Presentation is loading. Please wait.

Presentation is loading. Please wait.

DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.

Published byAmberly Hodge Modified over 8 years ago

Similar presentations

Presentation on theme: "DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved."— Presentation transcript:

1 DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved

2 Don’t Repeat Yourself – But How? Goal: enforce that movie names must be less than 40 characters –Call a “check” function from every place in app where a Movie might get created or edited? That’s not DRY! How do we DRY out cross-cutting concerns: Logically centralized, but may appear multiple places in implementation?

3 Background & History: GO TO & COME FROM CACM, 1968 Letter to Editor

4 Aspect-Oriented Programming Advice is a specific piece of code that implements a cross-cutting concern Pointcuts are the places you want to “inject” advice at runtime Advice+Pointcut = Aspect Goal: DRY out your code

5 Rails Example: Validations Specify declaratively in model class Validation is advice in AOP sense –Many places in app where a model could be modified/updated –Including indirectly via associations! –Don’t want model validation code in all these places So where are the pointcuts? http://pastebin.com/2GtWshSb

6 Model Lifecycle Callbacks Allows Pre and Post Operations Validation automatically happens here or when you call valid? if fail, save will fail model. errors is an ActiveRecord::Errors object with cool behaviors of its own See Screencast 7.1.1

7 Example: Controller Filters Filters declared in a controller also apply to its subclasses –Corollary: filters in ApplicationController apply to all controllers A filter can change the flow of execution –by calling redirect_to or render –You should add something to the flash to explain to the user what happened, otherwise it will manifest as a “silent failure” http://pastebin.com/ybP6Ece1

8 Validations vs. Filters ValidationFilter Advice (DRYness)Check invariants on model Check conditions for allowing controller action to run PointcutAR model lifecycle hooksBefore and/or after any public controller method Can change execution flow? NoYes Can define advice in arbitrary function? Yes; shortcuts provided for common cases Yes, must provide function Info about errors?Each model object has associated errors object Capture in flash[], session[], or instance variable Con: Can make code harder to debug

9 Summary So Far Aspect-oriented programming (AOP) is a way of DRYing out cross-cutting concerns Ruby doesn’t have fully-general AOP, but Rails provides some “predefined” pointcuts –Validations check or assert pre/post conditions at key points during model lifecycle –Controller filters check or assert pre/post conditions related to controller actions –And can change control flow (redirect, render) Partials DRY out views (though not AOP)

10 10 END

11 Only (a) & (b) Only (a) & (c) (a), (b) and (c) Only (a) ☐ ☐ ☐ ☐ 11 Which Ruby language features support the DRYness enabled by validations & filters: (a) higher-order functions, (b) closures, (c) metaprogramming

12 12 END

13 Single Sign-On and Third-Party Authentication (ESaaS §5.2) © 2013 Armando Fox & David Patterson, all rights reserved

14 Third-Party Authentication Goal: What are my Facebook friends reading on the NY Times site? NY Times needs to be able to access your Facebook info …but you don’t want to reveal your Facebook password to NY Times! How can we do this? => Third-party authentication Logos shown for educational purposes only and are the intellectual property of their owners.

15 Who Are You and What Are You Doing Here? Authentication: prove you are who you say –Username & “secret” password –Hold private key that matches public key –Possess cryptographic certificate signed by a trusted third party Authorization: prove you are allowed to do what you’re asking –Does system record you as having privilege? –Do you have a “token” or “capability” that lets you do something?

16 Web 1.0 Every site has separate passwords Most sites had no RESTful API, so had to actually “log in” (or simulate it) Doesn’t work for SOA! –Hard for services to cooperate if you need to login interactively to every service, every time Desired solution: single-sign-on (SSO) –But…don’t want to reveal service A password to service B

17 How Does It Work? (Concepts) Building block: tamper-evident secure token Using cryptography, I create a string that: –Only I can decrypt (decode) –I can detect if it’s been tampered with –No one else could have created it without knowing my secret key Usually, string just contains a “handle” to valuable info that I store myself –Receive string => I know I can “trust” the handle

18 Third-Party Authentication with Twitter & RottenPotatoes 1. “Login with Twitter” 2. Redirect to Twitter login page 3. “OK to authorize this app?” Logos shown for educational purposes only and are the intellectual property of their owners.

19 Third-Party Authentication with Twitter & RottenPotatoes 5. Redirect to RP callback page with access token 4. Yes, please give away my personal info 6. Here’s a token that proves I’m allowed to know this user’s name 7. “Welcome, Armando” Logos shown for educational purposes only and are the intellectual property of their owners.

