203
votes
Accepted
Should we design our code from the beginning to enable unit testing?
Reluctance to modify code for the sake of testing shows that a developer hasn't understood the role of tests, and by implication, their own role in the organization.
The software business revolves ...
- 111k
115
votes
Should I check if something exists in the db and fail fast or wait for db exception
Checking for uniqueness and then setting is an antipattern; it can always happen that the ID is inserted concurrently between checking time and writing time. Databases are equipped to deal with this ...
- 111k
80
votes
Accepted
How to design a REST API that can "prompt" the client about long-running operations?
For long-running operations, it often helps to model the active job as a REST resource with its own structure and/or sub-resources.
For example, starting a job may return a result such as
202 Accepted
...
- 18.6k
75
votes
Should we design our code from the beginning to enable unit testing?
It's not as simple as you might think. Let's break it down.
Writing unit tests is definitely a good thing.
BUT!
Any change to your code can introduce a bug. So changing the code without a good ...
- 84.4k
59
votes
Is it ok to have validation layer before access control layer
It depends on whether knowing the validity of some input for a task that you aren't permitted to do is a security leak. If it is, you really should to do it the other way round.
The only safe ...
- 12.4k
50
votes
Accepted
Purpose of async/await in web servers
As far as I can tell, every request is already being run on a thread
pool (as empirically tested by logging the thread ID during each
request), so making all calls use async/await within your ...
- 2,212
39
votes
Should I check if something exists in the db and fail fast or wait for db exception
I think what you call “fail fast” and what I call it is not the same.
Telling the database to make a change and handling the failure, that is fast. Your way is complicated, slow and not particularly ...
- 49.4k
29
votes
Why PATCH method is not idempotent?
PATCH requests describe how to modify a resource, if you apply the same modification twice, the result may not be the same. This is because defining how the modifications are applied is up to you, you ...
- 487
25
votes
Is it ok to have validation layer before access control layer
Well, there are multiple types of validation:
Cheap basic sanity-checking, which verifies that the request is not obviously malformed.
This is typically at least partially duplicated client-side, to ...
- 9,309
23
votes
Accepted
Is it a bad idea to pass JSON objects on the query string for an API "search" operation?
Its not a brilliant idea. The URI is not really a good place for data of unpredictable length, and although there is no 'official' maximum length, many webservers apply their own limit (IIS is 2083 ...
- 1,153
22
votes
Accepted
How to design for API use cases that need different data from the same table?
In the end, there is no "right" or "wrong" in this situation, so my advice can only be on a very general level.
You seem to be falling into the trap of leaking a certain design ...
- 2,360
20
votes
Why PATCH method is not idempotent?
I think clear answer when PATCH in not idempotent is this paragraph from RFC 5789:
There are also cases where patch formats do not need to operate from a
known base-point (e.g., appending text ...
- 301
18
votes
Should we design our code from the beginning to enable unit testing?
Designing code to be inherently testable is not a code smell; on the contrary, it is the sign of a good design. There are several well-known and widely-used design patterns based on this (e.g., Model-...
- 5,586
17
votes
Best practice for REST API call with many parameters
I have a REST API with GETs operations which receive a (long) list of >
parameters. Which is the best practice to manage this scenario?
AFAIK, there is no firmly established best practice (sorry). ...
- 10.3k
16
votes
Should I check if something exists in the db and fail fast or wait for db exception
This started as a comment but grew too large.
No, as the other answers have stated, this pattern should not be used.*
When dealing with systems that use asynchronous components, there will always ...
- 309
15
votes
Is it ok to have validation layer before access control layer
There must be some validation before access control. Let's say SO's API has an endpoint "edit answer", then whether the user can edit a particular answer can depend on the answer (below a certain ...
- 15.6k
13
votes
Should we design our code from the beginning to enable unit testing?
It is IMHO very simple to understand that for creating unit tests, the code to be tested must have at least certain properties. For example, if the code does not consist of individual units which can ...
- 220k
13
votes
How to map "mv" operation to HTTP verbs?
Is there a RESTful way to implement this whilst maintaining atomicity of the operation?
Short Answer
Just use POST
Medium Answer
Seriously; it is okay to use POST.
POST serves many useful purposes ...
- 34.7k
12
votes
Accepted
Repository pattern, call another API that updates a SOR's from service or repository class?
The calls to other APIs should go in the repository layer.
The service layer shouldn't care how it gets its data, no matter where that data comes from.
The job of a repository isn't communicating ...
- 345
12
votes
Should we design our code from the beginning to enable unit testing?
I take issue with the (unsubstantiated) assertion you make:
to unit test the Web API service we will need to mock this factory
That's not necessarily true. There are lots of ways to write tests, and ...
- 3,328
12
votes
Purpose of async/await in web servers
A threadpool does not have infinite threads. Each time you synchronously wait, you are holding onto a thread and doing nothing with it.
If you instead await, the suspension will bubble up to the ...
- 12.4k
11
votes
Is creating ViewModels in Web API a bad practice?
You’ve asked two questions here and I think things will make more sense with a deeper dive into API architecture. The first thing I will say is than an API should ALWAYS have an independent ViewModel ...
- 111
10
votes
Accepted
What are the consequences of using verbs instead of nouns in REST API URI?
Standard URL mapping for REST has the resource mapped to the URL and what you do to it in the HTTP method.
It works well when interacting programmatically with your REST endpoint. It's also very ...
- 5,871
10
votes
Should we design our code from the beginning to enable unit testing?
You are in luck as this is a new project. I've found that Test Driven Design works very well for writing good code (which is why we do it in the first place).
By figuring out up front how to invoke ...
- 1,357
10
votes
Accepted
What http codes should i return when user request file which doesn't meet his requirements
The client should display an error message when no document meets the filter, and ask for confirmation when there are many documents because it might take a while to process them (let's say the ...
- 15k
9
votes
Accepted
API endpoint POST vs GET
Just do a GET with normal parameters. You are nowhere near the limit. You may want to make a little helper function that can take an arbitrary object and turn it into a query string.
The problem with ...
- 5,168
9
votes
What layer do third party API request/response models go in and what do you call them?
I guess it would have to go in the Application/Domain layer because that's where the interface for my third party API client would also be.
A third party API is, by definition, not part of your ...
- 59.5k
9
votes
Accepted
Is 10 KB a large amount of data to pass around each time a user makes an API call?
You are likely not even measuring the thing you really want to measure.
When looking at the "Is this scalable" question, you need to look at cost per user or cost per request.
For example, ...
- 2,583
9
votes
Purpose of async/await in web servers
It sounds to me like there are 2 wrong assumptions here.
The point of async/await isn't to free up the socket/connection. You're freeing up the thread to do other work during some async operation.
...
- 273
8
votes
Accepted
Managing Database Access for MicroServices
In general, the process to migrate a monolith to a microservice architecture involves carefully extracting parts from the monolith so they can live as stand-alone applications. For example, let's ...
- 1,986
Only top scored, non community-wiki answers of a minimum length are eligible