Home/ Questions/Q 5996345
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-23T00:05:24+00:00

Background I’m working on building an ASP.Net MVC 3 application that utilizes: JQueryUI for

  • 0

Background

I’m working on building an ASP.Net MVC 3 application that utilizes:

  • JQueryUI for many UI widgets/controls
  • An existing SOA-based system for CRUD operations (built using DDD concepts). This includes a service optimized for read operations (see CQRS). The services are RESTful (hosted in IIS/Appfabric) and hence can be accessed via simple HTTP requests from javascript. The services can also easily be consumed directly by referencing the service binary and accessed from the Controller (or course, via layers to decouple the Controller from the service and so on).

Question

Is it ever appropriate to perform, for example, a read operation by using the existing RESTful API directly from javascript rather than invoking a Controller method that then makes the service call? Or should we always utilize Controller methods for any sort of CRUD operation?

Concerns

  • Seems to break the rule that says you should never bypass a layer
  • On the other hand, if we always utilize the Controller it then feels somewhat redundant in that we are wrapping the services essentially in another RESTful API this time using ASP.Net MVC.

My gut feel when I started looking at this was that we would end up writing Controller methods for some operations where perhaps manipulation of page output (the view) is easiest when we have the data in a model. Then there would be other operations, perhaps pulling a list of employees for a simple lookup for example, that would not need to utilize a Controller method and could go straight to our existing RESTful API. It feels messy and some developers will be confused as to when to use a Controller method or the existing RESTful API directly.

Any thoughts or suggestions would be appreciated.

Thanks.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I guess this is a matter of opinion, but I’d always go through a controller for consistency if nothing else. As you say, if you sometimes use the API directly, but other times go through a controller, then your devs are likely to get confused as to how they should access the data.

    Another thing worth considering is that by using the controller, you’re hiding the API from the end user, which is probably a good thing as malicious users could quite easily change the Javascript to do things that you weren’t expecting (although I’d expect the API to have measures for dealing with this), but if you’re always going via a controller you can ensure that the user can’t directly manipulate the data via the API.

    Even if security isn’t a problem, as I said, I’d still go with controller access every time just for the sake of being consistent.

    • 0