I have been thinking about building the model for a security system. The idea is that I would fully build the system, but I would create a system that is easily exntensible... this of course is for my buddy Dave's consulting business (he's still doing somewhat OK, but I've noticed that he really needs to be able to do about 40 hours billable work in about 30 hours, so that I can engage him in a couple other things). I'd planned on making this a community project that others could join, contribute to, and maybe even improve. After making my initial design (on paper), I remember that “isn't there an App Block to do that??”
Enter the App Block
Now, I want you to know that I love free code. My 2 questions for free code are
1) Is it really free?
2) What's the catch? (It's not GPL is it? If it is then I may still use it, but I won't be developing with it anytime soon)
So Microsoft is giving away these Application Blocks. They solve a variety of problems. I've looked at a bunch of them (but not all). They are essentially free code with the only strings being that if it breaks your computer don't blame Microsoft... I can live with that. Some of the blocks are really, really good. I use the community version of the Data Access Application Block everyday. I love it! Of course, I have investigated the code a bit to make sure that it (for instance) handles connections appropriately (which it does in all the cases I have checked)... there are things you have to remember with it (like that if you open a DataReader with a ConnectionString you must make sure that you close the DataReader when you're done -- which my CodeSmith templates take care of automatically).
Some of the Application Blocks like the User Interface Process (UIP) App Block handle a very complex task in a very complicated manner (sorry, that's my opinion). Let's take the UIP (I've only used version 1) block; my biggest problem with it is that you have to spend an awful lot of time setting up the .config xml file... one mess up and “Boom!“ nothing works. That's the UIP (v1) was not for me (that doesn't mean that I won't like version 2... I haven't played with it yet)
The Auth Pro App Block
Which brings me back to the Auth Pro (Authentication and Profile) block. So here's my evaluation of it. Why does it have to be this difficult? I don't want to mess with the config file. Yeah, I thought the Configuration Management block was somewhat cool (you build a class and fill it from the .config file with simple call), but do you need to use it for everything??!! I really don't have 2 hours to spend playing with the config file to get my app to run the first time!!
<sigh> Now that I have that out of my system... let me continue beyond the config file. Lately everything has taken on a “provider” pattern. So they've created a class that I must use to retrieve information from the classes that I build using their interfaces?? I guess they wanted a self-contained system that you simply extended. Don't get me wrong I like a lot of what they have done; I just think there is a simpler way to do it.
My Idea
Since I've come this far let me try to describe my idea. Eventually I'll maybe start the project (if there is interest). My idea is that system starts with 4 basic interfaces: IaUser, IaGroup, IaPermissions, IaRight. None of these are full classes they only represent the basic information/methods required for a security system.
IaUsers have both an IaGroups and IaPermissions member; IaGroups have an IaPermissions member and IaPermissions is simply a collection of IaRight objects.
Now that you have the the interface you could (in the case of IaUser) derive a version that utilizes SQL as it's backend (SQLUser), or a WebService (WSUser). Then you could derive from these classes a specialized user for web (WebUser), WindowsForms (WinUser), and PocketPC User (PPCUser).
The main difference between the app block and my idea is that the App Block gives me a system that if I know how all about it I can probably set it up and have a fairly sophisticated system very quickly; my method gives you a library that you could use and re-use (but you would ultimately have to code with). I think my method gives you maximum flexibility, but that's me.
Print | posted on Thursday, July 22, 2004 11:34 PM