Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 2 years ago.
Improve this question
I would like to ask to more philosophical question. Topic is DDD and microservices. DDD recognizes bounded context. If I understand correctly then each bounded context is small part of whole system. For example there could be ordering context and invoicing context. Each context works with customers but ordering context cannot know about invoicing setting and invoicing cannot know about ordering setting. Does it means that there will be two customer microservices, each for each context?
Second question is: If I have order microservice can I load customer data to evaluate some conditions, to check customer can create new order, directly from database or can I need to access through customer microservice?
Thanks for your opinion.
First of all you have to know that the same concept can mean different things in different contexts. For example in order context the entity customer probably mean a person who you can deliver things and because of that the order-customer will have attributes such as address, prefered time to deliver.. etc.
However if we look a customer in invoicing context, it will mean a person who you can get paid, and because of that it will have attributes like, credit card number, paypal account, prefered payment type, etc..
Said that, and to answer your first question, I think it is no necessary to have two different customer services, you should have one customer service preferible on its own bounded context that will be called when a customer wants to update and query his own settings, and different views or projection entities for customers both in order and invoice contexts with the informarion that you need to perform the operations in those contexts.
In a event driven design, this entites will be updated accordingly to the service context by suscribing to the update customer events, so when any modification to deliver or payment options are produced, this entities will update.
Answering your second question, to access the database of one service directly from other service is never an option, it will cause the two services will be couple to the same database so the customer service wont be able to manage its database according to its own needs because other service knows and depends on the database structure (tables, columns, relations.. etc). The solution here is, if the data you need is no directly related with the process or if there is no performance strong requirements you can query the service every time you need the information.
However if the information is part of the other service process or there is need of high performance the best solution is have a local copy of that info as I said before when I was talking about order and invoice customers and update them when any changes are made. This can be even a cache if there isn't an event driven approach.
Related
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 7 years ago.
Improve this question
We are building an application to manage internships (for example “Internship 2nd master Medicine”). The application is being built in Symfony2.
We have users that can have one or more roles (for example a coach can also be a supervisor).
Roles used in the examples below are:
Student (obvious)
Administrator (manages internships)
Supervisor (mentor of the student in a company)
Coach (coaches a group of students in a certain internship)
The roles are not limited to the ones mentioned above.
Some examples of what kind of permissions we have:
Occasionally it is as easy as: all users with role “Administrator” can access a certain page. But in 99% of the cases it is not as simple as this.
All users can view glossary items, but only those items that are linked to a faculty where the user is linked to in some way. A student for example is linked to an internship which is linked to a certain faculty. A supervisor is linked to an internship in the same way. A user with the “Administrator” role is faculty coordinator for a certain faculty only. So there are a whole bunch of rules which decide if a user is linked to one or more faculties.
A student can give his preferences for an internship where he/she is linked to, but only if there are preferences to be given for that internship, and between certain specified dates for that internship.
A supervisor can mail students, but only those students assigned to him/her.
A coach can see details of students, but only of those students he/she is coach for. It is the administrator that has the rights to assign students to a coach.
…
As you can see the permission system is not only limited to users having certain roles, and a role having certain permissions to entities. Sometimes it is somewhat more complex, the permissions are limited to a subset of data.
Notice we will have each year about 5000 students and 4000 supervisors using the application. The student database will each year grow with 1000+.
My question: should we use Voters, ACL, a combination of the two, …? What are the advantages and disadvantages? Are there any pitfalls?
Any advice is welcome!
Use voters. The ACL component has been extracted from Symfony core (Symfony 2.8/3.0) because it is not actively maintained and is (too) complex.
Everything is doable with voters and it's now the recommended way for new projects.
ACL is too complex and like Kévin stated it's gonna be out of symfony core. Voters is the way to go, much simpler and powerful enough.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 5 years ago.
