Sure, a developer with access to the source code could start manipulating whatever they want. And in the process make something very fragile and unmaintainable.
By making as much private as possible, and respecting that, and only exposing well defined interfaces, you can make it simple to change things behind the scene to, for example, fix bugs or improve performance. If other code is messing around with variables, then changes are quite difficult, because they will cause that other code to break.
I'm unsure exactly how Javascript handles privacy, but in languages like Java and C++, there is some compiler support for enforcing privacy.
Consider a class representing an IP address:
public class IpAddress {
public string ipAddress;
}
Right now, anyone can put whatever they want into ipAddress (it's a public field).
IpAddress ia = new IpAddress();
ia.ipAddress = "weeeee!";
Last I checked, weeeee!
was not a valid IP address. But, by making it private, we can make sure invalid addresses are thrown out. Of, course, we'll still need a way of accessing it and updating it. So we make public methods:
public class IpAddress {
private string ipAddress;
public string toString() {
return ipAddress;
}
public boolean setipAddress(string newIp) {
if (isValid(newIp)) {
ipAddress = newIp;
return true;
} else {
return false;
}
}
}
Note that now we still have access to the IP address's value, and we can update it, but now we can be sure that when it is updated, the new value is a valid value, instead of something like weeeee!
.
ia.ipAddress = "this won't compile";
ia.setipAddress("This won't update the address");
ia.setipAddress("192.168.0.1"); // works
Similarly, what if we decide that a string
is a poor way of storing an IP address? Maybe a quartet of int
s would be better. Before, when the ipAddress
field was public, any code that used it, either to simply view it, or to change it, would break if we tried to change our storage scheme. But since we're using public methods for access instead of directly accessing the field, we can do this without breaking anything:
public class IpAddress {
private int part1;
private int part2;
private int part3;
private int part4;
public string toString() {
return "" + part1 "." + part2 + "." + part3 + "." + part4;
}
public boolean setipAddress(string newIp) {
if (isValid(newIp)) {
part1 = extractOct(newIp,1);
part2 = extractOct(newIp,2);
part3 = extractOct(newIp,3);
part4 = extractOct(newIp,4);
return true;
} else {
return false;
}
}
}
From the point of view of anyone using this class, it looks like this whether storing the IP address as a string
or four int
s:
public class IpAddress {
public string toString()
public boolean setIpAddress(string newIp)
}
and they don't need to know, or care that things changed behind the scenes.*
*In general. Some rare cases might care. E.g. realtime systems can be sensitive to performance changes, whether faster or slower.
...since everyone working on the code can potentially change any mutable object or method right?
-- Not if you've encapsulated it in a method or class. It's only changeable within that method or class. See?