Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Andrzejek on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

help with some ASP.NET MVC best practices 2

Status
Not open for further replies.

noodle22

Programmer
May 8, 2008
23
I have two questions about MS MVC for asp.net

1) When linking or submitting a form to a controller, are query strings like MyAction?VarA=4&VarB=5... ok or should I switch to something like MyAction/4/5/. Does it really matter? I prefer to avoid creating all these special routes when I can

2)How do should one split up controllers and what they handle? Suppose I have 2 entities (or domain objects) that are related and am displaying them together in many views (however, a small number of actions for insertion and obtaining specific details occur in views where only one of the entity types is involved). Should I
a) use one controller and handle all actions with it, regardless of how many entities are involved
b) have 3 controllers, one for each of the entity type (for specific actions associated with insertion and displaying specific information), and one for actions requiring data from both entities (basically just display, maybe some insert)
c) something else?
 
And here is another one.

Sometimes, I pass a variable, ReturnToActionUrl, to my actions (when doing an insert for example). The first action will take place, and then RedirectToAction(ReturnToActionUrl) will be called to go to the action that gets the data ready to display (Index for example). This seems to have security implications since someone could manually type a different action in for the value of ReturnToActionUrl and have my controller do something it isn't supposed to.

So, does this mean that I have to check security for every action? Or does this mean that I should not use a ReturnToActionUrl variable and just duplicate any code that is required under the first action? Or is there another method?
 
1. you need to setup the routes so the framework knows how to route the message. whether it's a query string, or url rewrite doesn't matter. MyAction/4/5/ is spider friendly which is very important if you want google/msn/yahoo crawling your site. if it's an internal app it doesn't matter as much.
2. the controllers should only have 1 responsibility. what that responsibility is doesn't matter. usually controllers match up to a domain aggregate (see evans: domain driven design)
3. I would use an IoC framework like Windsor with a security interceptor. The interceptor would decorate the controller methods to ensure security was met. this would keep the controllers to their single responsiblity

if your not fimilar with IoC, Windsor or Interceptors check out and
Jason Meckley
Programmer
Specialty Bakers, Inc.
 
wow, you always have such useful things to say and response so fast. I am impressed!

In regards to point 1, how does routing handle issues where a variable I need may not be present?...ie, MyAction?VarB=5 (4 was not passed in this case)
 
there may be an optional/default attribute you add to the route (check the ms mvc forum at asp.net)

another option would be to have 2 different methods on the controller. i'm not sure of all the reprocussions, but it's worth looking into.

public ActionEvent DoSomething(string a)
{
}

public ActionEvent DoSomething(string a, string b)
{
}

thanks for the compliment. I can't take all the credit. I attribute my knowledge a series of mentors, most notably JP Boodhoo and Ayende Rahien. there are also 2 books which changed how i program. Head Frist Design Patterns and Domain Driven Design.

Jason Meckley
Programmer
Specialty Bakers, Inc.
 
I will check that suggestion out futher. I'm not sure if it would work in my case or not but I may not have much of a choice if I am moving away from the query string.

The book part is amusing because I just read Head Frist Design Patterns last fall (although I haven't read Domain Driven Design yet). I find that it was a great book for me and has also changed how I program, but I forget the basic rules sometimes and I don't have enough experience with working on code that has already been done the right way. Hopefully within a couple of years, this stuff will be ingrained a bit better.

My discovery of nhibernate (and linq) a few months ago also have really helped me and I'm sure that DDD book would futher my experience there.
 
Ok, just in case anyone else has been wondering about 2 (controllers) as well for ASP.NET MVC, this article talks about REST design for ASP.NET MVC webapps


Basically, it helped me better divide up my controllers so that they delt with specific entities and actions associated with those entities. The end result for me was that my routing table URLs are much more organized (as is the code behind them)
 
excellent find.

Jason Meckley
Programmer
Specialty Bakers, Inc.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top