ValidateVar coerces values instead of validating them

[evpav]

Here: https://github.com/cranetm/yii2-json-rpc-2.0/blob/master/JsonRpc2/Validator/ValidateVar.php#L80-L93

This library is advertised as one with strict type validation, so it is expected that values will be validated, and not silently coerced.

Also, default case is omitted in that switch, is it intentional? Shouldn't it throw an exception if the type is not recognized?

[cranetm]

Please, give an example with that "unrecognized" type.

[evpav]

If there is a typo or a misspelling in a type declaration ValidateVar does not perform any actual validation and just silently returns the original value.

[cranetm]

I understand, this is a kind of "protection of Fools". For some developers it can be an issue, i agree. I will add corresponding exception, thank you for explanation.

[evpav]

Well, not only from fools. For example, int/integer, bool/boolean are acceptable in phpdocs, but only short forms will be "validated" here. It is not mentioned in the docs and can become a source of errors. And what about strict type validation? If implemented it will be a BC break for sure. How do you think it should be done? Also, on a related note, why not use Yii's \yii\base\Model as the base DTO class? Its validation facilities provide much better extensibility and error reporting and are already known by yii users.

[cranetm]

About short and long forms i agree, them could be added to switch-case.

why not use Yii's \yii\base\Model

Because this library was developed(in my old project) for another framework and I adopted it for yii. yii\validators\Validator has many interesting validations about dates, email, url, ip, match by regex, trim. I'll look at this Model class, maybe it can be useful.