I am currently experimenting with using a virtual machine for my development. I have earlier done it through OSX/Parallels but now I am trying a Win/Win solution with Hyper-V.
Every third month, that is for how long the license is valid, I do a Hyper-V Manager->Quick create->Windows 10 dev environment.
The mandatory screen shot.
It comes with Visual studio and some dotnet preinstalled. All I have to do is start VS and tell it to update itself, and update dotnet core, and start VS installer and update with Web and Azure and whatnot I need for developing.
(there is a installation version where I clone the git repo to get the stuff on my drive and work from there; but here is another version)
Download Keyboad 1337.zip. Unblock. Unpack. Install. Run Keyboard 1337\l337\setup.exe (yupp. there’s a typo there) Language preferences -> Keep English(Sweden) and English(United States). The latter is Keyboard1337
If these 3 issues aren’t a problem in you case, be reluctant to use an O/RM as an O/RM brings a bunch of other problems.
Type security
When you get the Customer.Verified out of a database the code already knows it is a boolean. No explicit type casting or declaring is needed as it is done elswhere, once and for all.
Now this isn’t totally true but depends on whether LINQ or HQL (or for another O/RM) you are using. But basically it is true, because of solid Left-right copying
Data copying
Copying data from a recordset to the Entity is done by the OR/M and configured once and for all. Unlike a programmer it won’t forget to copy a field in an obscure corner in your code base.
It isn’t hard to write a data copying function for this simple case and dragging a whole OR/M into the project is a lot of dependencies for little use.
Turn around
When the scheme is changing fast, like in the beginning of a project, or when prototyping, an O/RM is of great help to change in one place and let the coding tools and compiler do the rest of the changes in the project.
Schemes tend to solidify after a while and only change in small increments so speeding up the first 3 months for having a rucksack the coming 6 years might not be the best solution.
In production we usually rely on logs to track down an error.
Even worse; in production we have more data and more logging to sift through than in development. The trees can be lost in the woods. If we are more unlucky we also have a time restraint.
To learn how to read a log file we must train. This means reading log files. And to read the we must first write to them; in a readable way.
So I write log files and read them to find my errors already in development. Training for production.
Learn to write
Too little information is bad. This is the usual case. Too much information is bad too as we cannot see the flow of the program due to uninteresting information. Writing the exact amount of information for every time is probably not doable but by training I learn and get better at it.
Readable code
If we develop the application through setting breakpoints and inspecting variables we are in a bad spot when production error happens as we seldom can do that.
All we have is a log with a stack and possibly a rough idea of the input.
If I instead learn to read the code and trace the execution path manually, already in the development phase, I am in a much better position when production hits the proverbial fan.
Startup time
Connecting the debugger takes time. Just starting the program is faster.
Use Set-StrictMode. See part1 of this blog series.
1
# .SYNOPSIS... #
This type of comment right before a method is recognised by Powershell and ends up in Get-Help. Adhering to explaining the intention for your methods is considered good practice.
Inside the method is
1 2 3 4 5 6 7 8
param(
[parameter(
Mandatory=$true,
HelpMessage='The name of the culprit.'
)]
[string]$name,
[datetime]$birthDate=(Get-Date)
)
This is what the parameters look like. One can set if a parameter is mandatory, some help text to be picked up by your favourite text editor, the [type] and default value.
1
$startTime=Get-Date-Format 't'
A variable is set to a string. Other scripting languages send strings around. Powershell sends proper objects. The Get-Date-Format converts the DateTime value to a string.
1
Write-Verbose "Start$startTime"
Built into Powershell is the possibility to call (almost) anything with a -Verbose flag. Only then is the Write-Verbose called. Like a simple logging level.
Nothing strange here at first sight. Until you exeute in a console. Then you realise this string is outputed; because it is not inputed into something else, like a variable.
Also “$($variable.Method)” is the way to call methods inside a string.
1 2 3 4
$foundPerson= GetPeople `
| where {$_.name-eq$name } `
| Sort-Object born `
| Select-Object-First 1
Powershell is said to be able to use Linq. This is technically true but the syntax is so weird that I have never used it. This code though has (almost) the same behaviour and is easy to read.
GetPeople is a method call. Backtick concatenate lines and circumvents that Powershell has automatic statement ending with a line end. | pipes object and not strings. where is an alias for Where-Object. The rest is… Linqish.
1
Write-Host "foundPerson:[$foundPerson]"
Write-Host an object like $foundPerson output the contents of the object. Not just the type as in C#. Write-Verbose “Stop:$(Get-Date-Format ‘t’)”
This string is outputed only if the method call is made with -Verbose. Plus an exmple on how to write a method call in a string.
1
return $foundPerson
Finally nothing surprising. Except that return can be left out to make the code harder to read.
New to Powershell? Let me jot down a few good-to-know things. Some you already know. Some might save you hours of googling.
Use Set-StrictMode -Version 2.0.
Powershell 5.1 is the last Windows Powershell. From 6 it runs on Dotnet core and more platforms.
Use Pester for automatic testing. It runs tests and can mock. Note that mocking works differently in Powershell than C# as they load code in different ways.
Don’t patch together your Powershell scripts. Use the systems thinking you usally do and create a sturdy, thought out, solution with bricks of the right size. Just like you would any other solution.
For caveats let me explain the file below, row by row.
