Over a million developers have joined DZone.

Defensive Programming: Why You Shouldn't Check Input Parameters for Validity

Do you check input parameters of methods for validity? Well, maybe you shouldn't, and instead you should use validating decorators.

· Java Zone

Navigate the Maze of the End-User Experience and pick up this APM Essential guide, brought to you in partnership with CA Technologies

Do you check the input parameters of your methods for validity? I don't. I used to, but not anymore. I just let my methods crash with a null pointer and other exceptions when parameters are not valid. This may sound illogical, but only in the beginning. I'm suggesting you use validating decorators instead.

Shi mian mai fu (2004) by Yimou Zhang
"Shi mian mai fu" (2004) by Yimou Zhang

Let's take a look at this rather typical Java example:

class Report { 
  void export(File file) { 
    if (file == null) { 
      throw new IllegalArgumentException( "File is NULL; can't export." ); 

    if (file.exists()) { 
      throw new IllegalArgumentException( "File already exists." ); 

    // Export the report to the file 

Pretty defensive, right? If we remove these validations, the code will be much shorter, but it will crash with rather confusing messages if NULL is provided by the client. Moreover, if the file already exists, our Report will silently overwrite it. Pretty dangerous, right?

Yes, we must protect ourselves, and we must be defensive.

But not this way, not by bloating the class with validations that have nothing to do with its core functionality. Instead, we should use decorators to do the validation. Here is how. First, there must be an interface Report:

interface Report { 
  void export(File file); 

Then, a class that implements the core functionality:

class DefaultReport implements Report { 
  @Override void export(File file) { 
    // Export the report to the file 

And, finally, a number of decorators that will protect us:

class NoWriteOverReport implements Report { 
  private final Report origin; 

  NoWriteOverReport(Report rep) { 
    this.origin = rep; 

  @Override void export(File file) { 
    if (file.exists()) { 
      throw new IllegalArgumentException( "File already exists." ); 


Now, the client has the flexibility of composing a complex object from decorators that perform their specific tasks. The core object will do the reporting, while the decorators will validate parameters:

Report report = new NoNullReport( new NoWriteOverReport( new DefaultReport() ) ); 

What do we achieve with this approach? First and foremost: smaller objects. And smaller objects always mean higher maintainability. Our DefaultReport class will always remain small, no matter how many validations we may invent in the future. The more things we need to validate, the more validating decorators we will create. All of them will be small and cohesive. And we'll be able to put them together in different variations.

Besides that, this approach makes our code much more reusable, as classes perform very few operations and don't defend themselves by default. While being defensive is an important feature, we'll use validating decorators. But this will not always be the case. Sometimes validation is just too expensive in terms of time and memory, and we may want to work directly with objects that don't defend themselves.

I also decided not to use the Java Validation API anymore for the same reason. Its annotations make classes much more verbose and less cohesive. I'm using validating decorators instead.

Thrive in the application economy with an APM model that is strategic. Be E.P.I.C. with CA APM.  Brought to you in partnership with CA Technologies.

java ,development ,validators ,decorators ,defensive programming

Published at DZone with permission of Yegor Bugayenko, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

The best of DZone straight to your inbox.

Please provide a valid email address.

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}