Daryle De Silva

Content Whitelist Pattern: Handle Empty Lists with Explicit Intent

Written by

Daryle De Silva

in

📖 1 minute read

When implementing content whitelists with opt-in flags, always handle the empty whitelist case explicitly. An empty whitelist combined with a “whitelist required” flag should return NO results, not bypass the filter.

This pattern prevents accidental data leakage when a partner has whitelist requirements but hasn’t configured items yet. Match your internal reports to your API behavior – if the API returns nothing, the report should too.

if ($partner->getContentWhitelist()->isEmpty()) {
    if ($partner->requiresWhitelist()) {
        // Empty whitelist + requirement = return nothing
        return $query->whereIn('products.id', []);
    }
    // No requirement, skip filtering
    return $query;
}

// Has whitelist items, apply filter
return $query->whereIn(
    'products.id',
    $partner->getContentWhitelist()->pluck('product_id')->toArray()
);

Daryle De Silva

VP of Technology

11+ years building and scaling web applications. Writing about what I learn in the trenches.

Related Articles

Debugging Missing Records in Laravel Reports: Export the SQL

When users report "missing records" in generated reports, resist the urge to dive into application logic first. Instead, export the…

2 min read

Laravel API Resources: Use whenLoaded() to Conditionally Include Relationships

When building Laravel API resources, accessing relationships directly can trigger N+1 queries if those relationships aren't eager loaded. The whenLoaded()…

2 min read

Register Custom Corcel Models for WordPress Post Types

By default, Corcel uses a generic Post model for all WordPress content. But if you're working with custom post types…

1 min read

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

More posts