A colleague of mine is against using DTOs and rather feels we should just return Entity / Domain objects serialized for a REST api. He feels DTO is an anti pattern and sited this article Data Transfer Object is a Shame. Although the article sited has a different approach to solving the "DTO Problem" as my colleague is proposing. Personally I've always preferred to use DTO for three reasons.
- My API is not tied to my domain layer, so I have flexibility. Domain layer can change without impacting the API, and vise versa.
- When using ORMs like JPA/Hibernate I don't accidentally issue tons of queries to build the object graph to serialize, or have to put logic / annotations in my entity layer to control serialization, which is really a view concern not a domain concern.
- I can easily control what and how much information goes over the wire, IE send the handful of fields the client wants rather than 30 fields.
Point 2 is not a big deal if an ORM is not being used. I can still see can issue though if you had something like the following
class Order {
private Long orderId;
// additional fields go here
private List<LineItem> lineItems;
}
class LineItem {
private Long id;
private BigDecimal amount;
private int qty;
}
Lets say the client only wanted a list of orders and didn't care about the line items. If there wasn't a DTO involved you could populate the Order object and leave the lineItems as an empty List but that would be awkward and confusing to populate it in some cases, and not others. Or all the data could be loaded and transferred but that seems wasteful and potential performance impact.
Is there every an appropriate time to skip DTOs and just return the domain object? Or am I thinking wrong and DTO is not a pattern that should be used. Is there another approach?
Best Answer
First of all, merely citing someone's article on the Internet does not constitute sufficient justification for changing a practice. You have to weigh the pros and cons, and make up your own mind.
Note that the author of the article you cited hates ORM's. He follows a strict principle of encapsulating code with its data, which is sort of the foundational principle of object-orientation. He strongly dislikes ORM because it strips classes of their intelligence, and he's not wrong about that.
In his ORM hate article, he writes (more or less) that classes should be responsible for saving themselves to the database, a practice that violates a principle called "persistence ignorance." Persistence ignorance simply means that classes shouldn't know anything about their database overlord, and it's difficult to achieve this in any realistic manner with ORM's. He gets around the persistence ignorance problem by using interfaces, making his data ignorant of its underlying implementation.
To be fair, I write code that looks a lot like his under the hood, albeit a bit more streamlined than his (Java has a reputation for being very verbose, and I don't bother with the DTO interfaces). After wrestling with Entity Framework for awhile, I began using Dapper and writing SQL queries instead. I get better performance, less complexity and finer targeting of the database.
The class that implements your so-called "data transfer object" is a nice place to put this code; all you have to do is hand it an
IdbConnectionobject, and the class has all it needs to read from and persist itself to the database.I guess my question is, why does this have to be an either/or choice? If you need something from the database that requires a DTO, then use a DTO. If you want what you're calling a "domain object," then use that instead.