![Page 1: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/1.jpg)
HOWDAHA tutorial
Tuesday, October 20, 2009
![Page 2: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/2.jpg)
Why?
Howdah is for people who really “get” databases
Howdah treats your database as code. Procedures, and hand-written SQL.
Would you automate python generation? Then why SQL?
Just because it’s not code you’re comfortable with, doesn’t make it any less code.
2
Tuesday, October 20, 2009
![Page 3: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/3.jpg)
What shall we build?
Today, we’ll be talking about designing and implementing a Wiki.
3
Tuesday, October 20, 2009
![Page 4: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/4.jpg)
Why a Wiki?
Canonical example
Simple enough to define in an afternoon
Complex enough to require in-depth exploration
4
Tuesday, October 20, 2009
![Page 5: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/5.jpg)
Why a Wiki?
Public and Private permissions/users
Read/write collaborative model
5
Tuesday, October 20, 2009
![Page 6: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/6.jpg)
Design vs. Code
Speaking more on Design than on Code
Why is more important than How.
How is still important
6
Tuesday, October 20, 2009
![Page 7: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/7.jpg)
STEP 1:DESIGN
7
Tuesday, October 20, 2009
![Page 8: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/8.jpg)
Database
What do we need?
8
Tuesday, October 20, 2009
![Page 9: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/9.jpg)
Application
What do we need?
9
Tuesday, October 20, 2009
![Page 10: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/10.jpg)
Application
What do we need?
Anything else? Did we miss anything?
10
Tuesday, October 20, 2009
![Page 11: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/11.jpg)
STEP 2:REVISIT
11
Tuesday, October 20, 2009
![Page 12: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/12.jpg)
Database
Based on our Application design, what expansions do we need?
12
Tuesday, October 20, 2009
![Page 13: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/13.jpg)
Database
Based on our Application design, what expansions do we need?
Why do we need them?
13
Tuesday, October 20, 2009
![Page 14: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/14.jpg)
Application
With the new DB features, what changes?
14
Tuesday, October 20, 2009
![Page 15: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/15.jpg)
Application
With the new DB features, what changes?
What new ideas are evident?
15
Tuesday, October 20, 2009
![Page 16: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/16.jpg)
Application
With the new DB features, what changes?
What new ideas are evident?
Do the changes make things easier?
16
Tuesday, October 20, 2009
![Page 17: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/17.jpg)
STEP 3:API CONTRACTS
17
Tuesday, October 20, 2009
![Page 18: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/18.jpg)
DatabaseDefining our API
What stored procedures do we need?
18
Tuesday, October 20, 2009
![Page 19: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/19.jpg)
DatabaseDefining our API
What stored procedures do we need?
What should they do?
19
Tuesday, October 20, 2009
![Page 20: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/20.jpg)
DatabaseDefining our API
What exceptions do we need?
20
Tuesday, October 20, 2009
![Page 21: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/21.jpg)
DatabaseDefining our API
What exceptions do we need?
Null data
Bad data
No such record
21
Tuesday, October 20, 2009
![Page 22: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/22.jpg)
ApplicationDefining our API
What models do we need?
22
Tuesday, October 20, 2009
![Page 23: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/23.jpg)
ApplicationDefining our API
What exceptions do we need?
23
Tuesday, October 20, 2009
![Page 24: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/24.jpg)
ApplicationDefining our API
What exceptions do we need?
What do DB exceptions become?
What HTTP responses should the exceptions raise?
24
Tuesday, October 20, 2009
![Page 25: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/25.jpg)
ApplicationDefining our API
What views do we need?
25
Tuesday, October 20, 2009
![Page 26: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/26.jpg)
ApplicationDefining our API
What views do we need?
What views are read-only? Read-write? Write-only?
26
Tuesday, October 20, 2009
![Page 27: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/27.jpg)
STEP 4:FIRST EXPANSION
USERS
27
Tuesday, October 20, 2009
![Page 28: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/28.jpg)
DatabaseUsers
User system!
28
Tuesday, October 20, 2009
![Page 29: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/29.jpg)
DatabaseUsers
User system!
VerticallyChallenged for users
29
Tuesday, October 20, 2009
![Page 30: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/30.jpg)
DatabaseUsers
User system!
VerticallyChallenged for users
How to set up VC
30
Tuesday, October 20, 2009
![Page 31: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/31.jpg)
DatabaseUsers
Stored Procedures - How do we adapt them?
