SlideShare una empresa de Scribd logo

Howdah

A
Aurynn Shaw
Tecnología
1 de 54
Descargar para leer sin conexión
HOWDAH A tutorial Tuesday, October 20, 2009
Why? Howdah is for people who really “get” databases Howdah treats your database as code. Procedures, and hand-written SQL. Would you automate python generation? Then why SQL? Just because it’s not code you’re comfortable with, doesn’t make it any less code. 2 Tuesday, October 20, 2009
What shall we build? Today, we’ll be talking about designing and implementing a Wiki. 3 Tuesday, October 20, 2009
Why a Wiki? Canonical example Simple enough to define in an afternoon Complex enough to require in-depth exploration 4 Tuesday, October 20, 2009
Why a Wiki? Public and Private permissions/users Read/write collaborative model 5 Tuesday, October 20, 2009
Design vs. Code Speaking more on Design than on Code Why is more important than How. How is still important 6 Tuesday, October 20, 2009
STEP 1: DESIGN 7 Tuesday, October 20, 2009
Database What do we need? 8 Tuesday, October 20, 2009
Application What do we need? 9 Tuesday, October 20, 2009
Application What do we need? Anything else? Did we miss anything? 10 Tuesday, October 20, 2009
STEP 2: REVISIT 11 Tuesday, October 20, 2009
Database Based on our Application design, what expansions do we need? 12 Tuesday, October 20, 2009
Database Based on our Application design, what expansions do we need? Why do we need them? 13 Tuesday, October 20, 2009
Application With the new DB features, what changes? 14 Tuesday, October 20, 2009
Application With the new DB features, what changes? What new ideas are evident? 15 Tuesday, October 20, 2009
Application With the new DB features, what changes? What new ideas are evident? Do the changes make things easier? 16 Tuesday, October 20, 2009
STEP 3: API CONTRACTS 17 Tuesday, October 20, 2009
Database Defining our API What stored procedures do we need? 18 Tuesday, October 20, 2009
Database Defining our API What stored procedures do we need? What should they do? 19 Tuesday, October 20, 2009
Database Defining our API What exceptions do we need? 20 Tuesday, October 20, 2009
Database Defining our API What exceptions do we need? Null data Bad data No such record 21 Tuesday, October 20, 2009
Application Defining our API What models do we need? 22 Tuesday, October 20, 2009
Application Defining our API What exceptions do we need? 23 Tuesday, October 20, 2009
Application Defining our API What exceptions do we need? What do DB exceptions become? What HTTP responses should the exceptions raise? 24 Tuesday, October 20, 2009
Application Defining our API What views do we need? 25 Tuesday, October 20, 2009
Application Defining our API What views do we need? What views are read-only? Read-write? Write-only? 26 Tuesday, October 20, 2009
STEP 4: FIRST EXPANSION USERS 27 Tuesday, October 20, 2009
Database Users User system! 28 Tuesday, October 20, 2009
Database Users User system! VerticallyChallenged for users 29 Tuesday, October 20, 2009
Database Users User system! VerticallyChallenged for users How to set up VC 30 Tuesday, October 20, 2009
Database Users Stored Procedures - How do we adapt them? How does this affect our API contract? 31 Tuesday, October 20, 2009
Application Users Using @needs to define permissions How should views be protected? 32 Tuesday, October 20, 2009
Application Users Using @needs to define permissions How should views be protected? Should anonymous users have write permission? 33 Tuesday, October 20, 2009
Application Users Permissions violations What should no user return? What should a bad user return? What should insufficient permissions return? 34 Tuesday, October 20, 2009
Application Users Why - Are there better mechanisms? 35 Tuesday, October 20, 2009
STEP 5: ADMINISTRATIVE USERS 36 Tuesday, October 20, 2009
Database Administrators What delineates an admin? What special things can an admin do? Should admins be otherwise normal users? 37 Tuesday, October 20, 2009
Database Administrators Root-level permissions: Should the database superuser ever be allowed to log in from the web app? 38 Tuesday, October 20, 2009
Database Administrators Root-level permissions: Should the database superuser ever be allowed to log in from the web app? Why? 39 Tuesday, October 20, 2009
Application Administrators What delineates an Admin? 40 Tuesday, October 20, 2009
Application Administrators Design Are there special admin-only views? How do we protect admin privileges? Are there user-specific views? Do admins have permission to access those? Is anything changed by the DB layer? 41 Tuesday, October 20, 2009
Application Administrators Should administrators be able to view everything? 42 Tuesday, October 20, 2009
Application Administrators Should administrators be able to view everything? What about privileged information? HIPAA, lawyer confidentiality 43 Tuesday, October 20, 2009
Application Administrators Should administrators be able to view everything? What about privileged information? HIPAA, lawyer confidentiality How can we protect privileged information like this? Can we ever guarantee protection? How? 44 Tuesday, October 20, 2009
STEP 6: A NEW FEATURE 45 Tuesday, October 20, 2009
A New Feature Let’s add a user profile page Specifically list the pages that a user has edited 46 Tuesday, October 20, 2009
Database A New Feature Design first! 47 Tuesday, October 20, 2009
Database A New Feature Design first! Do we need new stored procedures? What are they? Who has access to them? Does this require write access? 48 Tuesday, October 20, 2009
Application A New Feature What does the app need to support this? 49 Tuesday, October 20, 2009
Application A New Feature What does the app need to support this? What views do we need? 50 Tuesday, October 20, 2009
Application A New Feature What does the app need to support this? What views do we need? Who has access to the views? Logged-in users only? 51 Tuesday, October 20, 2009
Application A New Feature What about security and data confidentiality? What security issues could be present? 52 Tuesday, October 20, 2009
Application A New Feature What about security and data confidentiality? What security issues could be present? Do we list entries that a user may not have read access to? 53 Tuesday, October 20, 2009
Application A New Feature What about security and data confidentiality? What security issues could be present? Do we list entries that a user may not have read access to? Should we list nothing, instead? Why do it like this? Are there better solutions? 54 Tuesday, October 20, 2009