20 How Does It Work? (MVC) Model session as its own entity –session controller creates and deletes session, handles interaction with authentication provider Once user is authenticated, we need a local users model to represent him/her –session[] remembers primary key (ID) of “currently authenticated user” OmniAuth gem helps a lot by providing uniform API to different “strategies”

21 21 END

22 If your credentials on the requester are compromised, your credentials on the provider are also compromised If the provider revokes access, the requester no longer has any of your info Access can be time-limited to expire on a pre- set date Once completed, the requester can do anything you can do on the provider ☐ ☐ ☐ ☐ 22 Which is true about third-party authentication between a requester and a provider?

23 23 END

24 Associations & Foreign Keys (ESaaS §5.3) © 2013 Armando Fox & David Patterson, all rights reserved

25 Reviews for RottenPotatoes Simple model: “I give it 4 potatoes out of 5” Goal: easily represent the concept that movie has many reviews The code we’d like to write…but how? http://pastebin.com/gU1hqm77

26 Cartesian Product table 'artists'table 'reviews' idnameiddescartist_id 10Justin30"Terrible"12 11Shakira31"Passable"11 12Britney32"Please"10 Cartesian product: artists JOIN reviews artists.idartists.namereviews.idreviews.descreviews.artist_id 10Justin30"Terrible"12 10Justin31"Passable"11 10Justin32"Please"10 11Shakira30"Terrible"12 11Shakira31"Passable"11 Shakira32"Please"10 12Britney30"Terrible"12 Britney31"Passable"11 12Britney32"Please"10 Filtered Cartesian product: artists JOIN reviews ON artists.id = reviews.artist_id artists.idartists.namereviews.idreviews.descreviews.artist_id 10Justin32"Please"10 11Shakira31"Passable"11 12Britney30"Terrible"12

27 Expressing “Has Many” in Terms of Relational DB Model foreign key (FK) in one table refers to the primary key (PK) of another table movies id title rating release_date reviews id* movie_id potatoes

28 Databases 101 joins are queries that combine records from 2 or more tables using PKs and FKs SELECT * FROM movies, reviews WHERE movies.id = reviews.movie_id Cartesian product movies id... reviews id movie_id...

29 29 END

30 You can represent many-to-many relationships The size of the full Cartesian product is independent of the join criteria You can only filter based on primary or foreign key ( id ) columns You can represent one-to-one relationships as well as one-to-many relationships ☐ ☐ ☐ ☐ 30 Which statement is false regarding Cartesian products as a way of representing relationships?

31 31 END

32 ActiveRecord Association Support (ESaaS §5.3) © 2013 Armando Fox & David Patterson, all rights reserved

33 ActiveRecord Associations Allows manipulating DB-managed associations more Rubyistically After setting things up correctly, you don't have to worry (much) about keys and joins class Movie < ActiveRecord::Base has_many :reviews end class Review < ActiveRecord::Base belongs_to :movie end 33 “The foreign key belongs to me”

34 Basic Idea… reviews table gets a foreign key (FK) field that has PK of Movie the review is about Dereference movie.reviews == perform database join (lazily) to find reviews where movie_id == movie.id Dereference review.movie == look up one movie whose PK id == review.movie_id Note! Must add FK fields using a migration! http://pastebin.com/hfvramxQ

35 Association Proxy Methods Now you can say: @movie.reviews # Enumerable of reviews And also go the other way: @review.movie # what movie is reviewed? You can add new reviews for a movie: @movie = Movie.where("title='Fargo'") @movie.reviews.build(:potatoes => 5) @movie.reviews.create(:newspaper=>'Chronicle',...) # how are these different from just new() & create()? @movie.reviews << @new_review # instantly updates @new_review's FK in database! @movie.reviews.find(:first,:conditions => '...')

36 36 END

37 (a) or (b), but not (c) (a) or (c), but not (b) Any of (a), (b), or (c) would be equally suitable Only (a) ☐ ☐ ☐ ☐ 37 Which Ruby language mechanisms would be appropriate for implementing associations that can be used by ActiveRecord models? (a) build behaviors into ActiveRecord::Base (b) put behaviors in their own Module (c) put behaviors in their own Class

38 38 END

Download ppt "DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved."

Similar presentations

Debugging ACL Scripts.

