Validation Response Pattern

This article highlights a pattern which is used to return an appropriate validation outcome based on the output of the stored procedure doing the business rule validations.


In an ASP.NET Web Application Project, we often have requirements to do some validations in the stored procedures and return an appropriate message to the front-end. Further actions will be made based on the validation result.

Validation Response

To address the above scenario, I prefer to have an Interface based validation response being returned from the DAL layer to the consuming code.

The code for the desired Interface is as follows,
  1. public interface IResponse  
  2. {   
  3.    bool Success { get; set; }  
  4.    string Message { get; set; }  
  5. }  
Next is we can have our own custom class as shown below which will inherit this interface for doing a specific validation.
  1. public class ValidationResponse : IResponse  
  2. {   
  3.    bool Success { get; set; }  
  4.    string Message { get; set; }  
  5. }  
When the validation results in the expected outcome, Success boolean property is set to true and the Message will have a standard message for eg., "SUCCESS".

However, if the validation fails as per our logic or any exception is thrown, then Success is set to false and Message will have the desired validation message which will be displayed to the user.
The API in the DAL layer would have the return type as IResponse which gives us the flexibility to return any type of class implementing the interface.
  1. public IResponse DoSomeValidation()  
  2. {  
  3.    // validation logic goes here..  
  4. }  
This pattern would help us in creating a decoupled method in the DAL layer and have an appropriate response. Let's see a real-time example.

Requirement is to validate the password update activity by passing the current password and new password hash as inputs to the stored procedure and return the validation response.
  1. public IResponse ValidatePasswordUpdate(string oldPwdHash, string newPwdHash, string userName) {  
  2.     IResponse validationResponse;  
  3.     try {  
  4.         using(var sqlCon = new SqlConnection(Helper.ConnectionString))  
  5.         using(var cmd = CreateCommand(CommandType.StoredProcedure, "Admin_spValidatePasswordUpdate")) {  
  6.             cmd.Connection = sqlCon;  
  7.             cmd.Parameters.Add(new SqlParameter("@OldPwdHash", oldPwdHash));  
  8.             cmd.Parameters.Add(new SqlParameter("@NewPwdHash", newPwdHash));  
  9.             cmd.Parameters.Add(new SqlParameter("@userName", userName));  
  10.             if (sqlCon != null) sqlCon.Open();  
  11.             var reader = cmd.ExecuteReader(CommandBehavior.CloseConnection);  
  12.             validationResponse = new ValidationResponse();  
  13.             if (reader != null && reader.HasRows) {  
  14.                 if (reader.Read() && reader["Result"] != DBNull.Value) {  
  15.                     validationResponse.Message = reader["Result"].ToString();  
  16.                     validationResponse.Success = validationResponse.Message.Equals(Constants.SuccessMsg, StringComparison.OrdinalIgnoreCase);  
  17.                 } else validationResponse.Success = false;  
  18.             } else validationResponse.Success = false;  
  19.         }  
  20.     } catch (Exception ex) {  
  21.         if (validationResponse == null) validationResponse = new ValidationResonse();  
  22.         validationResponse.Success = false;  
  23.         validationResponse.Message = "Password update attempt is not successful due to a technical error";  
  24.     } finally {  
  25.         return validationResponse;  
  26.     }  
  27. }  
ValidatePasswordUpdate method will get the desired validation message as output from the stored procedure and returns an object of type IResponse. In future, if we need to transfer additional data as part of IResponse object, we could create a new class with required properties specific to the context.

We can consume this response object in the code-behind file or AJAX code and based on the object values, we could enable/disable the next actions as per the business rule.