I'm currently building a huge Symfony2 project, which consists on a central application (let's call it "Main", and different standalone projects, mostly on Symfony2 too (let's call these "Satellites").
The Main project will have its own database, and each Satellite too. However, the Main project will manage some critical data (users, roles, etc...), and this data needs to be available on each Satellite. This means some kind of "replication" from certain entities to a list of databases (managed by other Symfony2 apps, or not)
The part that is actually working is the mapping. I have a Bundle which provides the User and Role model classes. Other bundles just have to extend those classes (FOSUserBundle style), and the mapping will be performed correctly.
I am actually struggling with the "replication" from the Main project to each Satellite's database. Basically the perfect workflow would be:
A User or Role is added / removed / updated on Main
A service loops through a list of database connections
re-executing the query / queries involved in step 1. on each other database connection. This implies not only using other entity managers, but mostly generating plain SQL queries to execute on servers where Satellites are not Symfony2 apps
I can hook on the "onFlush" event of Doctrine, and retrieve a list of entities that are going to be updated / persisted / removed. The part where i'm completely lost is the 3.
Is it even possible ? Any help would be greatly appreciated.
I had same situation in one of my project, we have Main and Satellite application,
all required datas hold in main and all applications talking each other via APIs, also in satellite application we have custom user provider which is authenticate users from main server. You could follow this way. http://symfony.com/doc/current/cookbook/security/custom_provider.html
Related
I want to actually implement two applications.
Application (server 1)
A management application to manage users and buildings. CRUD Controller for users, roles and buildings. To use this application an login is required. Analyse answers / results from questionnaires which will be filled in appplication 2.
Application (server 2)
Login with the user names which will be created in application one
Document Exchange bundle. Users can share documents
Questionnaire bundle, users can create questionnaire
Other users filling of questionnaires
Not every user can use every bundle in application 2. Only users with specified roles can use a bundle, the user roles will be defined in application 1.
I need an idea how I could realize the data exchange in such a case? Because application 2 require the user, roles from database of the first application. In the ideal case, I do not want data redundancy.
The first application i implement in symfony2 and i'm not sure whether to share a good idea the applications or is it better idea to integrate the bundles from application 2 in application one?
Can someone give me tips?
The easier solution could be done with the use of one App. The Security Component of Symfony2 can manage different roles and access to specific action or bundle. Moreover you can use JMSSecurityExtraBundle Annotations to simpler your work.
I have the main website that uses a database to store and access user accounts. I'm using EF to manage the schema. I also defined site-specific POCOs and have migrated them to the database.
Now, what if I want a separate website, for example, a resource server (Web API) that would expose (with authorization) the same data set up on the main website?
Do I create the same POCOs and derived DbContext on the resource server again? That seems like duplicating work, though.
What if I wanted to create new POCOs on the resource server and reflect them onto that same database? Wouldn't that conflict with the current migration (which is saved on the database), then subsequently mess up the EF setup on the main website?
I've seen the suggestion of putting the POCOs and DbContexts in a library and have multiple projects reference that same library. This seems viable, however I'd have to hard-code the connection string, which seems dirty to me.
I'm starting to think that EF is probably not recommended for this kind of setup. It seems like a database-first approach plays better here - though I would have to manually reedit the data contexts (most likely, LINQ-SQL) for every database schema change.
Are there any lesser-known capabilities, facts, practices, etc., for/about EF that would help in this situation?
Generally, you can avoid duplication by having one API serving both sites and have resources version for each if needed. On the other hand, if you choose reuse and add approach, creating additional EF code-first entities should not interfere with other site data layer if modeled and mapped carefully. DbContext connection string does not have to be hard-coded.
I currently have an ASP .NET MVC / EF4 project that contains many pieces of autonomous functionality such as a blogging, events, contests, wiki, etc.
The entities used by each system are all mapped to my database through one giant EDM file.
This works well for the main site, but I also have a few personal sites where I want to reuse just the blogging functionality from the mains ite.
My biggest problem is that due to the mac daddy EDM file, my blog sites have to constantly have their database schemas updated to reflect changes made to areas of functionality that they don't use (i.e. changes to the events system).