Improve this question
I like how facebook releases features incrementally and not all at once to their entire user base. I get that this can be replicated with a bunch if statements smattered all throughout your code, but there needs to be a better way to do this. Perhaps that really is all they are doing, but that seems rather inelegant. Does anyone know if there is an industry standard for an architecture than can incrementally release features to portions of a user base?
On that same note, I have a feeling that all of their employees see an entirely different completely beta view of the site. So it seems that they are able to deem certain portions of their website as beta and others as production and have some sort of access control list to guide what people see? That seems like it would be slow.
Thanks!
Facebook has a lot of servers so they can apply new features only on some of them. Also they have some servers where they test new features before commiting to the production.
A more elegant solution is, if statements and feature flags using systems like gargoyle (in python).
Using a system like this you could do something like:
if feature_flag.is_active(MY_FEATURE_NAME, request, user, other_key_objects):
# do some stuff
In a web interface you would be able to isolate describe users, requests, or any other key object your system has and deliver your feature to them. In fact, via requests you could do things like direct X% of traffic to the new feature, and thus do things like A/B test and gather analytics.
An approach to this is to have a tiered architecture where the authentication tier hands-off to the product tier.
A user enters the product URL and that is resolved to direct them to a cluster of authentication servers. These servers handle authentication and then hand off the session to a cluster of product servers.
Using this approach you can:
Separate out your product servers in to 'zones' that run different versions of your application
Run logic on your authentication servers that decides which zone to route the session to
As an example, you could have Zone A running the latest production code and Zone B running beta code. At the point of login the authentication server sends every user with a user name starting with a-m to Zone A and n-z to Zone B. That way roughly half the users are running on the beta product.
Depending on the information you have available at the point of login you could even do something more sophisticated than this. For example you could target a particular user demographic (e.g. age ranges, gender, location, etc).
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 1 year ago.
Improve this question
Background: I am working on a proposal for a PHP/web-based P2P replication layer for PDO databases. My vision is that someone with a need to crowd-source data sets up this software on a web server, hooks it up to their preferred db platform, and then writes a web app around it to add/edit/delete data locally. Other parties, if they wish, may set up a similar thing - with their own web apps written around it - and set up data-sharing agreements with one or more peers. In the general case, changes made to one database are written to another on a versioned basis, such that they eventually flow around the whole network.
Someone has asked me why I'm not using CouchDB, since it has bi-directional replication and record versioning offered as standard. I wasn't aware of these capabilities, so this turns out to be an excellent question! It occurs to me, if this facility is already available, are there any existing examples of server-to-server replication between separate groups? I've done a great deal of hunting and not found anything.
(I suppose what I am looking for is examples of "group-sourcing": give groups a means to access a shared dataset locally, plus the benefits of critical mass they would be unable to build individually, whilst avoiding the political ownership/control problems associated with the traditional centralised model.)
You might want to check out http://refuge.io/
It is built around couchdb, but more specifically to form peer groups.
Also, here is a couchbase sponsored case study of replication between various groups
http://site.couchio.couchone.com/case-study-assay-depot
This can be achived on standard couchdb installs.
Hope that gives you a start.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 5 years ago.
Improve this question
I have an issue at work where we have just started using scrum as a development team. I am having some trouble with the user stories we are provided with in that they don't seem to fit what my interpretation of what a user story is.
Here is an actual example of the user stories we have been given for this sprint:
As a website user I want to have a registration page so that I can register and supply my details.
As a merchant user I want have validation on the registration form so that I provide the correct information. (This relates to Form Validation)
As a merchant user I want support when registering so that any questions that i have about the required details are answered. (This relates to Tool tips on the form)
The first one in my mind is the user story. The second two seem to be traditional requirements of the first user story and I think they should probably be acceptance criteria of the first user story.
The other confusion I have is in the last sprint we had:
As a user I want to be able to login to the website.
As a user I want to be able to login to the website with a username.
The Product Owner says this is two different user stories which need to be tested separately.