File JustASimpleScript.ps1
1 2 3 4 5 6 7 8 9 10 11 12
Set-StrictMode -Version 2.0
$temp
$temp = 'LocalVariable'
function LocalFunction( $foo, $bar ){
Write-Host "Local variable is $temp."
$foo # The last executed row is returned.
}
LocalFunction 'MyParameter'
Enter the above in your favourite text editor. Save it as JustASimpleScript.ps1. Open a console and navigate to the proper folder. Execute Powershell to get Powershell started. Then execute .\JustASimpleScript.ps1′. The result shows both an exception and some more proper output.
1
Set-StrictMode -Version 2.0
Set-StrictMode is like `option explicit` in old VB6, it throws an error if you try to evaluate a variable that has not been set, that parenthesises are not used when calling functions and called methods do exist.
No code example at Stackoverflow shows it and almost no blog article.
1
$temp
Variables are recognised by the leading dollar sign.
As we used Set-StrictMode above this row throws an exception. But… the program continues to run!
1
$temp = 'LocalVariable'
Strings are delimited with apostrophes. Quotation works but is over kill, see below.
1
function LocalFunction( $foo, $bar ){
Nothing special about declaring a function like this. Declare a function with parenthesises but call it without; it is very easy to get this wrong. Also; the parameters are optional by default.
1
Write-Host "Local variable is $temp."
Write-Host is the normal way of outputting text in the console. If it is the correct way is another discussion I won’t dive into without more knowledge.
Also note the quotation marks. They mean that anything that looks like a variable inside should be evaluated. Just like PHP. Just like C# by prefixing a string with $. Many online examples use quotation marks for every string. By the time of writing I consider that less good.
1
$foo # The last executed row is returned.
To fool newbies, Powershell implicitly returns the last executed row with an output. I suggest to make it more readable, prefix with return like so:
1
return $foo # The last executed row is returned.
Comments starts with a # sign.
1
{...}
Stuff within curly brackets are a code block. A code block is not only the contents of a method or an if statement but can also be passed around, like a() => {…} lambda in C#.
1
LocalFunction 'MyParameter'
This ia a method call. As long as it is Powershell leave out the parenthesises. Otherwise you have converted your list of parameters to a single parameter call and the single parameters is a list. This rule is not hard to remember but reading code that calls method with lists as parameters is hard to grasp for a newbie. Adding insult to injury, calling a C# method from Powershell might change the rule.
Using a file like this, ending in ps1 is typically done by “dot sourcing”. It is quick, dirty and pollutes the global name space. Things you would never to in your “regular language”.
A call like below makes the contents live only just in the call.
1
.\JustASimpleScript.ps1
If you want to make the $temp variable and the LocalFunction live on you start it with yet a period and a space like so:
Well… I didn’t, not down to bit level. But I got closer than any time before as every business case was tested.
Don’t believe my rudimentary text below will simply answer how to do it; it will just give a raw landscape. It took me several nights and 3 iterations before I solved all the tidbits.
More important than to test that every Role could get to its authorised Product was to see that it could not get to unauthorised ditto.
So I had to test every combination.
Testing every permutation of User, Role and Product was not feasible. Each entity has several properties and they are, mostly, not related to authorisation. Then we have 2^64 kinds of userId where most of them are not interesting and not even in use. To continue a test on “Role of type X or Y” is really a “Role is HiredInProductsCompany”.
So I sat down and extracted the if statements from the code. They were like “if loggedOn” and “if in Role x or y”. Every such statement was extracted as a method and moved into a (temporary) helper lib.
When I was sure, with visual inspection, I had caught everything, I put some business logic into thought and manipulated and rearranged the methods. They became fewer and matchable to business requirements. Gone was “if user.Role == Administrator and user.Company = product.Company” but instead “if user.IsAdministratorAtProductsCompany(product)”.
Note that during this process I have not changed any logic and, testing besides, present state could be shipped all the time.
Now I had to get rid of any technical remains. On the outside it looked ok as the method names where very descriptive in business lingua but inside the authorisation method was “if user.Id == 0” or “if challengedUser.Id == persistedUser.ID”. It was not usable since Id as integer is a technical (often a persistance layer construction) solution for recognising an entity. In business terms it is more like “user.IsPersisted” and “if challengedUser.SameAs(persistedUser)”. I continued redusing the problem space to what I really wanted to test when authorising.
This way I seriously minimised the permutations, as an authorisable User did not care about “Id” or “Name” or “BusinessPartner” but only “IsLoggedOn” and “Role”. With 6 roles that means 12 permutations. With Project I came to, say, 32 permutations and user 4. This gives in all 12*32*4=1500 variants. Not a problem to test every combination now if I just put some (business) intelligence into creating the tests. #win
Let’s say 240 of them were positive (autorised) and the rest negative.
I started with creating a simple lib for permutating every possible input and them through One Test to green light “not authorised”. Everything red should be authorised. Already here I might have found combinations that was authorised when they should not have been.
Then I, manually, created a list of every permutation allowing authorisation. Well… manually for a programmer is reducing to loops and ifs so one method could create every authorised combination of type A and one of type B. Alltogether that is, say, 10 different methods and some manual ones. They were concatenated to a list and I made the Test assert authorised and not-authorised according to this list.
So now I had a test for every kind of authorisation check testing both authorised and not authorised and tests looks like business logic.
