layout: post
title: “Designing with types: Conclusion”
description: “A before and after comparison”
nav: thinking-functionally
seriesId: “Designing with types”
seriesOrder: 8

categories: [Types, DDD]

In this series, we’ve looked at some of the ways we can use types as part of the design process, including:

  • Breaking large structures down into small “atomic” components.
  • Using single case unions to add semantic meaning and validation to key domain types such EmailAddress and ZipCode.
  • Ensuring that the type system can only represent valid data (“making illegal states unrepresentable”).
  • Using types as an analysis tool to uncover hidden requirements
  • Replacing flags and enums with simple state machines
  • Replacing primitive strings with types that guarantee various constraints

For this final post, let’s see them all applied together.

The “before” code

Here’s the original example we started off with in the first post in the series:

  1. type Contact = 
  2.     {
  3.     FirstName: string;
  4.     MiddleInitial: string;
  5.     LastName: string;
  7.     EmailAddress: string;
  8.     //true if ownership of email address is confirmed
  9.     IsEmailVerified: bool;
  11.     Address1: string;
  12.     Address2: string;
  13.     City: string;
  14.     State: string;
  15.     Zip: string;
  16.     //true if validated against address service
  17.     IsAddressValid: bool; 
  18.     }

And how does that compare to the final result after applying all the techniques above?

The “after” code

First, let’s start with the types that are not application specific. These types could probably be reused in many applications.

