Ecto Patterns for Phoenix/Elixir

Ecto is the data layer for Phoenix applications: schemas, changesets, queries, migrations, and transactions. Good Ecto practice keeps domain logic in contexts, enforces constraints in the database, and uses transactions for multi-step workflows.

Schemas and Changesets

defmodule MyApp.Accounts.User do use Ecto.Schema import Ecto.Changeset

schema "users" do field :email, :string field :hashed_password, :string field :confirmed_at, :naive_datetime has_many :memberships, MyApp.Orgs.Membership timestamps() end

def registration_changeset(user, attrs) do user |> cast(attrs, [:email, :password]) |> validate_required([:email, :password]) |> validate_format(:email, ~r/@/) |> validate_length(:password, min: 12) |> unique_constraint(:email) |> hash_password() end

defp hash_password(%{valid?: true} = cs), do: put_change(cs, :hashed_password, Argon2.hash_pwd_salt(get_change(cs, :password))) defp hash_password(cs), do: cs end

Guidelines

• Keep casting/validation in changesets; keep business logic in contexts.

• Always pair validation with DB constraints (unique_constraint , foreign_key_constraint ).

• Use changeset/2 for updates; avoid mass assigning without casting.

Migrations

def change do create table(:users) do add :email, :citext, null: false add :hashed_password, :string, null: false add :confirmed_at, :naive_datetime timestamps() end

create unique_index(:users, [:email]) end

Safe migration tips

• Prefer additive changes: add columns nullable, backfill, then enforce null: false.

• For large tables: use concurrently: true for indexes; disable in change and wrap in up/down for Postgres.

• Data migrations belong in separate modules called from mix ecto.migrate via execute/1 or in distinct scripts; ensure idempotence.

• Coordinate locks: avoid long transactions; break migrations into small steps.

Queries and Preloads

import Ecto.Query

def list_users(opts \ %{}) do base = from u in MyApp.Accounts.User, preload: [:memberships], order_by: [desc: u.inserted_at]

Repo.all(apply_pagination(base, opts)) end

defp apply_pagination(query, %{limit: limit, offset: offset}), do: query |> limit(^limit) |> offset(^offset) defp apply_pagination(query, _), do: query

Patterns

• Use preload rather than calling Repo in loops; prefer Repo.preload/2 after fetching.

• Use select to avoid loading large blobs.

• For concurrency, use Repo.transaction with lock: "FOR UPDATE" in queries that need row-level locks.

Transactions and Ecto.Multi

alias Ecto.Multi

def onboard_user(attrs) do Multi.new() |> Multi.insert(:user, User.registration_changeset(%User{}, attrs)) |> Multi.insert(:org, fn %{user: user} -> Org.changeset(%Org{}, %{owner_id: user.id, name: attrs["org_name"]}) end) |> Multi.run(:welcome, fn _repo, %{user: user} -> MyApp.Mailer.deliver_welcome(user) {:ok, :sent} end) |> Repo.transaction() end

Guidelines

• Prefer Multi.run/3 for side effects that can fail; return {:ok, value} or {:error, reason} .

• Use Multi.update_all for batch updates; include where guards to prevent unbounded writes.

• Propagate errors upward; translate them in controllers/LiveViews.

Associations and Constraints

• Use on_replace: :delete /:nilify to control nested changes.

• Define foreign_key_constraint/3 and unique_constraint/3 in changesets to surface DB errors cleanly.

• For many-to-many, prefer join schema (has_many :memberships ) instead of automatic many_to_many when you need metadata.

Pagination and Filtering

• Offset/limit for small datasets; cursor-based for large lists (Scrivener , Flop , Paginator ).

• Normalize filters in contexts; avoid letting controllers build queries directly.

• Add composite indexes to match filter columns; verify with EXPLAIN ANALYZE .

Multi-Tenancy Patterns

• Prefix-based: Postgres schemas per tenant (put_source/2 with prefix: ) — good isolation, needs per-tenant migrations.

• Row-based: tenant_id column + row filters — simpler migrations; add partial indexes per tenant when large.

• Always scope queries by tenant in contexts; consider using policies/guards to enforce.

Performance and Ops

• Use Repo.stream for large exports; wrap in Repo.transaction .

• Cache hot reads with ETS/Cachex; invalidate on writes.

• Watch query counts in LiveView/Channels; preload before rendering to avoid N+1.

• Telemetry: OpentelemetryEcto exports query timings; add DB connection pool metrics.

Testing

use MyApp.DataCase, async: true

test "registration changeset validates email" do changeset = User.registration_changeset(%User{}, %{email: "bad", password: "secretsecret"}) refute changeset.valid? assert %{email: ["has invalid format"]} = errors_on(changeset) end

• DataCase sets up sandboxed DB; keep tests async unless transactions conflict.

• Use factories/fixtures in test/support to build valid structs quickly.

• For migrations, add regression tests for constraints (unique/index-backed constraints).

Common Pitfalls

• Running risky DDL in a single migration step (avoid locks; break apart).

• Skipping DB constraints and relying only on changesets.

• Querying associations in loops instead of preloading.

• Missing transactions for multi-step writes (partial state on failure).

• Forgetting tenant scoping on read/write in multi-tenant setups.