My issue is that in creating test cases and acceptance criteria for the second two - it is difficult as they are so specific and so related to the first user story. It seems that we are just putting up traditional requirements on a card up on a board and calling it something else. I mainly just want to know if I am wrong about this / why?
It just seems to me that we are currently just letting the users create whatever they want as a user story and not helping them filter them from requirements into proper user stories. I am told we need to keep them all separate for reporting so we can keep a log of everything the user requests.
User stories focus on customer value. ... The actual work being done is fleshed
out via collaboration revolving around the user story as system
development progresses. ... In order to limit scope, user stories have
collaboratively developed acceptance criteria which define when the
user story meets the stakeholder’s expectations. Test cases are often
developed as code (with test driven development) or documented as the
code is developed.
[Emphasis mine.]
As a user I want to be able to login to the website.
As a user I want to be able to login to the website with a username.
Since neither provides any customer value, neither are user stories.
You use application software to manage information, make decisions and (ultimately) take an action. If the user story doesn't provide some hint as to what information, decision or action gets taken, there's no customer value, it's just technical folderol -- implementation details that a customer has to endure to get to the interesting part of the application.
Login, specifically, has zero customer value. It's a roadblock that IT erects between customers and the valuable information they need to make decisions and take actions. It's a security mechanism, and most people do not actually like security. Security is imposed on customer by IT. The most popular password (IIRC) is "aaaaaaaa". Why? Customers don't like security.
Detailed, microscopic login user stories may be a symptom of failing to see the real value to the customer.
It just seems to me that we are currently just letting the users create whatever they want as a user story
Good.
I am told we need to keep them all separate for reporting so we can keep a log of everything the user requests.
Not a bad plan, really.
The issue is to separate "crap the user happened to say" from "stuff that makes sense that we can build". It's very, very important to allow the users to say any crap they want to say. It's a good thing to let them ramble.
Periodically (before each sprint) you will prioritize crap the user said into a few things that (1) you might be able to build during the sprint, and (2) create the most significant and dramatic user value you can possibly create. Some stories will get ignored. Some will be low priority. Some will be combined and some will be split. Some things the user said will be contradictory. Some will be outright lies. Some will be incomplete. It's all good. It's just crap the user happened to say. Not divine directives from the mouths of the gods directly to you.
This revised set of user stories drives the sprint. Now you start collaborating with the users to get the details, write test cases, define acceptance, etc., etc.
As you're sprinting toward delivery, the users can continue to say crap that will get appended to the backlog of unimplemented user stories. It's very, very important to allow the users to say any crap they want to say. It's a good thing to let them ramble.
In my domain, I have 2 bounded contexts that are relevant to this question:
Purchasing - where the customer orders services
Fulfillment - where services are assigned to vendors to be completed
It's a requirement that an order is editable by the customer at any given time throughout the life of the order.
If a customer removes a service from an order (i.e. within the purchasing context), if that service has already been assigned to a vendor to be performed (but has not already been performed) that service must also be removed in the fulfillment context.
There's a couple of options here, and I'd like the community's opinion:
I have my contexts wrong because this will create a cross-context transaction.
I may not need transactional consistency here. Of course, that's for the business stakeholder to decide, which begs 2 questions: What are the implementation options? How do I pose this question to the business stakeholder?
This is an acceptable violation of the "no cross-context transactions" rule.
EDIT
This is all happening within a single process, so the likelihood of mid-transaction failure is very low.
Here's the question to ask your stakeholder, re: an order being editable at all times - what does it mean for an order to be edited after it has already been fulfilled?
Why is it necessary that when an order is edited, this impacts the fulfillment service?
This, in my mind, crosses the bounded contexts. An order, while being edited, should not leave its domain unless there is good reason to. Why would any order information be propagated to the fulfillment service before it is complete?
Based on my obviously very limited understanding of your domain, I would think that you would complete the order first, then send a creation event to the service bus, where it is picked up by the fulfillment service. Therefore, no transactions are taking place that cross contexts.