  1. // ========================================
  2. // WrappedString 
  3. // ========================================
  5. /// Common code for wrapped strings
  6. module WrappedString = 
  8.     /// An interface that all wrapped strings support
  9.     type IWrappedString = 
  10.         abstract Value : string
  12.     /// Create a wrapped value option
  13.     /// 1) canonicalize the input first
  14.     /// 2) If the validation succeeds, return Some of the given constructor
  15.     /// 3) If the validation fails, return None
  16.     /// Null values are never valid.
  17.     let create canonicalize isValid ctor (s:string) = 
  18.         if s = null 
  19.         then None
  20.         else
  21.             let s' = canonicalize s
  22.             if isValid s'
  23.             then Some (ctor s') 
  24.             else None
  26.     /// Apply the given function to the wrapped value
  27.     let apply f (s:IWrappedString) = 
  28.         s.Value |> f 
  30.     /// Get the wrapped value
  31.     let value s = apply id s
  33.     /// Equality 
  34.     let equals left right = 
  35.         (value left) = (value right)
  37.     /// Comparison
  38.     let compareTo left right = 
  39.         (value left).CompareTo (value right)
  41.     /// Canonicalizes a string before construction
  42.     /// * converts all whitespace to a space char
  43.     /// * trims both ends
  44.     let singleLineTrimmed s =
  45.         System.Text.RegularExpressions.Regex.Replace(s,"\s"," ").Trim()
  47.     /// A validation function based on length
  48.     let lengthValidator len (s:string) =
  49.         s.Length <= len 
  51.     /// A string of length 100
  52.     type String100 = String100 of string with
  53.         interface IWrappedString with
  54.             member this.Value = let (String100 s) = this in s
  56.     /// A constructor for strings of length 100
  57.     let string100 = create singleLineTrimmed (lengthValidator 100) String100 
  59.     /// Converts a wrapped string to a string of length 100
  60.     let convertTo100 s = apply string100 s
  62.     /// A string of length 50
  63.     type String50 = String50 of string with
  64.         interface IWrappedString with
  65.             member this.Value = let (String50 s) = this in s
  67.     /// A constructor for strings of length 50
  68.     let string50 = create singleLineTrimmed (lengthValidator 50)  String50
  70.     /// Converts a wrapped string to a string of length 50
  71.     let convertTo50 s = apply string50 s
  73.     /// map helpers
  74.     let mapAdd k v map = 
  75.         Map.add (value k) v map    
  77.     let mapContainsKey k map =  
  78.         Map.containsKey (value k) map    
  80.     let mapTryFind k map =  
  81.         Map.tryFind (value k) map    
  83. // ========================================
  84. // Email address (not application specific)
  85. // ========================================
  87. module EmailAddress = 
  89.     type T = EmailAddress of string with 
  90.         interface WrappedString.IWrappedString with
  91.             member this.Value = let (EmailAddress s) = this in s
  93.     let create = 
  94.         let canonicalize = WrappedString.singleLineTrimmed 
  95.         let isValid s = 
  96.             (WrappedString.lengthValidator 100 s) &&
  97.             System.Text.RegularExpressions.Regex.IsMatch(s,@"^\S+@\S+\.\S+$") 
  98.         WrappedString.create canonicalize isValid EmailAddress
  100.     /// Converts any wrapped string to an EmailAddress
  101.     let convert s = WrappedString.apply create s
  103. // ========================================
  104. // ZipCode (not application specific)
  105. // ========================================
  107. module ZipCode = 
  109.     type T = ZipCode of string with
  110.         interface WrappedString.IWrappedString with
  111.             member this.Value = let (ZipCode s) = this in s
  113.     let create = 
  114.         let canonicalize = WrappedString.singleLineTrimmed 
  115.         let isValid s = 
  116.             System.Text.RegularExpressions.Regex.IsMatch(s,@"^\d{5}$") 
  117.         WrappedString.create canonicalize isValid ZipCode
  119.     /// Converts any wrapped string to a ZipCode
  120.     let convert s = WrappedString.apply create s
  122. // ========================================
  123. // StateCode (not application specific)
  124. // ========================================
  126. module StateCode = 
  128.     type T = StateCode  of string with
  129.         interface WrappedString.IWrappedString with
  130.             member this.Value = let (StateCode  s) = this in s
  132.     let create = 
  133.         let canonicalize = WrappedString.singleLineTrimmed 
  134.         let stateCodes = ["AZ";"CA";"NY"] //etc
  135.         let isValid s = 
  136.             stateCodes |> List.exists ((=) s)
  138.         WrappedString.create canonicalize isValid StateCode
  140.     /// Converts any wrapped string to a StateCode
  141.     let convert s = WrappedString.apply create s
  143. // ========================================
  144. // PostalAddress (not application specific)
  145. // ========================================
  147. module PostalAddress = 
  149.     type USPostalAddress = 
  150.         {
  151.         Address1: WrappedString.String50;
  152.         Address2: WrappedString.String50;
  153.         City: WrappedString.String50;
  154.         State: StateCode.T;
  155.         Zip: ZipCode.T;
  156.         }
  158.     type UKPostalAddress = 
  159.         {
  160.         Address1: WrappedString.String50;
  161.         Address2: WrappedString.String50;
  162.         Town: WrappedString.String50;
  163.         PostCode: WrappedString.String50;   // todo
  164.         }
  166.     type GenericPostalAddress = 
  167.         {
  168.         Address1: WrappedString.String50;
  169.         Address2: WrappedString.String50;
  170.         Address3: WrappedString.String50;
  171.         Address4: WrappedString.String50;
  172.         Address5: WrappedString.String50;
  173.         }
  175.     type T = 
  176.         | USPostalAddress of USPostalAddress 
  177.         | UKPostalAddress of UKPostalAddress 
  178.         | GenericPostalAddress of GenericPostalAddress 
  180. // ========================================
  181. // PersonalName (not application specific)
  182. // ========================================
  184. module PersonalName = 
  185.     open WrappedString
  187.     type T = 
  188.         {
  189.         FirstName: String50;
  190.         MiddleName: String50 option;
  191.         LastName: String100;
  192.         }
  194.     /// create a new value
  195.     let create first middle last = 
  196.         match (string50 first),(string100 last) with
  197.         | Some f, Some l ->
  198.             Some {
  199.                 FirstName = f;
  200.                 MiddleName = (string50 middle)
  201.                 LastName = l;
  202.                 }
  203.         | _ -> 
  204.             None
  206.     /// concat the names together        
  207.     /// and return a raw string
  208.     let fullNameRaw personalName = 
  209.         let f = personalName.FirstName |> value 
  210.         let l = personalName.LastName |> value 
  211.         let names = 
  212.             match personalName.MiddleName with
  213.             | None -> [| f; l |]
  214.             | Some middle -> [| f; (value middle); l |]
  215.         System.String.Join(" ", names)
  217.     /// concat the names together        
  218.     /// and return None if too long
  219.     let fullNameOption personalName = 
  220.         personalName |> fullNameRaw |> string100
  222.     /// concat the names together        
  223.     /// and truncate if too long
  224.     let fullNameTruncated personalName = 
  225.         // helper function
  226.         let left n (s:string) = 
  227.             if (s.Length > n) 
  228.             then s.Substring(0,n)
  229.             else s
  231.         personalName 
  232.         |> fullNameRaw  // concat
  233.         |> left 100     // truncate
  234.         |> string100    // wrap
  235.         |> Option.get   // this will always be ok

And now the application specific types. 

