Ninja Snacks Tales From the Enterprise

Trusting Inputs, Via RESTa Via Nanciacum


All too often, security is treated as an afterthought in our models. I'm as guilty of this as anyone. :) Now that HTTP is becoming the most popular protocol inside the enterprise, sending bad data across the wire becomes much easier. A hidden input field is not all that hidden.

Let's take everyone's second favorite fake business problem: Enrolling Students in Classes. Let's take it further and say we want to develop this as a SaaS product. It'll need to be a multi tenant application. There are lots of independent community colleges (Institutions) out there and we don't want to run a VM or process per Institution.

Incomplete Commands


Recently a question came up in the CQRS chatroom on Jabbr: 

Here's the situation. New command comes in, They can sometimes be missing some info (for daft reasons), if it is missing info then I need to call off to an external api to get the info back. This external api is unreliable so it would be better to supply the information upfront if possible.

The Wrong Way to Use Javascript


I've been taking a bit of a coding vacation. Before I jump back into things, I decided to do a little housekeeping and clean the cobwebs from my interwebs. Specifically, reducing the level of annoying coming out of Facebook.

Look at this nonsense right here:

The Electroweak Vacuum is Eventually Consistent


The fastest information can ever travel is 3*10^8 m/s - in a vacuum. It's 2/3rds that in a copper wire. In the ideal case.

Imagine two observers in the milky way galaxy, one at Terminus and the other at Star's End. They will observe events from all over the universe at different times - they will not agree on the order of events. What they can agree on is that eventually they will see all of them.

Value Object Only Domains


Word on the street is value objects have been getting the short stick in DDD ORMS. That's too bad. Value objects should be first class citizens because like aggregates their role is to enforce invariants. e.g.

DateTime.Parse("NOPE") // <-- nope

Trust, but Verify


Sage advice. I almost made a huge mistake this sprint, but thankfully caught it because I had one last conversation with the domain expert before I deployed anything.

Replacing Mocks with Events in Your Tests


Sometimes our model can't be as pure as the driven snow. Sometimes we have to use a really crappy external model because replacing it outright would be too expensive. Typically we deal with this in our tests with some kind of mocking framework.

Example,we have a use case for 'creating' an item in the ERP system. Of course in real life nothing ever gets 'created.' Instead our inventory items are 'created' upstream in the product development context. Once the product has reached a certain point of development, they are released to manufacturing. They must go into the ERP system which is where purchase orders originate.