> Yes, getters are considered as properties for standard bean validation
> (Validator#validate()). But in the context of method validation I
> would handle them as return value constraints as on any other method.
>
> If I understand correctly, @IsInvariant as described above would be
> breaking with the current spec behavior as it is needed to explicitly
> enable a constraint on a getter for property validation, which is in
> BV the case by default.
>
> Using groups for cases, where a getter's constraints should be handled
> different for property and method validation seems reasonable to me,
> too.
I have a small concern with that. Granted is compatible with the spec but if people have
been investing in constraints that are validated at specific time, should we carry them by
default as legit method constraints validated upon calls (that's assuming some AOP
style interception)?
>
> An additional idea would be some option to apply a getter's
> constraints also as method parameter constraints on the corresponding
> setter. So if method validation for that bean is enabled, illegal
> values couldn't be set at all. Would that be useful?
Global setting or local setting?
_______________________________________________
beanvalidation-dev mailing list
beanvalidation-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
10:54 a.m.
On 7 déc. 2011, at 22:32, Gunnar Morling wrote:
>> An additional idea would be some option to apply a
getter's>> constraints also as method parameter constraints on the
corresponding>> setter. So if method validation for that bean is enabled,
illegal>> values couldn't be set at all. Would that be useful?>> Global
setting or local setting?
Haven't thought that far :) Probably both would make sense. Globally
via the configuration API, locally via an annotation, for instance.
I'm personally not a big fan. I'm afraid of noisy constraints
10:54 a.m.
On 8 déc. 2011, at 17:54, Emmanuel Bernard wrote:
On 7 déc. 2011, at 22:32, Gunnar Morling wrote:
>>> An additional idea would be some option to apply a getter's>>
constraints also as method parameter constraints on the corresponding>> setter. So
if method validation for that bean is enabled, illegal>> values couldn't be set
at all. Would that be useful?>> Global setting or local setting?
>
> Haven't thought that far :) Probably both would make sense. Globally
> via the configuration API, locally via an annotation, for instance.
I'm personally not a big fan. I'm afraid of noisy constraints
I mean noisy annotations
2:28 p.m.
Yes, I see. I was just curious whether someone would find that useful.
After all this is something, which could be easily implemented by BV
providers on top of the spec. So it's probably something which we
could add to the spec in a later revision, should there be a common
demand.
--Gunnar
2011/12/8 Emmanuel Bernard <emmanuel(a)hibernate.org>:
On 8 déc. 2011, at 17:54, Emmanuel Bernard wrote:
>
> On 7 déc. 2011, at 22:32, Gunnar Morling wrote:
>
>>>> An additional idea would be some option to apply a getter's>>
constraints also as method parameter constraints on the corresponding>> setter. So
if method validation for that bean is enabled, illegal>> values couldn't be set
at all. Would that be useful?>> Global setting or local setting?
>>
>> Haven't thought that far :) Probably both would make sense. Globally
>> via the configuration API, locally via an annotation, for instance.
>
> I'm personally not a big fan. I'm afraid of noisy constraints
I mean noisy annotations
_______________________________________________
beanvalidation-dev mailing list
beanvalidation-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
4:28 a.m.
We cannot ignore Constructor validation. JAX-RS requires this to have a complete
integration with Bean Validation.
I don't want us to not specify it and have them forced to invent some pseudo extension
that will diverge over time.
I'm sure other frameworks do control object construction at various level. Even in
CDI, constructor-based injection is an
entry point for validation.
Emmanuel
On 30 nov. 2011, at 19:59, Gunnar Morling wrote:
Hi experts,
Emmanuel asked me to take the lead on the method validation feature,
so be prepared for related questions, API proposals and requests for
feedback via the mailing list :)
The first issue I'd like to discuss is the validation of constructor
arguments. Is this something which we want to support at all? I don't
think there are that many interception solutions which enable
constructor interception at all (for instance CDI interceptors don't,
AFAIK).
So personally I'd be fine with focussing on actual method validation
in BV 1.1, waiting for user demand for constructor validation and
adding it possibly in a later release. WDYT?
If we decide to include constructor validation, should we support the
validation of newly created objects (similar to return value
validation), e.g. like that:
public class Foo {
@Valid
public Foo() {
}
}
Here @Valid would trigger a validation of the newly instantiated Foo
object (whether to use @Valid or another annotation still needs to be
discussed). Any thoughts?
--Gunnar
_______________________________________________
beanvalidation-dev mailing list
beanvalidation-dev(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/beanvalidation-dev
4734
days inactive
4742
days old
beanvalidation-dev@lists.jboss.org
27 comments
7 participants
participants (7)
-
Emmanuel Bernard -
Gerhard Petracek -
Gunnar Morling -
Hardy Ferentschik -
Kevin Pollet -
Michael Nascimento -
Sebastian Thomschke