Debugging ACL Scripts.
Introduction to NHibernate By Andrew Smith. The Basics Object Relation Mapper Maps POCOs to database tables Based on Java Hibernate. V stable Generates.

Introduction to NHibernate By Andrew Smith. The Basics Object Relation Mapper Maps POCOs to database tables Based on Java Hibernate. V stable Generates.
Microsoft® Access® 2010 Training

Microsoft® Access® 2010 Training
OAuth 2.0 By “PJ” (JP on meetup.com) iOS and PHP developer, and occasional lawyer Contact me via:

OAuth 2.0 By “PJ” (JP on meetup.com) iOS and PHP developer, and occasional lawyer Contact me via:
Aspect Oriented Programming. AOP Contents 1 Overview 2 Terminology 3 The Problem 4 The Solution 4 Join point models 5 Implementation 6 Terminology Review.

Aspect Oriented Programming. AOP Contents 1 Overview 2 Terminology 3 The Problem 4 The Solution 4 Join point models 5 Implementation 6 Terminology Review.
Grid Security. Typical Grid Scenario Users Resources.

Grid Security. Typical Grid Scenario Users Resources.
Ruby on Rails by Manik Juneja Ruby On Rails. Ruby on Rails by Manik Juneja Rails is a Web Application development framework. Based on the MVC pattern.

Ruby on Rails by Manik Juneja Ruby On Rails. Ruby on Rails by Manik Juneja Rails is a Web Application development framework. Based on the MVC pattern.
Database Design Concepts INFO1408 Term 2 week 1 Data validation and Referential integrity.

Database Design Concepts INFO1408 Term 2 week 1 Data validation and Referential integrity.
Associations: Mechanics (ESaaS §5.3) © 2013 Armando Fox & David Patterson, all rights reserved.

Associations: Mechanics (ESaaS §5.3) © 2013 Armando Fox & David Patterson, all rights reserved.
DAY 21: MICROSOFT ACCESS – CHAPTER 5 MICROSOFT ACCESS – CHAPTER 6 MICROSOFT ACCESS – CHAPTER 7 Akhila Kondai October 30, 2013.

DAY 21: MICROSOFT ACCESS – CHAPTER 5 MICROSOFT ACCESS – CHAPTER 6 MICROSOFT ACCESS – CHAPTER 7 Akhila Kondai October 30, 2013.
Page 1 ISMT E-120 Desktop Applications for Managers Introduction to Microsoft Access.

Page 1 ISMT E-120 Desktop Applications for Managers Introduction to Microsoft Access.
A little engineering on Rails Robert W. Hasker. Goals Intro to the Rails framework ▫Basic concepts: MVC, Active Record ▫A bit of Ruby Using Rails to build.

A little engineering on Rails Robert W. Hasker. Goals Intro to the Rails framework ▫Basic concepts: MVC, Active Record ▫A bit of Ruby Using Rails to build.
Databases with PHP A quick introduction. Y’all know SQL and Databases  You put data in  You get data out  You can do processing on it very easily 

Databases with PHP A quick introduction. Y’all know SQL and Databases  You put data in  You get data out  You can do processing on it very easily 
Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.

Lecture 14 – Web Security SFDV3011 – Advanced Web Development 1.
PHP Programming with MySQL Slide 8-1 CHAPTER 8 Working with Databases and MySQL.

PHP Programming with MySQL Slide 8-1 CHAPTER 8 Working with Databases and MySQL.
DAY 15: ACCESS CHAPTER 2 Larry Reaves October 7, 2013 1.

DAY 15: ACCESS CHAPTER 2 Larry Reaves October 7,
Creating databases for web applications SQL. Systems design. ER diagrams. Data flow diagrams. Storyboards. Homework: Plan database and applications for.

Creating databases for web applications SQL. Systems design. ER diagrams. Data flow diagrams. Storyboards. Homework: Plan database and applications for.
Developing Workflows with SharePoint Designer David Coe Application Development Consultant Microsoft Corporation.

Developing Workflows with SharePoint Designer David Coe Application Development Consultant Microsoft Corporation.
1 MySQL and phpMyAdmin. 2 Navigate to and log on (username: pmadmin)http://webapptst.lasalle.edu/pma.

1 MySQL and phpMyAdmin. 2 Navigate to and log on (username: pmadmin)
Chapter 1 Overview of Database Concepts Oracle 10g: SQL

Chapter 1 Overview of Database Concepts Oracle 10g: SQL

Similar presentations

Ads by Google