How does this affect our API contract?
31
Tuesday, October 20, 2009
![Page 32: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/32.jpg)
ApplicationUsers
Using @needs to define permissions
How should views be protected?
32
Tuesday, October 20, 2009
![Page 33: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/33.jpg)
ApplicationUsers
Using @needs to define permissions
How should views be protected?
Should anonymous users have write permission?
33
Tuesday, October 20, 2009
![Page 34: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/34.jpg)
ApplicationUsers
Permissions violations
What should no user return?
What should a bad user return?
What should insufficient permissions return?
34
Tuesday, October 20, 2009
![Page 35: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/35.jpg)
ApplicationUsers
Why - Are there better mechanisms?
35
Tuesday, October 20, 2009
![Page 36: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/36.jpg)
STEP 5:ADMINISTRATIVE
USERS
36
Tuesday, October 20, 2009
![Page 37: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/37.jpg)
DatabaseAdministrators
What delineates an admin?
What special things can an admin do?
Should admins be otherwise normal users?
37
Tuesday, October 20, 2009
![Page 38: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/38.jpg)
DatabaseAdministrators
Root-level permissions:
Should the database superuser ever be allowed to log in from the web app?
38
Tuesday, October 20, 2009
![Page 39: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/39.jpg)
DatabaseAdministrators
Root-level permissions:
Should the database superuser ever be allowed to log in from the web app?
Why?
39
Tuesday, October 20, 2009
![Page 40: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/40.jpg)
ApplicationAdministrators
What delineates an Admin?
40
Tuesday, October 20, 2009
![Page 41: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/41.jpg)
ApplicationAdministrators
Design
Are there special admin-only views?
How do we protect admin privileges?
Are there user-specific views? Do admins have permission to access those?
Is anything changed by the DB layer?
41
Tuesday, October 20, 2009
![Page 42: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/42.jpg)
ApplicationAdministrators
Should administrators be able to view everything?
42
Tuesday, October 20, 2009
![Page 43: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/43.jpg)
ApplicationAdministrators
Should administrators be able to view everything?
What about privileged information?
HIPAA, lawyer confidentiality
43
Tuesday, October 20, 2009
![Page 44: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/44.jpg)
ApplicationAdministrators
Should administrators be able to view everything?
What about privileged information?
HIPAA, lawyer confidentiality
How can we protect privileged information like this?
Can we ever guarantee protection? How?
44
Tuesday, October 20, 2009
![Page 45: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/45.jpg)
STEP 6:A NEW FEATURE
45
Tuesday, October 20, 2009
![Page 46: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/46.jpg)
A New Feature
Let’s add a user profile page
Specifically list the pages that a user has edited
46
Tuesday, October 20, 2009
![Page 47: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/47.jpg)
DatabaseA New Feature
Design first!
47
Tuesday, October 20, 2009
![Page 48: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/48.jpg)
DatabaseA New Feature
Design first!
Do we need new stored procedures?
What are they?
Who has access to them?
Does this require write access?
48
Tuesday, October 20, 2009
![Page 49: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/49.jpg)
ApplicationA New Feature
What does the app need to support this?
49
Tuesday, October 20, 2009
![Page 50: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/50.jpg)
ApplicationA New Feature
What does the app need to support this?
What views do we need?
50
Tuesday, October 20, 2009
![Page 51: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/51.jpg)
ApplicationA New Feature
What does the app need to support this?
What views do we need?
Who has access to the views?
Logged-in users only?
51
Tuesday, October 20, 2009
![Page 52: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/52.jpg)
ApplicationA New Feature
What about security and data confidentiality?
What security issues could be present?
52
Tuesday, October 20, 2009
![Page 53: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/53.jpg)
ApplicationA New Feature
What about security and data confidentiality?
What security issues could be present?
Do we list entries that a user may not have read access to?
53
Tuesday, October 20, 2009
![Page 54: Howdah - An Application using Pylons, PostgreSQL, Simpycity and Exceptable](https://reader034.vdocuments.mx/reader034/viewer/2022052619/555a71f0d8b42a972b8b5022/html5/thumbnails/54.jpg)
ApplicationA New Feature
What about security and data confidentiality?
What security issues could be present?
Do we list entries that a user may not have read access to?
Should we list nothing, instead?
Why do it like this? Are there better solutions?
54
Tuesday, October 20, 2009