Recomendados

Making everything better with OSGi - a happy case study in building a really ...
Making everything better with OSGi - a happy case study in building a really ...Making everything better with OSGi - a happy case study in building a really ...
Making everything better with OSGi - a happy case study in building a really ...mfrancis
 
Chad Udell - Developers are from Mars, Designers are from Venus
Chad Udell - Developers are from Mars, Designers are from VenusChad Udell - Developers are from Mars, Designers are from Venus
Chad Udell - Developers are from Mars, Designers are from Venus360|Conferences
 
RIAction 2010 - Love hate relationship of Zopim and Flex
RIAction 2010 - Love hate relationship of Zopim and FlexRIAction 2010 - Love hate relationship of Zopim and Flex
RIAction 2010 - Love hate relationship of Zopim and FlexZopim
 
Informativo "Atitude Jovem" - 2ª edição
Informativo "Atitude Jovem" - 2ª ediçãoInformativo "Atitude Jovem" - 2ª edição
Informativo "Atitude Jovem" - 2ª ediçãoFábio Figueiredo
 
Efectes de l'abús tecnològic en la psique humana pdf
Efectes de l'abús tecnològic en la psique humana pdfEfectes de l'abús tecnològic en la psique humana pdf
Efectes de l'abús tecnològic en la psique humana pdfAlbert Serrats
 
Brand Launch Jolly Mac Valino
Brand Launch Jolly Mac ValinoBrand Launch Jolly Mac Valino
Brand Launch Jolly Mac ValinoMark Anthony
 
Jornal_Plural
Jornal_PluralJornal_Plural
Jornal_PluralFábio Figueiredo
 
Jornal Atitude Jovem 3ª edição
Jornal Atitude Jovem 3ª ediçãoJornal Atitude Jovem 3ª edição
Jornal Atitude Jovem 3ª ediçãoFábio Figueiredo
 

Recomendados

Making everything better with OSGi - a happy case study in building a really ...
Making everything better with OSGi - a happy case study in building a really ...Making everything better with OSGi - a happy case study in building a really ...
Making everything better with OSGi - a happy case study in building a really ...mfrancis
 
