After listening to a presentation about Domain Driven Security, I got some additional insights about what a data structure (as opposed to OOP object) should be able to do. Data structures (I call them
struct) should have a subset of OOP features which I think is useful and harmless.
struct should allow constructors. Such constructors can have two purposes, to convert one type of data into another and to validate the input. Such constructors should take parameters and be able to throw an exception if the input is invalid, to make it impossible to create an invalid instance of a
struct. Each constructor should be required to set every field of the
struct, and if no constructors are defined, a default one should be generated which simply takes all fields as parameters.
It can also be useful to have derived fields, which would be parameter-less function which return a value computed from one or more fields in the
struct. They should be pure functions from the current state of the
There should be encapsulation so that fields can be marked as
private. Which one should be default?
structs should be immutable by default, with an option to mark individual fields of them
mutable. However, it should be required to mark the whole
mutable to be able to mark any field of it
mutable. A mutable field cannot be private and it’s value can be set from outside (typically with assignment syntax).
structs should not have any inheritance or polymorphism, and should not have any methods.
structs should be value types without identity, like a
struct in C# or a primitive type in Java.