Home/ Questions/Q 7491333
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-29T15:58:54+00:00

I have a model for a User generated by EF from an existing database:

  • 0

I have a model for a User generated by EF from an existing database:

public class User
{
 public int Id { get;set; }
 public string Name { get;set; }
 public string Password { get;set; }
 public DateTime Created { get;set; }
 public DateTime LastModified { get;set; }
}

I’ve been then creating a UserModel and applying data annotations to add validation. I use AutoMapper to translate between User and UserModel.

I am now trying to create the views, with the following business rules:

  • when creating a user, the Created and LastModified fields should not appear in the UI, but they should both be set prior to the model being saved in the repository;
  • when editing a user, the Created and LastModified fields should not appear in the UI, but the Created field should be left unchanged and the LastModified field should be updated prior to the model being saved in the repository;
  • when editing a user, if the password field is not touched, then the Password field in the model is not changed; if the password field contains a value, that should be used to update the model.

So how can I achieve this, with as little code duplication as possible? For instance, should I have an EditUserModel and a CreateUserModel, inheriting from a base UserModel which has the fields common to both (Id, Name, Password)? Should either model have any reference to Created/LastModified? And particularly, how can I handle the password change requirement?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    This is how I usually deal with this situation. For the view model, I’m using only one, the EditUserModel, since it really doesn’t pay off to maintain 3 classes only 1-2 properties are different and in my opinion the view model isn’t THAT important, I’m just being pragmatic. In your case the EditUserModel should look something like this

    public class EditUserModel
{
   public int Id {get;set} //used when modifying user
   public string Name {get;set;}
   public string Password {get;set;}
   public string ConfirmPassword {get;set;} //this is optionally
}

    This model gets passed to a controller and I’d personally use a DDD approach (as a mindset) and have let’s say a domain model which looks like this (it’s based on code i’m actually using)

    public class Password
{
   public Password(string value,string salt)
   {
      //you can apply basic validation rules if you want\\

      Hash=(salt+value).Sha256(); //a variant of hashing and an extension method
      Salt=salt;
   }
   public string Hash {get;private set;}
   public string Salt {get;private set;} 
}

    public class Member
{
   public Member(string name, Password pwd)
   {
       Name=name;
       Password=pwd;
       Created= DateTime.Now;
    }

    public Member(int id,DateTime created,string name,Password p)
    {
        Id = id;
        Created = created;
        _name = name;
        _password = p;
    }
   public int Id { get; set; } 
    private string _name;

    public string Name
    {
        get { return _name; }
        set
        {
            LastModified = DateTime.Now;
            _name = value;
        }
    }

    private Password _password;
    public Password Password
    {
        get { return _password; }
        set
        {
            _password = value;
            LastModified = DateTime.Now;
        }
    }

    public DateTime Created {get;private set;}
   public DateTime LastModified {get;private set;}
}

    First time when creating a user

    var user= new Member(model.Name,new Password(model.Password,"a salt"));
repository.Save(user);

    When updating

    var user= repository.GetUser(int id);
user.Name=model.Name;
if (!string.IsNullOrEmpty(model.Password)) user.Password= new Password(model.Password,"a salt");
repository.Save(user);

    In the repository (note that I don;t have much experience with EF so this code surely can be optimized)

    public void Save(Member user)
{
using (var dc = new DbContext())
    {

 if (user.Id==0)
  {
     //do insert, all this can be handled via automapper
    var u= new User();
    u.Name=user.Name;
    u.Password=user.Password.Hash;
    u.Created=user.Created;
    u.LastModified=user.LastModifed;  
    dc.Users.Add(u);
    dc.SaveChanges();
    user.Id=u.Id;

  }
else  
 {
    //do edit
    var u= dc.Users.First(d=>d.Id==user.Id);
    //map values \\

    dc.Users.SaveChanges();// EF should detect if something was changed and save only changes
  }
}
}

  public Member GetUser(int id)
   {
     //get User from DbContext \\

      var m= new Member(id,user.Created,user.Name,new Password(user.Password,"my salt")); 
      return m;


    }

    This is hasty code and all can be improved but let me tell why such ‘complicated’ approach. First of all we have a clearer differention between the layers responsabilities, the view model handles all required to display and to send back data to controller and the domain model is not mingled with the persistence model (EF model). You can change pretty easily the password hashing techqnique and teh creates/last modified stuff is handled where changes really occur. When you start adding more functionality this design will make it much easier for you.

    The main goal is clarity and maintainability and dependeing on the usage you can take another approach like updating the user via commands (you send to repository a command to change the name or the password)

    Ok i’m finished now 🙂

    • 0