Background
Antony Marcano and I have just started running a coding design workshop. Most of the audience are new to coding and we are trying to focus on good habits that are applicable across all programming languages.
In our first session, we created a vending machine. By the end of 90 minutes, it was able to dispense a drink as long as it had sufficient money and stock available.
One of the questions that we asked was “What do we do when the customer has not inserted enough money and we press the button for the drink?”
Some of the people who had some programming background said “Return null”, which is what brings us to this post.
Good Citizen
In the wiki for the PicoContainer project, there is a page titled “Good Citizen“, which details a number of good practices that all Java classes would benefit from trying to adhere to.
The practices make a lot of sense when you think about them, but they aren’t really explained. I’m going to try and address that issue as we cover them in the workshop.
The practice that we are looking at today is “Never expect or return null”, with a dash of “Fail Fast” for flavour.
What’s so bad about null?
In the Java world, when we declare a method signature, we specify a return type. In the case of our vending machine we had:
public Drink giveMeADrink() {...}
By declaring that the return type is Drink, we are signing up to return something that “is-a” drink.
We could also return null, which is a nothing value. We could use this to represent that you did not get a drink.
The client code may look something like this:
myVendingMachine.giveMeADrink().downInOne();
If we return null, this code will fail with a NullPointerException. Not particularly useful, but at least we are using the result straight away. The problems become much worse if we store the returned Drink for use later.
When we said we will always return a Drink, we lied.
Programming Defensively
The sample client code above makes the assumption that the result of giveMeADrink will be a Drink. Given that we’ve actually signed up to that contract, that doesn’t seem to be unreasonable. But now the client code is broken and they have an angry customer, they are going to have to work around the issue. It would probably look like this:
Drink myDrink = myVendingMachine.giveMeADrink();
if(myDrink != null) {
myDrink.downInOne();
}
This code is actually saying “I’ve asked you to give me a drink, but I don’t trust you, so I will check first”.
Why isn’t this working? An Exceptional Approach
If we rely on our client to check that they received a valid result, we lose out on an opportunity to let the client know why the call was unsuccessful.
In the Programming Defensively example, we can recover from being returned a null, but we don’t know why it was null. Was it because we hadn’t inserted the money? Was it because the machine was out of stock? Was it because the stars were out of alignment?
Do we handle the scenarios differently? If we haven’t inserted enough money, that’s something we can deal with, but if the machine is empty, we need to look for another machine.
What if our code looked like this?
public Drink giveMeADrink() {
if(weDontHaveEnoughMoney()) {throw new NotEnoughMoneyException();}
if(weDontHaveEnoughStock()) {throw new DrinkOutOfStockException();}
return new Drink();
}
What we have said is “We will always give you a drink or tell you why we couldn’t“
Now when we attempt to call giveMeADrink, it lets us know straight away if it can’t proceed. It also gives us a good indication of why it is having problems.
The client code calls:
myVendingMachine.giveMeADrink().downInOne();
and gets told “Sorry, I’d give you a drink, but you didn’t insert enough money“.
Our code is being honest, polite and giving the client an opportunity to remedy the situation. The customer is still angry, but now he’s angry with himself for not putting in enough money.
In Summary
- Programming defensively is programming distrustfully
- Returning null is dishonest. It requires others to check that we’ve upheld our side of the bargain
- Throwing a meaningful exception allows us to let the caller know why their call did not succeed