messaging - CQRS applying cross cutting concerns such as security -

-


messaging - CQRS applying cross cutting concerns such as security -

suppose have complex scheme there big trees of people. simple thoughts employees / manager relationship, many employees study 1 manager. in add-on manager there back upwards staff capable of acting on behalf of manager can manipulate managers' employees.

in cqrs scheme how model message hypothetical action of "edit employee" invoker of action back upwards staff. action can succeed if staff fellow member per manager security relationship acting upon employee in realm.

verifying security of involve querying database validate person beingness modified indeed within employee chain of manager.

where query occur? prior originating "edit employee" message?

if info upfront validated before originating message, in consistent scheme suppose before "edit employee" message has been processed separate action has occurred have removed authorization of user finish "edit employee" action. if the command handler doesn't validate security concerns of message, message still succeed though user no longer authorization execute it.

this seem imply double sided validation, similar ui validation & server side validation best course of study of action. method of completing validation seems though violate key tenets cqrs.

what approach(es) best when having deal these , other similar cross cutting concerns when using cqrs?

i'd skip cqrs exclusively domain , have web tier talk straight db tier (no messaging). simple optimistic concurrency should handle few conflicts happen.

security messaging cqrs domain-model cross-cutting-concerns

Comments

Post a Comment

Popular posts from this blog

delphi - blogger via idHTTP : error 400 bad request -

-
delphi - blogger via idHTTP : error 400 bad request - i'm trying post blogger using idhttp component, however, i'm getting "http/1.0 400 bad request" error. procedure tform1.button1click(sender: tobject); var request,response,req : tstringlist; auth,blogid : string; begin blogid := '00000000000000000000000'; request := tstringlist.create; response := tstringlist.create; req := tstringlist.create; idhttp1.request.connection := 'keep-alive'; idhttp1.request.contenttype := 'application/x-www-form-urlencoded'; idssliohandlersocket1.ssloptions.method := sslvsslv23; request.clear(); request.values['accounttype'] := 'google'; request.values['email'] := 'xxx@gmail.com'; request.values['passwd'] := 'yyy'; request.values['service'] := 'blogger'; response.text :=idhttp1.post('https://www.google.com/accounts/clientlogin',request); auth := resp...
Read more

c++ - cuda, pycuda -- how to write complex numbers -- errors:class "cuComplex" has no member "i" -

-
c++ - cuda, pycuda -- how to write complex numbers -- errors:class "cuComplex" has no member "i" - i have difficulties utilize complex numbers in cuda,pycuda. i have in c: #include <complex> typedef std::complex<double> cmplx; .... cmplx j(0.,1.); also,in same code: #include <boost/python.hpp> #include <boost/array.hpp> ... typedef std::vector< boost::array<std::complex<double>,3 > > complexfieldtype; typedef std::vector< boost::array<double,3> > realfieldtype; ... __global__ void compute(realfieldtype const & rs,complexfieldtype const & m,..) ... how can convert utilize pycuda? tried sth (according book 'cuda example'): struct cucomplex { float real; float imag; cucomplex(float a,float b): real(a),imag(b){} cucomplex operator *(const cucomplex& a) { homecoming cucomplex(real*a.real -imag*a.imag ,imag*a.real +real*a.imag); } cucomplex operat...
Read more

How do I check if an insert was successful with MySQLdb in Python? -

-
How do I check if an insert was successful with MySQLdb in Python? - i have code: cursor = conn.cursor() cursor.execute(("insert new_files (videos_id, filename, " "is_processing) values (%s,%s,1)"), (id, filename)) logging.warn("%d", cursor.rowcount) if (cursor.rowcount == 1): logging.info("inserted values %d, %s", id, filename) else: logging.warn("failed insert values %d, %s", id, filename) cursor.close() fun is, cursor.rowcount always one, though updated database create videos_id unique key. is, insert fails because in tests same videos_id going appear (and when check database, nil inserted). whatever reason, rowcount 1 - logging.warn have spits out rowcount of 1. so, question: can utilize rowcount work out if insert went fine? if so, (presumably) doing wrong? otherwise, how check if insert went fine? your code not commit after modifications (your modifications rolled back). should...
Read more