Chad Udell - Developers are from Mars, Designers are from Venus
Chad Udell - Developers are from Mars, Designers are from VenusChad Udell - Developers are from Mars, Designers are from Venus
Chad Udell - Developers are from Mars, Designers are from Venus360|Conferences
 
RIAction 2010 - Love hate relationship of Zopim and Flex
RIAction 2010 - Love hate relationship of Zopim and FlexRIAction 2010 - Love hate relationship of Zopim and Flex
RIAction 2010 - Love hate relationship of Zopim and FlexZopim
 
Informativo "Atitude Jovem" - 2ª edição
Informativo "Atitude Jovem" - 2ª ediçãoInformativo "Atitude Jovem" - 2ª edição
Informativo "Atitude Jovem" - 2ª ediçãoFábio Figueiredo
 
Efectes de l'abús tecnològic en la psique humana pdf
Efectes de l'abús tecnològic en la psique humana pdfEfectes de l'abús tecnològic en la psique humana pdf
Efectes de l'abús tecnològic en la psique humana pdfAlbert Serrats
 
Brand Launch Jolly Mac Valino
Brand Launch Jolly Mac ValinoBrand Launch Jolly Mac Valino
Brand Launch Jolly Mac ValinoMark Anthony
 
Jornal_Plural
Jornal_PluralJornal_Plural
Jornal_PluralFábio Figueiredo
 
Jornal Atitude Jovem 3ª edição
Jornal Atitude Jovem 3ª ediçãoJornal Atitude Jovem 3ª edição
Jornal Atitude Jovem 3ª ediçãoFábio Figueiredo
 
Vertically Challenged
Vertically ChallengedVertically Challenged
Vertically ChallengedAurynn Shaw
 
Exceptable
ExceptableExceptable
ExceptableAurynn Shaw
 
Lowering IT Costs with a Standards-based Platform for Web 2.0 Initiatives: A...
Lowering IT Costs with a Standards-based Platform for Web 2.0 Initiatives: A...Lowering IT Costs with a Standards-based Platform for Web 2.0 Initiatives: A...
Lowering IT Costs with a Standards-based Platform for Web 2.0 Initiatives: A...Day Software
 
Webhooks - glue for the web
Webhooks - glue for the webWebhooks - glue for the web
Webhooks - glue for the webStoyan Zhekov
 
Investing in open source hw
Investing in open source hwInvesting in open source hw
Investing in open source hwbijansabet
 
The Future Of Dm
The Future Of DmThe Future Of Dm
The Future Of DmVincent Everts
 
Nanite (And An Introduction To Cloud Computing)
Nanite (And An Introduction To Cloud Computing)Nanite (And An Introduction To Cloud Computing)
Nanite (And An Introduction To Cloud Computing)will_j
 
Open Video And Metadata Presentation
Open Video And Metadata PresentationOpen Video And Metadata Presentation
Open Video And Metadata PresentationFred Benenson
 
Why Architecture Matters
Why Architecture MattersWhy Architecture Matters
Why Architecture MattersLars Jankowfsky
 
Cloudera Desktop
Cloudera DesktopCloudera Desktop
Cloudera DesktopHadoop User Group
 
MATI 2009 Conference: CAT Tools
MATI 2009 Conference: CAT ToolsMATI 2009 Conference: CAT Tools
MATI 2009 Conference: CAT ToolsDierk Seeburg
 
Holland Exibition Promotion
Holland Exibition PromotionHolland Exibition Promotion
Holland Exibition PromotionVincent Everts
 
Don Schwarz App Engine Talk
Don Schwarz App Engine TalkDon Schwarz App Engine Talk
Don Schwarz App Engine TalkTech in the Middle
 
Content Management Selection and Strategy
Content Management Selection and StrategyContent Management Selection and Strategy
Content Management Selection and StrategyIvo Jansch
 
Ibuildings Cms Talk
Ibuildings Cms TalkIbuildings Cms Talk
Ibuildings Cms Talkdean1985
 
Why Web Projects Fail
Why Web Projects FailWhy Web Projects Fail
Why Web Projects FailRomae internet en content
 