  2. // ========================================
  3. // EmailContactInfo -- state machine
  4. // ========================================
  6. module EmailContactInfo = 
  7.     open System
  9.     // UnverifiedData = just the EmailAddress
  10.     type UnverifiedData = EmailAddress.T
  12.     // VerifiedData = EmailAddress plus the time it was verified
  13.     type VerifiedData = EmailAddress.T * DateTime 
  15.     // set of states
  16.     type T = 
  17.         | UnverifiedState of UnverifiedData
  18.         | VerifiedState of VerifiedData
  20.     let create email = 
  21.         // unverified on creation
  22.         UnverifiedState email
  24.     // handle the "verified" event
  25.     let verified emailContactInfo dateVerified = 
  26.         match emailContactInfo with
  27.         | UnverifiedState email ->
  28.             // construct a new info in the verified state
  29.             VerifiedState (email, dateVerified) 
  30.         | VerifiedState _ ->
  31.             // ignore
  32.             emailContactInfo
  34.     let sendVerificationEmail emailContactInfo = 
  35.         match emailContactInfo with
  36.         | UnverifiedState email ->
  37.             // send email
  38.             printfn "sending email"
  39.         | VerifiedState _ ->
  40.             // do nothing
  41.             ()
  43.     let sendPasswordReset emailContactInfo = 
  44.         match emailContactInfo with
  45.         | UnverifiedState email ->
  46.             // ignore
  47.             ()
  48.         | VerifiedState _ ->
  49.             // ignore
  50.             printfn "sending password reset"
  52. // ========================================
  53. // PostalContactInfo -- state machine
  54. // ========================================
  56. module PostalContactInfo = 
  57.     open System
  59.     // InvalidData = just the PostalAddress
  60.     type InvalidData = PostalAddress.T
  62.     // ValidData = PostalAddress plus the time it was verified
  63.     type ValidData = PostalAddress.T * DateTime 
  65.     // set of states
  66.     type T = 
  67.         | InvalidState of InvalidData
  68.         | ValidState of ValidData
  70.     let create address = 
  71.         // invalid on creation
  72.         InvalidState address
  74.     // handle the "validated" event
  75.     let validated postalContactInfo dateValidated = 
  76.         match postalContactInfo with
  77.         | InvalidState address ->
  78.             // construct a new info in the valid state
  79.             ValidState (address, dateValidated) 
  80.         | ValidState _ ->
  81.             // ignore
  82.             postalContactInfo 
  84.     let contactValidationService postalContactInfo = 
  85.         let dateIsTooLongAgo (d:DateTime) =
  86.             d < DateTime.Today.AddYears(-1)
  88.         match postalContactInfo with
  89.         | InvalidState address ->
  90.             printfn "contacting the address validation service"
  91.         | ValidState (address,date) when date |> dateIsTooLongAgo  ->
  92.             printfn "last checked a long time ago."
  93.             printfn "contacting the address validation service again"
  94.         | ValidState  _ ->
  95.             printfn "recently checked. Doing nothing."
  97. // ========================================
  98. // ContactMethod and Contact
  99. // ========================================
  101. type ContactMethod = 
  102.     | Email of EmailContactInfo.T 
  103.     | PostalAddress of PostalContactInfo.T
  105. type Contact = 
  106.     {
  107.     Name: PersonalName.T;
  108.     PrimaryContactMethod: ContactMethod;
  109.     SecondaryContactMethods: ContactMethod list;
  110.     }

Conclusion

Phew! The new code is much, much longer than the original code. Granted, it has a lot of supporting functions that were not needed in the original version, but even so it seems like a lot of extra work. So was it worth it?

I think the answer is yes. Here are some of the reasons why:

The new code is more explicit

If we look at the original example, there was no atomicity between fields, no validation rules, no length constraints, nothing to stop you updating flags in the wrong order, and so on.

The data structure was “dumb” and all the business rules were implicit in the application code.
Chances are that the application would have lots of subtle bugs that might not even show up in unit tests. (Are you sure the application reset the IsEmailVerified flag to false in every place the email address was updated?)

On the other hand, the new code is extremely explicit about every little detail. If I stripped away everything but the types themselves, you would have a very good idea of what the business rules and domain constraints were.

The new code won’t let you postpone error handling

Writing code that works with the new types means that you are forced to handle every possible thing that could go wrong, from dealing with a name that is too long, to failing to supply a contact method.
And you have to do this up front at construction time. You can’t postpone it till later.

Writing such error handling code can be annoying and tedious, but on the other hand, it pretty much writes itself. There is really only one way to write code that actually compiles with these types.

The new code is more likely to be correct

The huge benefit of the new code is that it is probably bug free. Without even writing any unit tests, I can be quite confident that a first name will never be truncated when written to a varchar(50) in a database, and that I can never accidentally send out a verification email twice.

And in terms of the code itself, many of the things that you as a developer have to remember to deal with (or forget to deal with) are completely absent. No null checks, no casting, no worrying about what the default should be in a switch statement. And if you like to use cyclomatic complexity as a code quality metric, you might note that there are only three if statements in the entire 350 odd lines.

A word of warning…

Finally, beware! Getting comfortable with this style of type-based design will have an insidious effect on you. You will start to develop paranoia whenever you see code that isn’t typed strictly enough. (How long should an email address be, exactly?) and you will be unable to write the simplest python script without getting anxious. When this happens, you will have been fully inducted into the cult. Welcome!

If you liked this series, here is a slide deck that covers many of the same topics. There is a video as well (here)