DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.
-
Upload
amberly-hodge -
Category
Documents
-
view
218 -
download
1
Transcript of DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.
![Page 1: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/1.jpg)
DRYing Out MVC(ESaaS §5.1)
© 2013 Armando Fox & David Patterson, all rights reserved
![Page 2: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/2.jpg)
Don’t Repeat Yourself – But How?
• Goal: enforce that movie names must be less than 40 characters– Call a “check” function from every place in app
where a Movie might get created or edited? That’s not DRY!
• How do we DRY out cross-cutting concerns: Logically centralized, but may appear multiple places in implementation?
![Page 3: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/3.jpg)
Background & History: GO TO & COME FROM
• CACM, 1968 Letter to Editor
![Page 4: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/4.jpg)
Aspect-Oriented Programming
• Advice is a specific piece of code that implements a cross-cutting concern
• Pointcuts are the places you want to “inject” advice at runtime
• Advice+Pointcut = Aspect• Goal: DRY out your code
![Page 5: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/5.jpg)
Rails Example: Validations
• Specify declaratively in model class
• Validation is advice in AOP sense – Many places in app where a model could be
modified/updated– Including indirectly via associations!– Don’t want model validation code in all these
places• So where are the pointcuts?
http://pastebin.com/2GtWshSb
![Page 6: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/6.jpg)
Model Lifecycle Callbacks
Allows Pre and Post Operations
Validation automatically happens here
• or when you call valid?• if fail, save will failmodel.errors is an ActiveRecord::Errors object with cool behaviors of its own• See Screencast 7.1.1
![Page 7: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/7.jpg)
Example: Controller Filters
• Filters declared in a controller also apply to its subclasses– Corollary: filters in ApplicationController
apply to all controllers• A filter can change the flow of execution
– by calling redirect_to or render – You should add something to the flash to
explain to the user what happened, otherwise it will manifest as a “silent failure”
http://pastebin.com/ybP6Ece1
![Page 8: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/8.jpg)
Validations vs. Filters
Validation Filter
Advice (DRYness) Check invariants on model
Check conditions for allowing controller action to run
Pointcut AR model lifecycle hooks Before and/or after any public controller method
Can change execution flow?
No Yes
Can define advice in arbitrary function?
Yes; shortcuts provided for common cases
Yes, must provide function
Info about errors? Each model object has associated errors object
Capture in flash[], session[], or instance variable
Con: Can make code harder to debug
![Page 9: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/9.jpg)
Summary So Far
• Aspect-oriented programming (AOP) is a way of DRYing out cross-cutting concerns
• Ruby doesn’t have fully-general AOP, but Rails provides some “predefined” pointcuts– Validations check or assert pre/post conditions
at key points during model lifecycle– Controller filters check or assert pre/post
conditions related to controller actions– And can change control flow (redirect, render)
• Partials DRY out views (though not AOP)
![Page 10: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/10.jpg)
10
END
![Page 11: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/11.jpg)
Only (a) & (b)
Only (a) & (c)
(a), (b) and (c)
Only (a)☐
☐
☐
☐
11
Which Ruby language features support the DRYness enabled by validations & filters:(a) higher-order functions, (b) closures,(c) metaprogramming
![Page 12: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/12.jpg)
12
END
![Page 13: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/13.jpg)
Single Sign-On and Third-Party Authentication
(ESaaS §5.2)
© 2013 Armando Fox & David Patterson, all rights reserved
![Page 14: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/14.jpg)
Third-Party Authentication
• Goal: What are my Facebook friends reading on the NY Times site?
• NY Times needs to be able to access your Facebook info
• …but you don’t want to reveal your Facebook password to NY Times!
• How can we do this?=> Third-party authentication
Logos shown for educational purposes only and are the intellectual property of their owners.
![Page 15: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/15.jpg)
How Does It Work? (Concepts)
• Building block: tamper-evident secure token• Using cryptography, I create a string that:
– Only I can decrypt (decode)– I can detect if it’s been tampered with– No one else could have created it without
knowing my secret key• Usually, string just contains a “handle” to
valuable info that I store myself– Receive string => I know I can “trust” the handle
![Page 16: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/16.jpg)
Third-Party Authentication with Twitter & RottenPotatoes
1. “Login with Twitter”
2. Redirect to Twitter login
page
3. “OK to authorize this app?”
Logos shown for educational purposes only and are the intellectual property of their owners.
![Page 17: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/17.jpg)
Third-Party Authentication with Twitter & RottenPotatoes
5. Redirect to RP callback page with
access token
4. Yes, please give away my personal info
6. Here’s a token that proves I’m allowed to know this user’s name
7. “Welcome, Armando”
Logos shown for educational purposes only and are the intellectual property of their owners.
