The Login method of the Authentication service takes four arguments, the last being a string customData.
public T Login(string userName, string password, bool isPersistent, string customData);
I would like to know how this customData parameter can be used. I don't see how it given the membership provider (since the membershipProvider ValidateUser takes only username and password), and I don't see how it is used by the AuthenticationBase Domain Service.
What I don't understand is this statement, from the documentation
customData: Optional implementation-specific data. It is unused by
this base class.
If it is unused by the base class, how is a derived class suppose to use it, since the Login method is not virtual?
I need to pass additional authentication data as part of the login process and I was rather hoping that there would be a few extensible points on the server side that would make using the customData possible.
The AuthenticationBase implements the IAuthentication interface and that is where the Login method is defined. If you create your own DomainService that implements IAuthentication directly instead of inheriting AuthenticationBase then you can use the customData.
Related
I'm creating a design for a Twitter application to practice DDD. My domain model looks like this:
The user and tweet are marked blue to indicate them being a aggregate root. Between the user and the tweet I want a bounded context, each will run in their respective microservice (auth and tweet).
To reference which user has created a tweet, but not run into a self-referencing loop, I have created the UserInfo object. The UserInfo object is created via events when a new user is created. It stores only the information the Tweet microservice will need of the user.
When I create a tweet I only provide the userid and relevant fields to the tweet, with that user id I want to be able to retrieve the UserInfo object, via id reference, to use it in the various child objects, such as Mentions and Poster.
The issue I run into is the persistance, at first glance I thought "Just provide the UserInfo object in the tweet constructor and it's done, all the child aggregates have access to it". But it's a bit harder on the Mention class, since the Mention will contain a dynamic username like so: "#anyuser". To validate if anyuser exists as a UserInfo object I need to query the database. However, I don't know who is mentioned before the tweet's content has been parsed, and that logic resides in the domain model itself and is called as a result of using the tweets constructor. Without this logic, no mentions are extracted so nothing can "yet" be validated.
If I cannot validate it before creating the tweet, because I need the extraction logic, and I cannot use the database repository inside the domain model layer, how can I validate the mentions properly?
Whenever an AR needs to reach out of it's own boundary to gather data there's two main solutions:
You pass in a service to the AR's method which allows it to perform the resolution. The service interface is defined in the domain, but most likely implemented in the infrastructure layer.
e.g. someAr.someMethod(args, someServiceImpl)
Note that if the data is required at construction time you may want to introduce a factory that takes a dependency on the service interface, performs the validation and returns an instance of the AR.
e.g.
tweetFactory = new TweetFactory(new SqlUserInfoLookupService(...));
tweet = tweetFactory.create(...);
You resolve the dependencies in the application layer first, then pass the required data. Note that the application layer could take a dependency onto a domain service in order to perform some reverse resolutions first.
e.g.
If the application layer would like to resolve the UserInfo for all mentions, but can't because it doesn't know how to parse mentions within the text it could always rely on a domain service or value object to perform that task first, then resolve the UserInfo dependencies and provide them to the Tweet AR. Be cautious here not to leak too much logic in the application layer though. If the orchestration logic becomes intertwined with business logic you may want to extract such use case processing logic in a domain service.
Finally, note that any data validated outside the boundary of an AR is always considered stale. The #xyz user could currently exist, but not exist anymore (e.g. deactivated) 1ms after the tweet was sent.
I am writing verification IP for some interface and facing with one interesting item, which I think is somehow basic for OOP.
So in my driver I have functions e.g. configMaster, which is DUT specific. And VIP user may want to override that function. Now I want to provide mechanism for user to do that.
I think the best way of overriding the VIP driver class functions would be following
User extends the driver class
In the extended class user redefines the driver methods that he wants. If there are several methods that user doesn’t want to override that’s fine.
Using factory override method user overrides the driver class with the
extended user_driver class
The thing I don’t like here that user each time running the simulation should specify the factory override command.
Could you please share your opinion is this right way to do? Are there other ways?
Thanks
Hayk
Step 3 is not always mandatory . After overriding the class the user can directly use the derived class in his TB. This will mostly be the case if the TB is being built afresh or the user is integrating this IP as a new component into an existing TB.
In case the VIP was already present in a TB and you are now providing new set of functions to the user to override or the user itself want to use the override mechanism preferring to instantiate the base class provided by the VIP and use the override mechanism later , user can use the set_type_override_by_type function .
The function can be embedded into a base test and all the derived test will implicitly use the use vip class derived by the user without the need to specify it explicitly in the command line for each test case.