The only other gotcha is that there are some entities (Users and Tags) that have relationships with entities from each area of functionality, making it hard to simply split each area of functionality off into its own EDM.
With all of this said, I'm trying to figure out the most efficient way to set this up.
Should I go down the road of splitting up the EDMs by each area (blogs, events, contests, wiki) and figuring out a way to maintain relationships for the User and Tag entities?
Or should I just perhaps be creating an EDM for each website that only maps the entities that it will actually need? The only problem with this is that my repository layer takes in a UnitOfWork/ObjectContext, and by creating new ObjectContexts for each site I'd have problems reusing my repository code.
You could setup a WCF service and then pass your data via a JSON contract. That way you'd have a central service that holds your EF data, and then just exposes functions based on what the your different applications need.
Its more short term work to setup (hopefully your service/repository layer was done with IoC in mind to allow it to be easily plugged in) but if your EF data changes a lot, it means you can update the one central service without having to update each of your clients apps.
There's a good reference thread here on S.O: https://stackoverflow.com/questions/973017/where-to-find-good-wcf-video-tutorials
I'm new to EF4 and haven't had any experience with it before. So, bear with me if this is very simple question.
I have my POCO entities (.tt file) in BOL, the .edmx file (EDM) in DAL and my webapp in Presentation layer. All the business logic goes to BLL layer.
Here are the references:
UI->BLL-DAL-BOL
BLL->DAL-BOL
DAL->BOL
BOL->None of my project.
1- Is my understanding of layers distinction correct? Am I in the right direction?
2- How can I use ASP.NET Membership provider with entities. Should I implement membership, persistence ignorant too and map all user tables in sql server to entities?
2- How can I add custom validation? I don't mean maxlength or valid email..., I mean something like access levels. For example I want certain users be able to modify a field (say productprice) in my website. Where should I use the User.IsInRole method? the BLL doesn't have any reference to user info. should I pass some parameters to BLL (like "bool CanChangePrice") to clarify access levels?
Wow Kamyar, just a few questions wrapped up in this one;-) I'm not sure if I'll cover all the possible ground, but here goes.
ProjectStructure
- generally your structure of projects is correct, and the references you have are correct. Some may argue that you want to separate your concerns a bit and break some of the references, but personally I find your structure workable.
As a practical matter I tend to keep my EDXM and POCOs in the same project. I just have an Entities folder that contains the EDXM and Model.Context.tt, a POCO folder for Model.tt and my Virtual POCO's (below), and a Repository folder for my repository & unit of work.
I also create a file called VirtualPOCOs which is a partial class bound to the POCOs generated by your T4's. My designs tend to be pretty tightly bound to database structure. The VirtualPOCO's give me a little flexibility to deviate from DB design in those one-off situations. Not to much goes in here, just those few very specific needs every project seems to have.
You may also want to consider a repository, table data gateway, or active record setup. All of these patterns will likely be combined with Unit of Work. There are tons of design patterns and your needs or preferences may push you to one or the other. The point here is to shield the upper layers from accessing the EF4 context directly. This way you can centralize connection & transaction management and ensure upper layers are only using POCOs and not accidentally holding on to linq-to-sql objects.
Membership Provider
There is a definitely a schism between the MembershipProvider and EF. You can, however, download the source code for the SQLMembershipProvider and convert it over to use EF. I actually did this conversion. The file is about 1500 lines long, but doesn't have a huge amount of ADO code.
What you didn't ask, but I think I should address, is whether you want to use Membership provider at all. If you're doing basic membership management and roles then the Membership, Roles, and Profile provider can save you a lot of time. For an in depth tour of the capabilities check out the series over at 4GuysFromRolla (https://web.archive.org/web/20211020202857/http://www.4guysfromrolla.com/articles/120705-1.aspx).
If your needs are more complex then, IMHO, the membership provider breaks down pretty quickly. For example, when a user registers for your site you immediately have to create rows in a handful of different tables. Well, the membership provider is registered through webconfig and uses the membership provider interface. It only accepts certain fields in the create function. So what's a boy to do? Well, you can open a larger scale transaction up in your controller, run the membership providers add user function, run your own MyCustomUserStuff(), then commit the transaction. Two reasons I find this unappealing are that I've now got transactional code seeping way up my call stack and if all I need to do is add a few extra fields I've now doubled my database calls needlessly.
