public method

An important part of describing the business logic of a model class is defining the validation rules. In Lithium models, rules are defined through the $validates class property, and are used by this method before saving to verify the correctness of the data being sent to the backend data source.

Note that these are application-level validation rules, and do not interact with any rules or constraints defined in your data source. If such constraints fail, an exception will be thrown by the database layer. The validates() method only checks against the rules defined in application code.

This method uses the Validator class to perform data validation. An array representation of the entity object to be tested is passed to the check() method, along with the model's validation rules. Any rules defined in the Validator class can be used to validate fields. See the Validator class to add custom rules, or override built-in rules.


  • object $entity

    Model entity to validate. Typically either a Record or Document object. In the following example:

           $post = Posts::create($data);
           $success = $post->validates();
    The `$entity` parameter is equal to the `$post` object instance.
  • array $options

    Available options:

    • 'rules' array: If specified, this array will replace the default validation rules defined in $validates.
    • 'events' mixed: A string or array defining one or more validation events. Events are different contexts in which data events can occur, and correspond to the optional 'on' key in validation rules. For example, by default, 'events' is set to either 'create' or 'update', depending on whether $entity already exists. Then, individual rules can specify 'on' => 'create' or 'on' => 'update' to only be applied at certain times. Using this parameter, you can set up custom events in your rules as well, such as 'on' => 'login'. Note that when defining validation rules, the 'on' key can also be an array of multiple events.
    • 'required' mixed: Represents whether the value is required to be present in $values. If 'required' is set to true, the validation rule will be checked. if 'required' is set to 'false' , the validation rule will be skipped if the corresponding key is not present. If don't set 'required' or set this to null, the validation rule will be skipped if the corresponding key is not present in update and will be checked in insert. Defaults is set to null.
    • 'whitelist' array: If specified, only fields in this array will be validated and others will be skipped.



Returns true if all validation rules on all fields succeed, otherwise false. After validation, the messages for any validation failures are assigned to the entity, and accessible through the errors() method of the entity object.


This method can be filtered.


	public function validates($entity, array $options = []) {
		$defaults = [
			'rules' => $this->validates,
			'events' => $entity->exists() ? 'update' : 'create',
			'model' => get_called_class(),
			'required' => null,
			'whitelist' => null
		$options += $defaults;

		if ($options['required'] === null) {
			$options['required'] = !$entity->exists();
		$self = static::object();
		$validator = $self->_classes['validator'];
		$params = compact('entity', 'options');

		$implementation = function($params) use ($validator) {
			$entity = $params['entity'];
			$options = $params['options'];
			$rules = $options['rules'];
			if ($whitelist = $options['whitelist']) {
				$whitelist = array_combine($whitelist, $whitelist);
				$rules = array_intersect_key($rules, $whitelist);

			if ($errors = $validator::check($entity->data(), $rules, $options)) {
			return empty($errors);
		return Filters::run(get_called_class(), __FUNCTION__, $params, $implementation);