In Dev Express Xaf, should I be using
DevExpress.ExpressApp.Model.Required or System.ComponentModel.DataAnnotations.RequiredAttribute for the [Required] attribute inside my business classes?
[Later note]
I should have clarified whether it was my intent to allow the attribute to be nullable. It turns out that If I don't want it to be nullable then I need the System.ComponentModel.DataAnnotations.RequiredAttribute
RuleRequiredFieldAttribute
the full path being - DevExpress.Persistent.Validation.RuleRequiredFieldAttribute
Related
In the shopping basket of my site, i need to allow a form POST of XML coming from a third-party service.
The possible solutions i can find is for webforms and < Umbraco 7.
I'm aware that you can disable page validation entirely, but that's not an option in my case.
Does someone know the equivalent way of using the control <umbraco:DisableRequestValidation runat="server"/> in MVC?
for security reason, I would suggest try use [AllowHtml] on property which would contain the xml content
so say you viewmodel has property call ThirdPartyContent which will have xml:
public class VM
{
public string Name { get; set; }
[AllowHtml]
public string ThirdPartyContent { get; set; }
}
this implicit state which property you are aware will contain potential malicious content (which is angle bracket)
[ValidateInput(false)] does the trick but will assume all property may contain xml content which may not be good thing
more info checkout this SO answer which say the difference between [AllowHtml] and [ValidateInput(false)]
ValidateInput(false) vs AllowHtml
I found the answer to my own question.
It's possible to set the [ValidateInput(false)] annotation on RenderMvcControllers. So you can do it per document type which is kinda nice.
I'll leave the answer here in case someone else needs to do the same thing.
I have a Model Like this
public int Id {get;set;}
[Required]
public string FirstName{get; set}
[Required]
public string LastName{get; set}
The Id is auto generate in DB. when I want call Create action The ModelState says that "The Id field is required"!!!! I Found this for my problem but it not clean solution.
Is there an other way to solve this?
Is there a way that I change Mvc ModelBinder behavior for value types?
The best solution to this problem is to use a view model. A view model is a class that you specifically design to meet the requirements of your view. So your controller action will take this view model as parameter. Simply stop passing your domain models to your views. That's it.
And if you don't want to follow good practices and use view models you could disable this implicit validation by adding the following to your Application_Start:
DataAnnotationsModelValidatorProvider.AddImplicitRequiredAttributeForValueTypes = false;
another hack is to exclude this property from binding using the [Bind(Exclude = "Id")] attribute. Yeah, it's a hack but if you don't follow good practices you will have to live with hacks.
Although #DarinDimitrov suggested a good option to use View Models, In addition to that answer. Also, consider this option only when you don't want to create the View-Model
How about ModelState["Id"].Errors.Clear(); in your Post Action Method ?
You can also set the property type to Nullable<T>, and then just manually enforce any required validation you might need to do before working with the database.
public int? Id {get;set;}
Further Reading:
Unrequired property keeps getting data-val-required attribute
ASP.NET MVC optional field being treated as required
"The Id field is required" validation message on Create
I swear to god, that I had seen something like (below) on one of the MSDN Article but I cant find this property attribute documentation anywhere.
public class MyViewModel{
[Required]
public bool Important {get;set;}
[ValidationDependsOn("Important")]
public bool HasVIPAccess {get;set;}
}
If you look at the above code (maybe a bad example), I am trying to establish a relationship between the two properties in such a way that validation of HasVIPAccess property depends on the validation of the property called Important.
the built in validation attribute that do something like that is [Compare("OtherProperty")] which means the property that you put this attribute on must equal OtherProperty
ex
public class MyViewModel{
[Required]
public bool Important {get;set;}
[Compare("Important")]
public bool HasVIPAccess {get;set;}
}
Note : Require MVC 3+
if you wanna other validation attributes you can check Mvc.ValidationTookit
if you want to understand the science behind it
this is new to mvc3 and you can implement your custom attribute like this fairly easy in mvc3
because IsValid now recives a ValidationContext parameter which contains information about the validation that is being performed like the type of the model and metadata associated with it so you can use reflection to get other properties and their value the CompareAttribute made use of this feature
FluentValidation.NET
You can do this by writing a custom validation attribute (this enables only server side validation)... Here is a relevant post Creating New Data Annotation Validation Attributes in MVC
However...if you want to get client side unobstrusive validation to work as well, then you need to do some javascript work...here is another post that talks about creating unobtrusive client side validation...Unobtrusive Client Validation with MVC 3
I have been studying the EF for a short time and cant find the answer to this question.
