|
There's a physical model and a logical model; I don't see you addressing the logic model. ("value objects"?)
You're creating interfaces, and unit tests, while the overall design is still incomplete, IMO. Wouldn't be able to "approve" your plan,
Just what I "see".
"Before entering on an understanding, I have meditated for a long time, and have foreseen what might happen. It is not genius which reveals to me suddenly, secretly, what I have to say or to do in a circumstance unexpected by other people; it is reflection, it is meditation." - Napoleon I
|
|
|
|
|
But MS says it better.
Quote:
... The issue with the MVVM pattern is that it can inadvertently lead to apps that have too many layers and too many allocations.
... But strict adherence to any variation of the pattern can lead to apps with a lot more overhead than can be justified.
... consider putting event handlers in your code-behind ....
MVVM and language performance tips - UWP applications | Microsoft Learn
"Before entering on an understanding, I have meditated for a long time, and have foreseen what might happen. It is not genius which reveals to me suddenly, secretly, what I have to say or to do in a circumstance unexpected by other people; it is reflection, it is meditation." - Napoleon I
|
|
|
|
|
I'm shocked--shocked, I tell you--that MSFT would give a tinker's cuss for performance. For as long as I can remember, it doesn't matter what the hardware folks do to speed up CPUs or increase memory and disk space, because most of the software folks frivolously piss it away. I get the sense, admittedly somewhat superficially, that web-based applications in particular are absolute pigs in excrement when it comes to performance. Does performance still even matter?! If it does, and I wasn't retired, I'd be sorely tempted to find and work with folks who were aiming to blow all of this crapola out of the water.
|
|
|
|
|
Greg Utas wrote: Does performance still even matter?...If it does, and I wasn't retired
It really mattered in the 50/60s whether you used a bubble sort or a binary sort.
For the single application that one would write then.
Now companies do enterprise systems which can contain thousands or even tens of thousands of running instances which have far more serious issues with performance. None of which can be solved with tuning individual lines of code.
Complexity of course drives that. There are many, many other factors that also impact it.
As an example I once increased performance by about 60000% (10 hours to less than 1 minute) by changing requirements. Doubt increasing the CPU by 3% would have had that much impact.
On the other hand I have seen developers spending more than a week 'optimizing' code which would have no impact at all on the user experience.
Not to mention of course business practices that allowed customers to abuse the enterprise to such an extent (by not forcing them to pay for what they were using) that they then started complaining that the system was too slow.
Customers like to complain about performance but often can't even cite what that actually means. And it is very seldom that they are willing to switch product/services because of that. It is the other features that they need/want which drive their decision. Not to mention the cost.
|
|
|
|
|
I agree that optimizing the code is unlikely to help here. The problem is the high-level design, like how the many thousands of instances are supported. The mania for stateless servers that must continually recreate context is another problem.
Poor performance in these types of soft real-time systems usually means one of two things:
1. The response time annoys users.
2. A lot more must be spent on computing equipment than in a system that is better designed.
|
|
|
|
|
So, their "best practice" isn't exactly best practice for performance reasons? Color me "shocked."
|
|
|
|
|
Using a pattern, on purpose, that obscures the power and potential of the platform is beyond not making sense.
"Before entering on an understanding, I have meditated for a long time, and have foreseen what might happen. It is not genius which reveals to me suddenly, secretly, what I have to say or to do in a circumstance unexpected by other people; it is reflection, it is meditation." - Napoleon I
|
|
|
|
|
Gerry Schmitz wrote: MVVM pattern is that it can inadvertently lead to apps that have too many layers and too many allocations.
Remind me again which pattern is it exactly that guarantees that can't happen?
|
|
|
|
|
You're talking wrappers, frameworks and methodologies (MVVM). A "pattern" can be a simple plug-in that "adds" functionality instead of masking or contorting it.
MVVM is a "bunch" of patterns; all directed to "indirection".
A simple statement like: NO code behind ... is a pattern (of behaviour).
"Before entering on an understanding, I have meditated for a long time, and have foreseen what might happen. It is not genius which reveals to me suddenly, secretly, what I have to say or to do in a circumstance unexpected by other people; it is reflection, it is meditation." - Napoleon I
|
|
|
|
|
Ok. But I don't see how that answers my question?
|
|
|
|
|
Quote: Ok. But I don't see how that answers my question?
I gave you an example: a plug-in. Where are the "layers" and "allocations"? One function reference. Are you saying a plug-in is not a pattern? What is a "door"?
Your "argument" is all patterns are "faulty". Back it up.
"Before entering on an understanding, I have meditated for a long time, and have foreseen what might happen. It is not genius which reveals to me suddenly, secretly, what I have to say or to do in a circumstance unexpected by other people; it is reflection, it is meditation." - Napoleon I
|
|
|
|
|
And that guarantees that it will not have "too many layers"?
|
|
|
|
|
I'm searching for good, general literature* on how to design and implement access control management. I'd like to build up the knowledge to design a system myself and/or make informed decisions about the architecture of one.
My focus is authorization, not authentication.
*literature = online,offline,free,paid; anything goes.
Some concrete questions could be
- "in which roughness should I store permissions?"
