[storm] Type checking

Ben Wilber benwilber at gmail.com
Mon Feb 16 19:03:02 GMT 2009


Thank you for the response.

The issue I see is that there seems to be a bit of redundancy from a
user perspective regarding the type conversion.  I absolutely agree
that input validation from a form submit is not the job of Storm.  But
from my application's perspective ( and I think most applications' ),
everything comes back from the user as a string.  I've already told
Storm what types my database fields are in my model definitions: Int,
Unicode etc.  So even though I've already defined that, I now have to
essentially do it again in my validator functions.  It seems to me
that having to care about the difference between two mutually
coerce-able types is slightly burdensom considering that I've already
told Storm what type goes into the database.

This can, however, get overly complicated with complex types like
datetimes and whatnot, but for something reasonably simple, like
Unicode or Int, I feel defining the type once, in the model
definition, and then trapping on impossible conversion exceptions
should be sufficient.  But you're right that this is something pretty
easy to do outside Storm.  In fact, I've started subclassing the Storm
types to do the conversion as was suggested earlier, which is a pretty
simple fix.

All in all this is definitely the best ORM I've used.  Keep up all the
great work.

Thanks,

Ben

On Mon, Feb 16, 2009 at 2:37 AM, Gustavo Niemeyer <gustavo at niemeyer.net> wrote:
> Hi Ben,
>
>> Is there a way to have storm do the type coercion automatically when I
>> try to set an attribute?  Example:
> (...)
>
> You can easily implement something like this yourself, but arbitrary
> type coercion isn't done by Storm itself by design.
>
>> building up a list (ie from a <form> submit), I have to first check
>> for safe input, then coerce from str to int, or unicode etc.  Which
>> means that the methods I use to sanitize form input and put it in the
>> database have to know/care what type storm expects.
>
> The task of ensuring that user-provided text is actually valid input
> for your model should indeed be done by your application for a number
> of reasons.  Storm supports a "validator" argument on its properties
> to help you with that.  The argument passed in is a function which is
> called like validator(object, attr, value), and you can either raise
> an exception out of it, or process the value and return the real value
> that is supposed to be used on the attribute.
>
> We can definitely provide helpers at some point like maximum size and
> whatnot, but coercion of form data and application-level validation
> goes way beyond that.
>
> --
> Gustavo Niemeyer
> http://niemeyer.net
>



More information about the storm mailing list