The three-tier architecture ASP.NET MVC. Where validation of data?

The bottom line is this, I need the project to implement a three-tier architecture and as the level of performance needs to be ASP.NET MVC, I have a question where should validirostris data, in the classic MVC validation occurs in the controller, for example, ask the models limitations with the use of DataAnnotations and in the controller just check the ModelState and in case of error, displays it in the view.
But in the case of a three-tier architecture validation as I understand it needs to happen at the logic level (BLL), i.e. the controller needs to transmit data to the BLL level, then they're validinputs and in case of an error BLL should return some message to the controller, so he brought it into view.

Alternatively, you can do a double test, i.e., at the UI layer (MVC project) and in the BLL, then we get rid of the problem of how to display the user an error message, but I have duplicate checks because at the level of the BLL have to validate the data.

Can someone explain how it is correct to implement, and it is desirable to give any example.
July 4th 19 at 22:56
2 answers
July 4th 19 at 22:58
Solution
At the level of the BLL you validitate occurrence of values within limits and valid values
but at the level of the MVC availability and compliance types.
: You and the client/web page will still validate the data introduced in the form. And without it, you will increase server load, traffic, and the usability of the form for the user. This double check is not worried? Also in the BLL, you can make an additional method with lightweight verification, which can only be called from the controller. - candida_Upton commented on July 4th 19 at 23:04
Well, for example, the user should enter their full name, us on the level of performance in addition to compliance with the types you have to check, and if it does not exceed a length of for example 50 characters, and at the level of the BLL again, will check it out. How to be here? If you listen to your Council, at the level of presentation, the length check we will not, but in case if the BLL became clear that it exceeded the length of 50 characters how do I tell this user? That's what I'm confused. - nikita.Stracke commented on July 4th 19 at 23:01
: So you propose the following: validate the data client-side (Javascript) that is sent to the controller, the controller sends data to BLL and the data validinputs there again and only then sent to DAL? Well basically I wanted to do, but is it the right side design? Ie if in the future if we change the method of validation (for example 50 characters and 49), we will have to change the test immediately and BLL and in Javascript? I'm just doing a test, I need to make it as correct, so I took the job).
And another question, where the validation regular expression, for example for EMAIL, again and klinet, and in BLL? - nikita.Stracke commented on July 4th 19 at 23:07
: You consider a BLL as a separate library which can connect desktop application, service or web server and then it will be more clear how and what to validate. - candida_Upton commented on July 4th 19 at 23:10
July 4th 19 at 23:00
You can check at all levels.
1) Controllers MVC - FluentValidation
2) Next, all through contracts.
Using IoC wrap everything in interfaces, and further:
[ContractClass(typeof(IArrayContract))]
public interface IArray
{ contract }

[ContractClassFor(typeof(IArray))]
internal abstract class IArrayContract : IArray
{ check the input and output parameters of contracts }


+ checks on the interfaces, you can enable and disable tab in the project properties, 4 levels of verification.
+ implemented check all the types implementing the contract.
- you cannot just take and catch the type of exception from the contract will have to catch everything.

From BBL not vykinesh HTTP error, will either have to do the filter or to catch them in each method and using a switch to throw, but it's not.

Find more questions by tags ASP.NETValidation