- "in which format should I store my permissions?"
- "should I use RBAC, UBAC, ACL,... and how would I concretely implement them, cleanly?"
- "How do I combine all that with a system that contains several individual organizations with their own set of permissions?"
Does anyone have recommendations? Even a "look in this corner of the internet would help".
(I really cannot find anything useful about this topic. All search results contain the same hipster stuff)
Just to make sure ... what I'm not looking for:
- A cook book.
- Answers that just say "use this or that, because it's the standard"
- Some "hip" book after which you nod, say "yes, aha, I see", but didn't really make you smarter.
|
|
|
|
|
|
Do you have any recommendations of the many?
Also: Be aware that google is very different depending on the country you are searching from and the locale on your computer. You might get better results than linkedIn and companies trying to sell their products - which is what I get.
|
|
|
|
|
D4rkTrick wrote: Do you have any recommendations of the many? You need to review what you find and decide for yourself which best meets your requirements.
|
|
|
|
|
D4rkTrick wrote: "in which roughness should I store permissions?"
Having considered that many times what I came up with is that you cannot answer that question without business requirements. And probably some business domain knowledge yourself.
Consider these cases...
Who should have permission to edit a social security number at a company? Who should be able to view it?
Contrast that with who should have permission to change the delivery address? Who should be able to view it? (Even more prickly can someone change a delivery address on an order that has already been delivered?)
Should there be a admin (root admin) that can change everything?
Are there assets that will be shared between companies? If so then who sets the permissions? (That was a very real business case that I had to deal with.)
Answering questions like that is FAR more important than how you implement it in general. But it will certainly drive implementation details.
I would be very wary of suggestions that you should 'plan for the future'. For instance in one of many parallel futures you might be asked to add a field on one form, so obviously the solution is that every single field on every form must have a permission from the beginning. And then the users (not developers) who will be actually setting that up will need to understand hundreds of permissions and implications (like what if the social security number is on two different forms?)
I worked for a company with hundreds of permissions. No one knew what they all did. There was also disagreement about what they should do. So those tasked with changing them just had to experiment.
D4rkTrick wrote: "should I use RBAC, UBAC, ACL,... and how would I concretely implement them, cleanly?"
I doubt 'cleanly' exists in any medium size application. And really unlikely when it gets bigger.
So just pick one and look at it in detail.
And then really study how to log changes that users make. All users. Log in this case means to a persistent data store. Adds and updates are easy. Deletes are much harder.
|
|
|
|
|
I didn't mean to try to find the answers here on the board, sorry for the misunderstanding. The questions were merely examples. I'm aware that "clean" or "good" are adjectives that are strongly coupled to the use case.
My main goal is to find good literature.
|
|
|
|
|
I understood that.
I was merely pointing out that there is no general answer. Rather you need to start with the domain space rather than than trying to find one solution.
If you don't have an actual domain space, or perhaps even if you do, then just pick one of the solutions and study it.
|
|
|
|
|
Can't tell if you want to secure a door or an app.
"Before entering on an understanding, I have meditated for a long time, and have foreseen what might happen. It is not genius which reveals to me suddenly, secretly, what I have to say or to do in a circumstance unexpected by other people; it is reflection, it is meditation." - Napoleon I
|
|
|
|
|
App
|
|
|
|
|
|
Thank you. The information seems quite specific. Do you also have literature for a more abstract - close to mathematical - level?
|
|
|
|
|
It's a "Pattern"; like doors and windows. An abstraction of a "door" or a "window"? That would be a rectangle; with a hole. Math? Width and height.
"Before entering on an understanding, I have meditated for a long time, and have foreseen what might happen. It is not genius which reveals to me suddenly, secretly, what I have to say or to do in a circumstance unexpected by other people; it is reflection, it is meditation." - Napoleon I
|
|
|
|
|
Here's the literature I was able to find through libera on IRC. Very helpful to me. Hopefully also helpful for other people reading this..
Online:
Books
In regard of books I found that looking at the references can help. In combination with archive.org's free book library it's possible to skim over books quite quickly
Specific topics
Object Capability System:
Quote: the object graph is the permission graph, and so there are no separate access control checks that you have to make like shown in that slide. An object has authority to call methods on another object if and only if it actually has a reference to that other object.
Links:
- Habitat Chronicles: What Are Capabilities?
- http://erights.org/talks/thesis/markm-thesis.pdf
- Bringing Object-orientation to Security Programming (Mark S. Miller, Google) - YouTube
OT
Here's some basic insight I've gained during looking at various sources.
The basic question you want to get answered is has_access(user, action, resource) . Example: has_access(uid, read, user_list) . You might want to take it even more abstract and say has_access(entity, action, resource) , where entity could be a user, a group, an organization or anything else that is able to perform actions in your system. Perhaps even has_access(resource, action, resource) might be an appropriate abstraction.
With a hierarchical permission structure, you would need a recursive check function:
r = resource
loop:
if(r.has_access(user, action)) return true
r = r.parent()
if( r == null) return false
If a resource can be owned by several parents, you would need to account for that with r.parents() .
|
|
|
|
|