[Catalyst] Controllers, Models and flow control

Dominique Quatravaux dom at idealx.com
Thu Jun 9 12:37:18 CEST 2005 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Perrin Harkins wrote:

> The idea that the model is just a set of database access objects
> and that flow control goes in the controller is a relatively recent
> change stemming from the use in web apps.

I have come to think that this is a somewhat undesirable artifact of
the way the Web influences said flow control. In a desktop app without
modal dialogs (such as Smalltalk GUIs from which the MVC paradigm
originated), it is not possible to tell what the user will click next
and thus the controller has to be maximally flexible. Therefore all
flow control has to reside elsewhere, typically the model (which
throws exceptions upon forbidden state changes, which in turn will
result in error dialog boxes popping up).

The Web environment has quite the reverse problem: the developer
typically tries to foresee the sequence of clicks the user will have
to go through, and will block forbidden actions through surface tests
(form validation) or by simply not showing the appropriate buttons in
the view (which typically has adverse consequences in terms of
security, since a quick wget can easily circumvent that). Hence some
flow control slowly creeps into the controller (for a secure app) or
even the view (for an insecure one).

I am of the opinion that the first option is the best one, if the
above two are the only choices: not only because it enforces security,
but also because preventing nonsensical updates of the model is also
profitable to non-Web parts of the app such as crontabs, so it is best
done in the model (or even deeper, directly within the database using
SQL triggers or such). Also of interest are serializable continuations
(http://seaside.st/) which basically allow GUI-like programming in a
Web environment, but unfortunately they are a very difficult trick to
pull in Perl.

Now I am under the impression that the "business logic" idea being
discussed in this thread (which IMHO is somehow related to "widgets",
http://www.officevision.com/pub/Widget/) solves its own set of
problems, such as  automatically telling the view that that particular
button or input field should be greyed out because its action would be
refused anyway. I'm not yet sure how it should integrate properly with
the rest of MVC though, so I find the thread of great interest. (And
I'm awaiting Perrin's talk with impatience!)

- --
Dominique QUATRAVAUX                           Ingénieur senior
01 44 42 00 08                                 IDEALX

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCqBvdMJAKAU3mjcsRAiubAJ9JpekwOzF+1FJKI3BkCc4kih7dPgCffZrz
wU2k2RHDHDShOHS3u33pQ98=
=BGm3
-----END PGP SIGNATURE-----

More information about the Catalyst mailing list