Declarative Validation with Elixir

Illustration: Declarative Validation with Elixir

PSPDFKit Server is distributed as a Docker image, which is run by our customers on their own infrastructure. To support different modes of operation, it exposes a fairly extensive set of configuration options via environment variables.

Each environment variable value needs to be validated, and when it’s invalid, it needs to be categorized as one of the following:

  • error — the value must be changed, as it stops the application from working as expected.
  • warning — the value should be changed, but it allows the application to work.
  • deprecations — the value will need to be changed, as it allows the application to work now, but it will stop working in a future version.

We recently started looking into improving the application component responsible for these validations to provide more precise and actionable feedback depending on how an invalid value is categorized.

In this blog post, we’ll look at a possible implementation of such a validator, which is responsible for finding and categorizing issues.

Use Case

PSPDFKit Server exposes a management dashboard, which is protected behind a static username and password combination. Both values can be configured via environment variables.

Our constraints for these two values are:

  • they’re required, so they must be defined
  • they should be changed from their default values to provide better security

General Architecture

The validator will receive a key-value structure (e.g. a map), with configuration names and values, and it should return a data structure that collects errors, warnings, and deprecations.

Validation rules should be expressed with a terse domain-specific language that favors composition so that additional rules can be layered on over time with minimal effort.

Basic Validation

As a first attempt, we simply want to design a validate/1 function that accepts a map of configuration options and returns uncategorized errors (if present).

To follow along, you can create a file called config_validator.exs and run it with elixir config_validator.exs.

We can start by writing out how our API could look:

Copy
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
defmodule Config.Validator do
  @type reason :: String.t()
  @type result :: %{data: Enum.t(), errors: [reason()]}

  @spec validate(Enum.t()) :: result()
  def validate(data) do
    result = %{
      data: data,
      errors: []
    }

    result
    |> validate_key(:username, [required()])
    |> validate_key(:password, [required()])
  end
end

%{}
|> Config.Validator.validate()
|> IO.inspect()

The implementation relies on a result data structure, which is passed through a series of functions, each of which then applies one or more validators to a specific key in the included data.

A validator’s responsibility is to either let the result through unmodified or add a specific element to the errors list.

This design pushes toward predictable extension paths:

  • To add a new validation to an existing key, add a new validator to the already existing list.
  • To add validations for a new key, pipe the result through a new validate_key/3 function call.

Implementing a validator requires defining a function that returns another function that can be used by validate_key/3.

We can implement required/0 as:

1
2
3
4
5
6
defp required do
  fn
    nil -> {:invalid, "is required"}
    _other -> :ok
  end
end

The returned function pattern matches the received value and returns a {:invalid, "is required"} tuple when it’s nil.

The implementation of validate_key/3 requires finding the value of the specified key and then iterating over the passed validators, applying them to the value and adding relevant errors as needed:

Copy
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
defp validate_key(initial_result, key, validators) do
  value = get_in(initial_result, [:data, key])

  Enum.reduce(validators, initial_result, fn validator, result ->
    case validator.(value) do
      :ok ->
        result

      {:invalid, reason} ->
        update_in(result, [:errors, key], fn
          nil -> [reason]
          other_reasons -> [reason | other_reasons]
        end)
    end
  end)
end

Running our file, we should see the following output:

1
2
3
4
%{
  data: %{},
  errors: [password: ["is required"], username: ["is required"]]
}

Adding a New Validator

We mentioned before that the username and password should be changed from their defaults so that we can write a validator that detects usage of default values:

Copy
1
2
3
4
5
6
7
8
9
defp not_default(defaults) do
  fn value ->
    if value in defaults do
      {:invalid, "is a default and is not allowed"}
    else
      :ok
    end
  end
end

We could then use it as:

Copy
1
2
3
4
5
# snip
result
|> validate_key(:username, [required(), not_default(["username"])])
|> validate_key(:password, [required(), not_default(["secret", "password"])])
# snip

At this point, we can run:

1
2
3
%{username: "username"}
|> Config.Validator.validate()
|> IO.inspect()

And we should see:

1
2
3
4
5
6
7
%{
  data: %{username: "username"},
  errors: [
    password: ["is required"],
    username: ["is a default and is not allowed"]
  ]
}

Categorizing Validations

To support different error categories, we can extend the result map and extend the validate_key/3 function to accept a category as argument. For example, to support warnings:

Copy
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
def validate(data) do
  acc = %{
    data: data,
    errors: [],
    warnings: []
  }

  acc
  |> validate_key(:username, :errors, [required()])
  |> validate_key(:username, :warnings, [not_default(["username"])])
  |> validate_key(:password, :warnings, [required()])
  |> validate_key(:password, :warnings, [not_default(["secret"])])
end

defp validate_key(initial_acc, category, key, validators) do
  value = get_in(initial_acc, [:data, key])

  Enum.reduce(validators, initial_acc, fn validator, acc ->
    case validator.(value) do
      :ok ->
        acc

      {:invalid, reason} ->
        update_in(acc, [category, key], fn
          nil -> [reason]
          other_reasons -> [reason | other_reasons]
        end)
    end
  end)
end

To streamline the implementation in validate/1, we can create specialized validate_as_error/3 and validate_as_warning/3 functions, which would internally dispatch to validate_key/4 as needed:

Copy
1
2
3
4
5
6
7
defp validate_as_error(initial_acc, key, validators) do
  validate_key(initial_acc, :errors, key, validators)
end

defp validate_as_warning(initial_acc, key, validators) do
  validate_key(initial_acc, :warnings, key, validators)
end

Another implementation route (which is left as an exercise to the reader) is to revise the structure of validators and change it to a keyword list where each key is a category and the value is a list of validation functions for that very category.

The expected outcome of any implementation is to return the following:

1
2
3
4
5
%{
  data: %{username: "username"},
  errors: [password: ["is required"]],
  warnings: [username: ["is a default and is not allowed"]]
}

Richer Error Messages

Validation errors should return a more structured reason so that they can be consumed in different ways:

  • Errors should be logged in the console, potentially as a summary and then with a longer explanation of what to do to fix them.
  • Warnings can be displayed in the dashboard with a short description and then expanded into a long description.

For example, the required() validator can be extended as:

Copy
1
2
3
4
5
6
7
8
9
10
11
12
13
14
defp required do
  reason = %{
    type: :required,
    short_desc: "The value is required, please include it in your configuration",
    long_desc: """
    The value is required as PSPDFKit Server is not able to use a default value.
    Please update your configuration and try again.
    """
  }
  fn
    nil -> {:invalid, reason}
    _other -> :ok
  end
end

As we rely on the shape of this error, it also makes sense to define a struct for it rather than use a literal map:

1
2
3
defmodule Config.Validator.Error do
  defstruct [:type, :short_desc, :long_desc]
end

Conclusion

In this blog post, we looked at how it’s possible to design and implement a completely custom validation system — starting from a few carefully chosen primitives — in order to have maximum flexibility on how errors are reported to the end user.

It’s worth mentioning that the Elixir ecosystem already offers quality data validation libraries with distinctive feature sets which may fit your use case. Some examples include Ecto (via Ecto.Changeset and Ecto.Schema), Saul, and Norm. As always, some initial research before writing any code can help you make a well-informed decision on how to proceed.

PSPDFKit for Web

PDF viewing, annotating, and collaboration for web apps.

Try Now