There are 4 flavor to the type override function .
http://www.testbench.in/UT_06_UVM_FACTORY.html
The function can also be used in a base env too , the user has to ensure that the type override function is called before the class is create for the override mechanism to take effect.
Is public function safe to use in cakephp ? As i know public functions can be accessed through URL. I am new in cakephp.
Yes and no.
For standard Controller functions (aka Actions), it's standard practice to use public functions.
Does that make them "safe"? There is no way to answer that. Really depends on what you're trying to secure, and what other methods you're using to secure it.
There will never be a point where someone should answer the question "is it safe". But yes, as a rule, any function you want to access via a URL will be public. It's up to you to determine what additional security measures you want to implement. For instance, using the AuthComponent to determine if they're logged in, then comparing the User's "role" against valid roles that should have access to that method...etc.
Is it possible to pass a collection of objects to a RIA Data Service query? I have no issues sending an Entity, an Int or an array of primitive types, but as soon as i declare a method like this
public void GetLessonsConflicts(Lesson[] lessons)
{
}
i get a compilation error
" Operation named
'GetLessonsConflicts' does not conform
to the required signature. Parameter
types must be an entity type or one of
the predefined serializable
types"
I am just trying to do some validation on the server side before i save the data. I've tried List, IEnumerable etc.
Thanks
I think the problem is actually the lack of a return value. As I understand it, you can identify DomainOperations by convention or by attribute. You're not showing an attribute so RIA will be trying to match it by convention.
For example, by convention, an insert method must:
have Insert, Add or Create as the method name prefix, e.g. InsertEmployee
match the signature public void name(Entity e);
a query method must:
be public
return IEnumerable, IQueryable or T (where T is an entity).
a custom domain operation must
be public
return void
have an Entity as the first parameter.
EDIT: See Rami A's comment below. I believe this was true at the time but I'm not currently working with this technology so I'm not current enough on it to update this answer other than to note that it may be incorrect.
Or you can use Attributes such as [Insert],[Delete],[Update],[Query],[Custom]. From my docs, all the attributes do is remove the requirement for the name convention - it's not clear from them, to me, what the [Query] and [Custom] attributes achieve.
As well as DomainOperations, you can define ServiceOperations (using the [ServiceOperation] attribute) and InvokeOperations.
This article might help (although I think it's a bit out of date).
My understanding of the Command Pattern is that you simply have 1 virtual method 'execute()', and all dependencies that an implementation might have are put in the constructor or through setter injection in the implementation (like discussed here).
However, in the WPF implementation of the pattern, I noticed they are passing a generic argument to the execute() function (explained here).
This seems like a pollution of the interface to me, what would have been the motivation to add a generic parameter to the execute() function?
The canonical command pattern is usually illustrated with nice self-contained commands. In that any information needed by the command is stashed away within the Command object instance (typically via a parameterized constructor).
However in some cases, the parameters needed for Execute may not be available at command-creation time (are known only at runtime). e.g. Imagine a SignOutCommand( username ). The username is determined when the user clicks on the SignOut button after signing in first.
So username is passed in as a generic parameter to Command.Execute(); Each command is free to define its input and cast accordingly e.g. an arbitrary command can require 5 parameters as an object[].
It's for databinding. When you bind the command to every object in a list, for example, the current instance is sent to the execute method so that you don't have to keep track of the current instance yourself.
That said, I don't think that the WPF command notion is an implementation of the command pattern, they just share terminology.
The reason behind that parameter is the isolation between the creator of the command - who know what command needs to be executed, and the caller - who knows when a command need to be executed.
In certain commands some of the information that needed for the execution is not available to the creator. The caller the fills in the blank by passing a parameter to execute. An example: The creator creates a command that filters a list of records according to some criteria. The list is not available at the creation site, as there are many kinds of lists in the application.
The caller will specify which list needs to be filtered by passing at as a parameter.
We use a bit changed command pattern, so that in addition to Execute method we have two properties Request and Response and we parametrize them using polymorphism.
What's wrong with:
public class DeleteCommand : BaseCommand
{
private Dictionary<string, object> parameters;
public DeleteCommand(Dictionary<string, object> parameters)
{
this.parameters = parameters;
}
public void Execute()
{
var person = (Person)parameters["Person"];
var salary = System.Convert.ToDouble(parameters["Salary"]);
// etc.
}
}
Now if you have a controller that collects parameters you can pass those through to your commands.