Can someone send help?? Poll in the next tweet 👇

What approach to request validation do you prefer?

Validation should be nowhere near a model. Option 1 is a nice use of PHP attributes.

I would do validation on the model. Validation shouldn't go on a DTO which is what the request is. And in the end, the model is responsible for its invariants and business rules. Validation is a big part, because it enforces correct state of the model.

no.3, so that there can be no possibility of invalid data, also single source of truth and one place to check/modify

Please don’t do anything other than attributes.

If you went with #3, how would you detect and catch each different property that fails validation - wouldn’t you get a TypeError with the first invalid data and only be able to report that? I.e. you couldn’t report multiple invalid properties

If I were you, I would stop creating this framework 😂 Every time you move forward I see this and I start to think that a lot of what you're doing makes sense.

The third option limits you on a custom form request. Works very well for CRUD operations on AR Models. I would go for #1 and allow for #3 in the Model as well.

Is it the responsibility of entities or models to perform validation? Some may say yes, others may say no. Personally, I believe the model should handle data validation.

I would go with the first option, and keep specific endpoint logic/validations in the request. Moving that into the models would impact in more edge cases that you think. It's easier to just add a new endpoint with custom rules than refactoring a model used by other contexts.