Joi's talk at the QRCE
Joi's talk at the QRCEJoi's talk at the QRCE
Joi's talk at the QRCEJoi Ito
 
Spring Integration
Spring IntegrationSpring Integration
Spring IntegrationAndrew Chalkley
 
Rabo Ridderkerk
Rabo RidderkerkRabo Ridderkerk
Rabo RidderkerkVincent Everts
 
Vincent Everts @rabobank RMIJ
Vincent Everts @rabobank RMIJVincent Everts @rabobank RMIJ
Vincent Everts @rabobank RMIJrenedebeer
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 

Más contenido relacionado

Similar a Howdah

Vertically Challenged
Vertically ChallengedVertically Challenged
Vertically ChallengedAurynn Shaw
 
Lowering IT Costs with a Standards-based Platform for Web 2.0 Initiatives: A...
Lowering IT Costs with a Standards-based Platform for Web 2.0 Initiatives: A...Lowering IT Costs with a Standards-based Platform for Web 2.0 Initiatives: A...
Lowering IT Costs with a Standards-based Platform for Web 2.0 Initiatives: A...Day Software
 
Webhooks - glue for the web
Webhooks - glue for the webWebhooks - glue for the web
Webhooks - glue for the webStoyan Zhekov
 
Investing in open source hw
Investing in open source hwInvesting in open source hw
Investing in open source hwbijansabet
 
Nanite (And An Introduction To Cloud Computing)
Nanite (And An Introduction To Cloud Computing)Nanite (And An Introduction To Cloud Computing)
Nanite (And An Introduction To Cloud Computing)will_j
 
Open Video And Metadata Presentation
Open Video And Metadata PresentationOpen Video And Metadata Presentation
Open Video And Metadata PresentationFred Benenson
 
Why Architecture Matters
Why Architecture MattersWhy Architecture Matters
Why Architecture MattersLars Jankowfsky
 
MATI 2009 Conference: CAT Tools
MATI 2009 Conference: CAT ToolsMATI 2009 Conference: CAT Tools
MATI 2009 Conference: CAT ToolsDierk Seeburg
 
Holland Exibition Promotion
Holland Exibition PromotionHolland Exibition Promotion
Holland Exibition PromotionVincent Everts
 
Content Management Selection and Strategy
Content Management Selection and StrategyContent Management Selection and Strategy
Content Management Selection and StrategyIvo Jansch
 
Ibuildings Cms Talk
Ibuildings Cms TalkIbuildings Cms Talk
Ibuildings Cms Talkdean1985
 
Joi's talk at the QRCE
Joi's talk at the QRCEJoi's talk at the QRCE
Joi's talk at the QRCEJoi Ito
 
Vincent Everts @rabobank RMIJ
Vincent Everts @rabobank RMIJVincent Everts @rabobank RMIJ
Vincent Everts @rabobank RMIJrenedebeer
 

Similar a Howdah (20)

Vertically Challenged
Vertically ChallengedVertically Challenged
Vertically Challenged
 
Exceptable
ExceptableExceptable
Exceptable
 
Lowering IT Costs with a Standards-based Platform for Web 2.0 Initiatives: A...
Lowering IT Costs with a Standards-based Platform for Web 2.0 Initiatives: A...Lowering IT Costs with a Standards-based Platform for Web 2.0 Initiatives: A...
Lowering IT Costs with a Standards-based Platform for Web 2.0 Initiatives: A...
 
Webhooks - glue for the web
Webhooks - glue for the webWebhooks - glue for the web
Webhooks - glue for the web
 
Investing in open source hw
Investing in open source hwInvesting in open source hw
Investing in open source hw
 
The Future Of Dm
The Future Of DmThe Future Of Dm
The Future Of Dm
 
Nanite (And An Introduction To Cloud Computing)
Nanite (And An Introduction To Cloud Computing)Nanite (And An Introduction To Cloud Computing)
Nanite (And An Introduction To Cloud Computing)
 
Open Video And Metadata Presentation
Open Video And Metadata PresentationOpen Video And Metadata Presentation
Open Video And Metadata Presentation
 
Why Architecture Matters
Why Architecture MattersWhy Architecture Matters
Why Architecture Matters
 