I guess I just found the membership provider pretty restricting, and once got in there and made my own custom membership provider the benefits of using MS's model quickly fell away.
Validation
I think the answer here is a resounding --it depends. Are your permissions pretty static? i.e. those in the "SiteManagers" group can edit all over the site? Or are your permissions much more fine grained? Meaning SiteManagers have access to these 75 fields spread across these 22 tables, or is it more table based? Additionally, how mutable are the permissions ? Does your site admin need to be able to frequently turn access on/off or off to various fields in different tables?
I think I need to hear more on your requirements for a specific answer. Keep in mind that the more fine grained you make your permissions the more of a configuration headache the client will have understanding & managing all the permissions.
Also, what back-end are you using? Many DBA's face these decisions. One often used strategy in that world is to create a series of views where each view exposes the columns users have. For example, the EmployeesHR view would expose just those columns that HR people have access to, and the EmployeeDirectory would expose just those fields that the directory has access to.Then HR users are given permission to the HR view, but not the underlying table. Just a thought.
Anyway, hope this helps.
1- Your distinction of the layers seem correct to me.
I wouldn't reference the DAL in the UI, as in my projects, I prefer that only the middle layer access the DAL. But it's not wrong.
So you seem in the right direction.
2- To my knowledge there is no MembershipProvider that works with EF.
So in projects where we used Membership, here is what we did :
created the tables with the aspnet_regsql.exe
configure the Web.Config to use the SqlMembershiptProvider
added in the web.config ANOTHER connection string (one for Membership and one for EF)
Built the EDMX file with all tables, including the Membership ones.
In the code, a UserManager / RoleManager (BLL or DAL it depends on your architecture) get the informations using standard Membership methods. And always use the Membership objects, not EF ones. So in fact the user / roles management part is separated from the EF.
We only use the aspnet_* EF entities when there is a link between your custom tables and a Membership table (for instance, when you want to link one of your table with the aspnet_Users table to keep a reference of the user that inserted a data).
3- For the right management, I would use a BLL RightManager that would allow the UI to know if the user can change the field (so you can disable it, or prevent input), and to use this information in your validation method.
In my project I use a Right table and I associate a Right with a Role. In the RightManager provide a RequestRight(Right) method.
If your Right management is too simple to create tables, just use User.IsInRole() in your RightManager (so I would use it in BLL).
I would place the validation method in the UI if it is "basic" and in the BLL if it contains more complex rules (involving DAL access for instance).
about EF & Membership
as i know, you dont need to use any db provider instead of membership provider
but if you want, you can map membership tables in EF and create additional method to
common provider
I am trying to make an asp.net website using Visual web dev and C# that accesses data in an SQL database. For my site, I need to be able to save and access additional user properties such as age and gender. I have been playing around with the built in .NET Login tools but I don't understand how to keep track of the additional properties (age, gender...) I could store all the users information in my own database but how do I correlate the users data in my DB to the usernames in the member database that is automatically created?
Probably profiles are perfect and quite easy to use for your purpose. ASP.NET manages the relation between users and their associated profile data (which you can customize for your needs) quite comfortable. Here is short introduction video:
http://www.asp.net/learn/videos/video-44.aspx
Are you using an ASP.NET website project or web application project? The video (and most information in MSDN) is related to website projects. For web applications there are some complications to take into account when you use profiles.
(Some hints if you are using a web application project:
How to assign Profile values?
If you are using an website project you can ignore this)
As Slauma said ASP.Net Profiles is a great way to do this using the Membership API.
But I don't like the way profiles use delimited list serialized in the database, and I've heard reports of speed issues under heavy load.
I Use Membership API on just about all applications, except for the profile bit.
To store user profiles, you can create a separate table. Maybe called 'UserProfile'. Add a column with a unique index for 'username' and/or 'email'. Which ever you treat as the user's username. Now you can use that column to pull profile information at runtime.
As a bonus, if you use an ORM like Entity framework, you can now write simple LINQ queries to pull your user information.