Validation is dynamic

It is important to realize that the validation code inside the prepareValidator() method is executed for each request. Therefore you can dynamically perform your validation based on the action parameters and characteristics. Check the example below:

public class MyAction extends BaseAction implements Validatable {
    
    public String execute() {
        
        // your action stuff here...
        
    }
    
    public void prepareValidator(Validator val, String innerAction) {

if (isPost()) {
        
                Rule required = RequiredFieldRule.getInstance();
        
                val.add("username", required, FIELD_REQUIRED_ERROR);
                val.add("username", StringRule.getInstance(6, 30), INVALID_USERNAME_LENGTH);
        
                val.add("age", required, FIELD_REQUIRED_ERROR);
                val.add("age", IntegerRule.getInstance(18, 50), INVALID_AGE);
        
                val.add("password", required, FIELD_REQUIRED_ERROR);
                val.add("password", StringRule.getInstance(4, 20), INVALID_PASSWORD_LENGTH);
                val.add("password", EqualRule.getInstance("password", "passconf"), PASSWORD_DOES_NOT_MATCH);
        
                val.add("passconf", required, FIELD_REQUIRED_ERROR);
            }    
        }
    
    private static final String FIELD_REQUIRED_ERROR = "Field required!";
    private static final String INVALID_USERNAME_LENGTH = "Username length invalid!";
    private static final String INVALID_AGE = "Invalid age!";
    private static final String INVALID_PASSWORD_LENGTH = "Invalide password length!";
    private static final String PASSWORD_DOES_NOT_MATCH = "Passwords do not match!";
}

In the example above, only a POST request will be validated. A GET will not have any validation. You can also perform validation based on the inner action, which is very common as each inner action will have its own validation. Check below:

public class MyAction extends BaseAction implements Validatable {
    
    public String execute() {
        
        // your action stuff here...
        
    }
    
    public void prepareValidator(Validator val, String innerAction) {

if (innerAction != null && innerAction.equals("addUser")) {
        
                Rule required = RequiredRule.getInstance();
        
                val.add("username", required, FIELD_REQUIRED_ERROR);
                val.add("username", StringRule.getInstance(6, 30), INVALID_USERNAME_LENGTH);
        
                val.add("age", required, FIELD_REQUIRED_ERROR);
                val.add("age", IntegerRule.getInstance(18, 50), INVALID_AGE);
        
                val.add("password", required, FIELD_REQUIRED_ERROR);
                val.add("password", StringRule.getInstance(4, 20), INVALID_PASSWORD_LENGTH);
                val.add("password", EqualRule.getInstance("password", "passconf"), PASSWORD_DOES_NOT_MATCH);
        
                val.add("passconf", required, FIELD_REQUIRED_ERROR);
            }    
        }
    
    private static final String FIELD_REQUIRED_ERROR = "Field required!";
    private static final String INVALID_USERNAME_LENGTH = "Username length invalid!";
    private static final String INVALID_AGE = "Invalid age!";
    private static final String INVALID_PASSWORD_LENGTH = "Invalide password length!";
    private static final String PASSWORD_DOES_NOT_MATCH = "Passwords do not match!";
}

In the code above, only the "addUser" innerAction will be validated. All others, including the default (no inner action) execute() method will not be validated. Recall that innerAction == null means the execute() method was called.

Because of the dynamic characteristic of the validation, you should avoid creating new rule objects on each request. That's why we have been using the getInstance() method instead of the new constructor for our rules. The getInstance() method returns the same instance every time, avoiding the creation of new objects on every request. Despite the fact that the Java garbage collector is very powerful nowadays, you should try to avoid creating too many Java objects unnecessarily.

Most of the Mentawai built-in rules already provide the getInstance() method. If possible, and as a good practice, you should provide this method with any new rule you code. We will see how to create new validation rules in a bit.