![Page 18: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/18.jpg)
How Does It Work? (MVC)
• Model session as its own entity– session controller creates and deletes session,
handles interaction with authentication provider• Once user is authenticated, we need a local
users model to represent him/her– session[] remembers primary key (ID) of
“currently authenticated user”• OmniAuth gem helps a lot by providing
uniform API to different “strategies”
![Page 19: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/19.jpg)
21
END
![Page 20: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/20.jpg)
If your credentials on the requester are compromised, your credentials on the provider are also compromised
If the provider revokes access, the requester no longer has any of your info
Access can be time-limited to expire on a pre-set date
Once completed, the requester can do anything you can do on the provider☐
☐
☐
☐
22
Which is true about third-party authentication between a requester and a provider?
![Page 21: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/21.jpg)
23
END
![Page 22: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/22.jpg)
Associations & Foreign Keys(ESaaS §5.3)
© 2013 Armando Fox & David Patterson, all rights reserved
![Page 23: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/23.jpg)
Reviews for RottenPotatoes
• Simple model: “I give it 4 potatoes out of 5” • Goal: easily represent the concept that
movie has many reviews• The code we’d like to write…but how?
http://pastebin.com/gU1hqm77
![Page 24: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/24.jpg)
Cartesian Producttable 'artists' table 'reviews'
id name id desc artist_id
10 Justin 30 "Terrible" 12
11 Shakira 31 "Passable" 11
12 Britney 32 "Please" 10
Cartesian product: artists JOIN reviews
artists.id artists.name reviews.id reviews.desc reviews.artist_id
10 Justin 30 "Terrible" 12
10 Justin 31 "Passable" 11
10 Justin 32 "Please" 10
11 Shakira 30 "Terrible" 12
11 Shakira 31 "Passable" 11
11 Shakira 32 "Please" 10
12 Britney 30 "Terrible" 12
12 Britney 31 "Passable" 11
12 Britney 32 "Please" 10
Filtered Cartesian product: artists JOIN reviews ON artists.id = reviews.artist_id
artists.id artists.name reviews.id reviews.desc reviews.artist_id
10 Justin 32 "Please" 10
11 Shakira 31 "Passable" 11
12 Britney 30 "Terrible" 12
![Page 25: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/25.jpg)
Expressing “Has Many” in Terms of Relational DB Model
• foreign key (FK) in one table refers to the primary key (PK) of another table
movies
id
title
rating
release_date
reviews
id*
movie_id
potatoes
![Page 26: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/26.jpg)
Databases 101
• joins are queries that combine records from 2 or more tables using PKs and FKs
SELECT *FROM movies, reviewsWHERE movies.id = reviews.movie_id
Cartesian product
movies
id
...
reviews
id
movie_id
...
![Page 27: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/27.jpg)
29
END
![Page 28: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/28.jpg)
You can represent many-to-many relationships
The size of the full Cartesian product is independent of the join criteria
You can only filter based on primary or foreign key (id) columns
You can represent one-to-one relationships as well as one-to-many relationships
☐
☐
☐
☐
30
Which statement is false regarding Cartesian products as a way of representing relationships?
![Page 29: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/29.jpg)
31
END
![Page 30: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/30.jpg)
ActiveRecord Association Support
(ESaaS §5.3)
© 2013 Armando Fox & David Patterson, all rights reserved
![Page 31: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/31.jpg)
ActiveRecord Associations
• Allows manipulating DB-managed associations more Rubyistically
• After setting things up correctly, you don't have to worry (much) about keys and joins
class Movie < ActiveRecord::Base has_many :reviewsendclass Review < ActiveRecord::Base belongs_to :movieend 33
“The foreign key belongs to me”
![Page 32: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/32.jpg)
Basic Idea…
• reviews table gets a foreign key (FK) field that has PK of Movie the review is about
• Dereference movie.reviews == perform database join (lazily) to find reviews where movie_id == movie.id
• Dereference review.movie == look up one movie whose PK id == review.movie_id
• Note! Must add FK fields using a migration!
http://pastebin.com/hfvramxQ
![Page 33: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/33.jpg)
Association Proxy Methods
• Now you can say:@movie.reviews # Enumerable of reviews
• And also go the other way:@review.movie # what movie is reviewed?
• You can add new reviews for a movie:@movie = Movie.where("title='Fargo'")@movie.reviews.build(:potatoes => 5)@movie.reviews.create(:newspaper=>'Chronicle', ...)
# how are these different from just new() & create()?
@movie.reviews << @new_review # instantly updates @new_review's FK in database!
@movie.reviews.find(:first,:conditions => '...')
![Page 34: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/34.jpg)
36
END
![Page 35: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/35.jpg)
(a) or (b), but not (c)
(a) or (c), but not (b)
Any of (a), (b), or (c) would be equally suitable
Only (a)☐
☐
☐
☐
37
Which Ruby language mechanisms would be appropriate for implementing associations that can be used by ActiveRecord models?(a) build behaviors into ActiveRecord::Base(b) put behaviors in their own Module(c) put behaviors in their own Class
![Page 36: DRYing Out MVC (ESaaS §5.1) © 2013 Armando Fox & David Patterson, all rights reserved.](https://reader035.fdocuments.net/reader035/viewer/2022062407/56649d825503460f94a67f60/html5/thumbnails/36.jpg)
38
END