You can optionally register constraints in your ColdBox configuration file under the validation directive. This means you register them with a unique name of your choice and its value is a collection of constraints for fields in your objects or forms. These will be called lovingly Shared Constraints.

Here is an example:

Declaration

validation = {
    sharedConstraints = {
        sharedUser = {
            fName = {required=true},
            lname = {required=true},
            age   = {required=true, max=18 }
            metadata = {required=false, type="json"}
        },
        loginForm = {
            username = {required=true}, password = {required=true}
        },
        changePasswordForm = {
            password = {required=true,min=6}, password2 = {required=true, sameAs="password", min=6}
        }
    }
}

As you can see, our constraints definition describes the set of rules for a property on ANY target object or form by unique key name.

Usage

You can then use the keys for those constraints in the validation calls:

validate( target, "sharedUser" );

validate( rc, "loginForm" );

validate( rc, "changePasswordForm" );

What are Constraints?

A constraint is by definition the following:

The state of being restricted or confined within prescribed bounds.

That is exactly what you will create for specific fields. You will declare the constraints for one or more fields. Each constraint will be composed of one or more validators and validation data. The validation data is defined by the validator and can be of any type, the default is an empty struct ({})

// Define the field by name
// The contents are the constraints
fieldName1 = {
    validator1 = validationData,
    validator2 = validationData
},

fieldName2 = {
    validator1 = validationData,
    validator2 = validationData
}

These constraints can then be defined in many locations where cbValidation can read them.

Defining Constraints

You can define constraints in several locations:

1. Configuration file

2. Inside a domain object

3. A-la-carte

Constraints Discovery

When you call the validation methods with NO constraints passed explicitly, then the validation module will discover the constraints using the following:

• Lookup your constraints in myTarget.constraints struct in your target object or struct.

• If you specify your constraint parameter as a string, the validator will lookup a shared constraint in your configuration file definitions.

• If you specify your constraint parameter as a struct, this struct will directly serve as your set of constraints, so you can specify your constraints on the fly, or specify an alternative set of constraints in your model, e.g User.constraints vs User.signInConstraints

Within any domain object you can define a public variable called this.constraints that is a assigned an implicit structure of validation rules for any fields or properties in your object.

Declaration

component persistent="true"{

    // Object properties
    property name="id" fieldtype="id" generator="native" setter="false";
    property name="fname";
    property name="lname";
    property name="email";
    property name="username";
    property name="password";
    property name="age";

    // Validation
    this.constraints = {
        // Constraints go here
    }
}

We can then create the validation rules for the properties it will apply to it:

component persistent="true"{

    ...

    // Validation
    this.constraints = {
        fname = { required = true },
        lname = { required = true},
        username = {required=true, size="6..10"},
        password = {required=true, size="6..8"},
        email = {required=true, type="email"},
        age = {required=true, type="numeric", min=18}
    };
}

That easy! You can just declare these validation rules and ColdBox will validate your properties according to the rules. In this case you can see that a password must be between 6 and 10 characters long, and it cannot be blank.

Usage

You can then use them implicitly when calling our validation methods:

validate( myUser );
validateOrFail( myUser );

You can also define constraints a-la-carte. Meaning you can create them on the fly or store them as JSON or somewhere in a service. As long as it is a struct of constraints, that's all the validation methods accept via the constraints argument.

In this sample we validate the public request context rc. This sample validates all fields in the rc. If you need more control you can specify the fields parameter (default all) or the includeFields and excludeFields parameters in your validate() call.