Null check in different layers (presentation layer, middle, database)

Question

Hi,

Our application is developed using Spring framework. Is it good practice to check null condition in all layers (presentation. business, database) ? The flow in our application is

Form submission -> jQuery validator -> Spring validator -> Controller -> Service -> Database

Currently we are checking the parameters for null condition in both Validators, Controller and Service layer. In the controller, service is called only when the parameters are not null, and in the service if the parameters are null we are throwing IllegalArgumentException.

Is the above right design ? Are there any links which suggests such good practices ?

Answer 1

Is it possible to call the service without going through the controller?

If not, and all the parameters have been checked for null in the controller then checking it in the service doesn't make sense.

But, if there is a way for something to go directly to the service then you do need to check.

Answer 2

It depends!

• First, figure out how much error handling you need. Ask yourself how much of a public interface this needs to be. Is this single-use code? The more formal and public APIs need to be more careful about the data they accept and return, and more clearly documented. App-specific code can often just throw an exception-- any exception-- when something goes wrong. Pick the appropriate level of error checking. (The answers may be different at different layers or in different modules of the app.)

• You jQuery validator shouldn't really deal with nulls, but should detect empty strings (obviously).

• I would recommending making sure the Spring validators are a strong "firewall" to your application. I would do fairly rigorous null checking here, as this removes the burden from your controller code.

• If you have good validators in place, you can writing thinner controllers, and perhaps do no validation at all. There is really no need to do redundant checks in the controllers that you already have in the validators. These are the same layer architecturally.

• Although you have checks in the validators, it's likely the service layer will be called in different ways from different controllers. I think it is worth putting a level of protection into place, to preserve the integrity of your database. It's very important that this code doesn't alter the database or silently proceed if called incorrectly; bugs like this are particular nasty to track down. When the caller passes bad (and null) values, the code should throw an exception-- any exception. Sure, IllegalArgumentExceptions or NPE is probably correct, in reality any exception will do the trick and allow a developer to track down the problem. Again, if you're developing a public API you need to be more rigorous.

• If the database is missing some information, you should define in the service layer interface what should happen. Hibernate returns nulls sometimes, and throws exceptions others, depending on the call. It makes sense to follow the patterns it establishes.

Answer 3

http://freejavaclass.com/detailpost.jsp?postid=39