I have existing database and I am using CodeFirst to create classes for the model.
What is the difference in using Attributes and EntityTypeConfiguration to define parameters of table columns?
Since the database already has defined foreign keys and unique constraints, and so on, how and where to implement the validation for a best and most fluid result for use in ASP.NET MVC3?
Is it better to implement Attributes and CustomValidation or to use TryCatch blocks to catch errors from db?
Does Validator.TryValidateObject(myModelObject, context, results, true); use validation rules defined only as Attributes or can it use rules defined in EntityTypeConfiguration?
Thank You
Get the Entity Framework Power Tools CTP1 and it will reverse engineer your database and create entities, and a full data mapping. This is different than Model or Database first in that it generates a fluent model rather than using an .edmx file. You can see exactly how it works then.
See the following article about how you can create your entity classes from existing database :
http://blogs.msdn.com/b/adonet/archive/2011/03/15/ef-4-1-model-amp-database-first-walkthrough.aspx
Code generation templates will do the work for you, you don't need to write them if you have an existing db.
For validation, you can create new partial classes under the same namespace and put DataAnottations for your properties. Here is an example for you :
using System.ComponentModel.DataAnnotations;
using System.ComponentModel;
namespace TugberkUgurlu.App1.DataAccess.SqlServer {
[MetadataType(typeof(Country.MetaData))]
public partial class Country {
private class MetaData {
[Required]
[StringLength(50)]
[DisplayName("Name of Country")]
public string CountryName { get; set; }
[Required]
[StringLength(5)]
[DisplayName("ISO 3166 Code of Country")]
public string CountryISO3166Code { get; set; }
[DisplayName("Is Country Approved?")]
public string IsApproved { get; set; }
}
}
}
-Since the database already has defined foreign keys and unique constraints, and so on, how and where to implement the validation for a best and most fluid result for use in ASP.NET MVC3?
These should happen via your generated model. Keys are automatically inferred. If you reverse engineer an existing database the attributes will be created for you. If not, there are basic rules that are followed. The entity framework will attempt to use an auto incrementing primary key for example unless you tell it otherwise via
[DatabaseGenerated(System.ComponentModel.DataAnnotations.DatabaseGeneratedOption.None)]
The relationships are already part of your model so there is your referential integrity, and the data annotations will define the validation rules.
-Is it better to implement Attributes and CustomValidation or to use TryCatch blocks to catch errors from db?
Implement attributes. Define your metadata classes with your attributes in them.
In addition you want to catch any db errors for anything else that is unexpected if your db has additional logic in there not defined in your model (try catch at some level should generally be used anyways for logging purposes_
-Does Validator.TryValidateObject(myModelObject, context, results, true); use validation rules defined only as Attributes or can it use rules defined in EntityTypeConfiguration?
As far as I'm aware only the attributes are used. I'm going to try to test this later though as I'd like a definite answer on this as well :)
If I have a property whose display format is dependent on the value of another property in the view model how do I create a display template for it?
The combination of field1's display being dependent on field2's value will be used throughout the app and I would like to encapsulate this in a MVC 2 display template.
To be more specific, I've already create a display template (Social.ascx) for custom data type Social that masks a social security number for display. For instance, XXX-XX-1234.
[DataType("Social")]
public string SocialSecurityNumber { get; set; }
All employees also have an employeeID. Certain companies use the employee's social security number as either the whole employee id or as part of it. I need to also mask the employeeID if it contains the social. I'd like to create another display template (EmpID.ascx) to perform this task.
[DataType("EmpID")]
public string EmployeeID { get; set; }
The problem is that I don't know how to get both properties in the "EmpID" template to be able to perform the comparison.
Thanks for the help.
This might not directly answer your question but I'm wondering why the Employee ID is only sometimes marked out. I know there are legal requirements to doing so for the social but the employee ID is (or should be) somewhat sensitive as well. I would think it would be better to default to marking out both unless the logged in user had whatever privileges made them fully readable.
If you can do this that would probably simplify your logic/design somewhat.
Cant you create a custom ViewModel class containg both SocialSecurityNumber and EmployeeID and create a custom editor template for that class?