Cloudera Desktop
Cloudera DesktopCloudera Desktop
Cloudera Desktop
 
MATI 2009 Conference: CAT Tools
MATI 2009 Conference: CAT ToolsMATI 2009 Conference: CAT Tools
MATI 2009 Conference: CAT Tools
 
Holland Exibition Promotion
Holland Exibition PromotionHolland Exibition Promotion
Holland Exibition Promotion
 
Don Schwarz App Engine Talk
Don Schwarz App Engine TalkDon Schwarz App Engine Talk
Don Schwarz App Engine Talk
 
Content Management Selection and Strategy
Content Management Selection and StrategyContent Management Selection and Strategy
Content Management Selection and Strategy
 
Ibuildings Cms Talk
Ibuildings Cms TalkIbuildings Cms Talk
Ibuildings Cms Talk
 
Why Web Projects Fail
Why Web Projects FailWhy Web Projects Fail
Why Web Projects Fail
 
Joi's talk at the QRCE
Joi's talk at the QRCEJoi's talk at the QRCE
Joi's talk at the QRCE
 
Spring Integration
Spring IntegrationSpring Integration
Spring Integration
 
Rabo Ridderkerk
Rabo RidderkerkRabo Ridderkerk
Rabo Ridderkerk
 
Vincent Everts @rabobank RMIJ
Vincent Everts @rabobank RMIJVincent Everts @rabobank RMIJ
Vincent Everts @rabobank RMIJ
 

Último

Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024The Digital Insurer
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024The Digital Insurer
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Zilliz
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherRemote DBA Services
 

Último (20)

Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 

Howdah

  • 1. HOWDAH A tutorial Tuesday, October 20, 2009
  • 2. Why? Howdah is for people who really “get” databases Howdah treats your database as code. Procedures, and hand-written SQL. Would you automate python generation? Then why SQL? Just because it’s not code you’re comfortable with, doesn’t make it any less code. 2 Tuesday, October 20, 2009
  • 3. What shall we build? Today, we’ll be talking about designing and implementing a Wiki. 3 Tuesday, October 20, 2009
  • 4. Why a Wiki? Canonical example Simple enough to define in an afternoon Complex enough to require in-depth exploration 4 Tuesday, October 20, 2009
  • 5. Why a Wiki? Public and Private permissions/users Read/write collaborative model 5 Tuesday, October 20, 2009
  • 6. Design vs. Code Speaking more on Design than on Code Why is more important than How. How is still important 6 Tuesday, October 20, 2009
  • 7. STEP 1: DESIGN 7 Tuesday, October 20, 2009
  • 8. Database What do we need? 8 Tuesday, October 20, 2009
  • 9. Application What do we need? 9 Tuesday, October 20, 2009
  • 10. Application What do we need? Anything else? Did we miss anything? 10 Tuesday, October 20, 2009
  • 11. STEP 2: REVISIT 11 Tuesday, October 20, 2009
  • 12. Database Based on our Application design, what expansions do we need? 12 Tuesday, October 20, 2009
  • 13. Database Based on our Application design, what expansions do we need? Why do we need them? 13 Tuesday, October 20, 2009
  • 14. Application With the new DB features, what changes? 14 Tuesday, October 20, 2009
  • 15. Application With the new DB features, what changes? What new ideas are evident? 15 Tuesday, October 20, 2009
  • 16. Application With the new DB features, what changes? What new ideas are evident? Do the changes make things easier? 16 Tuesday, October 20, 2009
  • 17. STEP 3: API CONTRACTS 17 Tuesday, October 20, 2009
  • 18. Database Defining our API What stored procedures do we need? 18 Tuesday, October 20, 2009
  • 19. Database Defining our API What stored procedures do we need? What should they do? 19 Tuesday, October 20, 2009
  • 20. Database Defining our API What exceptions do we need? 20 Tuesday, October 20, 2009
  • 21. Database Defining our API What exceptions do we need? Null data Bad data No such record 21 Tuesday, October 20, 2009
  • 22. Application Defining our API What models do we need? 22 Tuesday, October 20, 2009
  • 23. Application Defining our API What exceptions do we need? 23 Tuesday, October 20, 2009
  • 24. Application Defining our API What exceptions do we need? What do DB exceptions become? What HTTP responses should the exceptions raise? 24 Tuesday, October 20, 2009
  • 25. Application Defining our API What views do we need? 25 Tuesday, October 20, 2009
  • 26. Application Defining our API What views do we need? What views are read-only? Read-write? Write-only? 26 Tuesday, October 20, 2009
  • 27. STEP 4: FIRST EXPANSION USERS 27 Tuesday, October 20, 2009
  • 28. Database Users User system! 28 Tuesday, October 20, 2009
  • 29. Database Users User system! VerticallyChallenged for users 29 Tuesday, October 20, 2009
  • 30. Database Users User system! VerticallyChallenged for users How to set up VC 30 Tuesday, October 20, 2009
  • 31. Database Users Stored Procedures - How do we adapt them? How does this affect our API contract? 31 Tuesday, October 20, 2009
  • 32. Application Users Using @needs to define permissions How should views be protected? 32 Tuesday, October 20, 2009
  • 33. Application Users Using @needs to define permissions How should views be protected? Should anonymous users have write permission? 33 Tuesday, October 20, 2009
  • 34. Application Users Permissions violations What should no user return? What should a bad user return? What should insufficient permissions return? 34 Tuesday, October 20, 2009
  • 35. Application Users Why - Are there better mechanisms? 35 Tuesday, October 20, 2009
  • 36. STEP 5: ADMINISTRATIVE USERS 36 Tuesday, October 20, 2009
  • 37. Database Administrators What delineates an admin? What special things can an admin do? Should admins be otherwise normal users? 37 Tuesday, October 20, 2009
  • 38. Database Administrators Root-level permissions: Should the database superuser ever be allowed to log in from the web app? 38 Tuesday, October 20, 2009
  • 39. Database Administrators Root-level permissions: Should the database superuser ever be allowed to log in from the web app? Why? 39 Tuesday, October 20, 2009
  • 40. Application Administrators What delineates an Admin? 40 Tuesday, October 20, 2009
  • 41. Application Administrators Design Are there special admin-only views? How do we protect admin privileges? Are there user-specific views? Do admins have permission to access those? Is anything changed by the DB layer? 41 Tuesday, October 20, 2009
  • 42. Application Administrators Should administrators be able to view everything? 42 Tuesday, October 20, 2009
  • 43. Application Administrators Should administrators be able to view everything? What about privileged information? HIPAA, lawyer confidentiality 43 Tuesday, October 20, 2009
  • 44. Application Administrators Should administrators be able to view everything? What about privileged information? HIPAA, lawyer confidentiality How can we protect privileged information like this? Can we ever guarantee protection? How? 44 Tuesday, October 20, 2009
  • 45. STEP 6: A NEW FEATURE 45 Tuesday, October 20, 2009
  • 46. A New Feature Let’s add a user profile page Specifically list the pages that a user has edited 46 Tuesday, October 20, 2009
  • 47. Database A New Feature Design first! 47 Tuesday, October 20, 2009
  • 48. Database A New Feature Design first! Do we need new stored procedures? What are they? Who has access to them? Does this require write access? 48 Tuesday, October 20, 2009
  • 49. Application A New Feature What does the app need to support this? 49 Tuesday, October 20, 2009
  • 50. Application A New Feature What does the app need to support this? What views do we need? 50 Tuesday, October 20, 2009
  • 51. Application A New Feature What does the app need to support this? What views do we need? Who has access to the views? Logged-in users only? 51 Tuesday, October 20, 2009
  • 52. Application A New Feature What about security and data confidentiality? What security issues could be present? 52 Tuesday, October 20, 2009
  • 53. Application A New Feature What about security and data confidentiality? What security issues could be present? Do we list entries that a user may not have read access to? 53 Tuesday, October 20, 2009
  • 54. Application A New Feature What about security and data confidentiality? What security issues could be present? Do we list entries that a user may not have read access to? Should we list nothing, instead? Why do it like this? Are there better solutions? 54 Tuesday, October 20, 2009