What Is The Best Practice To Deal With MVC Post Models?

Question

I'm pretty new to MVC and still confused what the best and proper way for 2 cases for with same result. Let's say some user should add new sub category for specific root category.

Case 1: SubCategory is a mapped class by EF where all properties not nullable.

Controler:

    [Authorize]
    public ActionResult Create()
    {
        SubCategory subCategory = new SubCategory();

        subCategory.RootCategoryID = 1;

        return View(subCategory);
    }

    [Authorize]
    [HttpPost]
    public ActionResult Create(SubCategory thisSubCategory)
    {
        if (ModelState.IsValid)
        {
           //And some BL logic called here to handle new object...
        }
    }

View:

    @Html.HiddenFor(model => model.ID)

    @Html.HiddenFor(model => model.RootCategoryID)

    Sub Category Name: 

    @Html.EditorFor(model => model.CategoryName)

    @Html.ValidationMessageFor(model => model.CtaegoryName)

Case 2: Add helper class as controller's model and populate EF object after post

Controler:

    class SubCategoryHelper
    {
       public string Name { get; set; }
    }

    [Authorize]
    public ActionResult Create()
    {
       SubCategoryHelper subCategory = new SubCategoryHelper();

       return View(subCategory);
    }

    [Authorize]
    [HttpPost]
    public ActionResult Create(SubCategoryHelper thisSubCategory)
    {
        if (ModelState.IsValid)
        {
           SubCategory newSubCategory = new SubCategory();

           newSubCategory.RootCategoryID = 1;

           newSubCategory.CtaegoryName = thisSubCategory.Name;

           //And some BL logic called here to handle new object...
        }
    }

View:

Sub Category Name:

    @Html.EditorFor(model => model.Name)

    @Html.ValidationMessageFor(model => model.Name)

Both ways makes the same, but the first way looks less secure because of the hiddens that could be changed on the client side. The second way much longer, imagine the same way for rich objects such as Client or Product... What should I choose? Or there is some other way?

mipe34 · Accepted Answer

The first case is good for simplicity. If you extend your model you will have to do changes on less places. It is not less secure. You can bypass creating or binding the hidden input fields by several ways.

Use BindAttribute to bypass binding of property:

ActionResult Create([Bind(Exclude = "RootCategoryId")]
                    SubCategoryHelper thisSubCategory) {//....}

Or ScaffoldColumnAttribute on the model class property (e.g. when you use edit templates):

[ScaffoldColumn(false)]
public int RootCategoryId {get; set;}

Or just simple do not expose it (as you did in your example using the Html.HiddenInput helper).

The second approach, you have described, is often called ViewModel pattern. It encourages seperation of your Presentation and Domain layer. The advantage is, that your domain model will not be polluted with presentation layer specific code (like various display attributes etc.). Hovewer it brings another overhead of mapping between domain models and view models.

There is probably no genarel rule of thumb. It depends on type of your appliction.

If it is basically some simple data driven CRUD application, you can easily stay with the first one. Nevertheless, when your application becomes larger, you will definetly appreciate the freedom of your hands on separate layers. And if your BLL code is used with some other kind of "client" (web service, desktop etc.) except the ASP MVC I would defintely go with the second option.

I also suggest to read this great article: Is layering worth mapping

What Is The Best Practice To Deal With MVC Post Models?

Sub Category Name:

Answers (2)

Related Questions