I have a Swift application i'm working on that allows a user to save various settings about their profile. Throughout my code, there are times where knowing these settings/preferences are important for the application's business logic. One of them is where the user works (their job, (which is a row in a sqllite database that has an ID as a primary key). The user is allowed to select one (and only one) in the app at any given time. Think of it like a profile - they can work many jobs, but only have one selected.
The following are scenarios where knowing the workplaceid profile is important:
In my sqllite database, retrieving work/shift information based upon the currently selected work ID(so not the ID from the database, but the ID they currently have selected). I'm passing this into my query.
In an NSDate extension function, when I go to determine some things about their starting date, I need to retrieve their currently selected profile, and use that for the calculation.
Within a particular view model when I want to show/hide certain fields.
On an alert view to show something related to their current workplace.
Now I think the quick and dirty way to do this is simply create a wrapper class to your nsuserdefaults in a utility class. Sure, all your info is stored in sqllite, but your currently selected app preferences are in nsuserdefaults since I can change this around (and it will change). This would parallel my other cross-cutting concerns such as logging/error handling, where I could use similar utility classes for all my work.
The fact that I might call this helper/utility class from every single layer of my application seems like a typical red flag you wouldn't do. Whether it's logging, or a user service to get information.
I'm curious to know what other people are doing in scenarios like this. When you need nsuserdefaults from all over your app, is the answer "eh who cares, just make a utility class and call it wherever you need it" ? Or is there a best practice others have followed with well-designed iOS apps? I know AOP is something folks tend to recommend. Does that have a place in iOS?
Thanks so much stackoverflow :)
The user is allowed to select one (and only one) in the app at any given time.
This tells me you want to create a singleton class. Every time you want to change the profile, you hit the singleton class and set it. That class encapsulates all the logic to get/set whatever you need, and the accessor functions. That's what I've been doing in my ObjC code for many years, and it has served me well. It's extremely easy to debug, and the rest of the code needs to know nothing about profile management (unless it's the UI part where you choose a profile).
Related
So I am writing an app in Rails 5, and I am interested in the security issues of a simple feature I am trying to write. Users make Picks, which are secret from one another until a certain time. If I pass:
#picks = Pick.all
which contains everyones picks,
to the view with the controller, and then filter what is displayed depending on who the user is on the view, would a user be able to access that #picks variable using nefarious methods? At first I thought yes, but now I am thinking that the user just gets the raw view sent with no #picks variable. Unless users can sneaky dev their own html views?
Disregard that it's probably a better idea to do the filtering in the controller anyway, I just want to see if you can expose variables if you give them in full to the view and then filter them there.
Short Answer:
No, the client cannot access the #picks variable directly. Your view would have to display the value of #picks in the view in order for the browser to receive it.
Long Answer:
However, it would be good practice to limit the data assigned to #picks before it gets to the view. As your codebase grows and ages, and perhaps other developers start maintaining it, you may not remember that the #picks variable contains data that should not be displayed in the view.
Six months down the road, when the client wants to update the view based on new feature enhancement, you do not want to rely on the developer who is modifying the view to know that #picks contains sensitive data.
Make life easy on future developers (including you) by restricting the content of #picks to those records that the user is allowed to see at the time. Using the code suggested in the comments is a good idea:
#picks = current_user.picks
Or better yet, add a method to your model that contains the business logic for determining which picks are available to the user at a given time:
class User < ApplicationRecord
...
def authorized_picks
# code that returns the picks this user is allowed to see right now
end
...
end
And then your controller code is:
#picks = current_user.authorized_picks
That way all of your business logic is in the model, where it belongs 90% of the time. This also allows you to keep your code DRY by having the authorization logic all in one place.
Keep your code simple and DRY and you will thank yourself down the road.
No, They won't be able to get the instance variable which we use in haml/erb files. They just get the raw html.
As Ruby on rails does server rendering, all instance variables will be used to prepare view at the server side.
Anyways filtering should be done on controller side as best practice.
My app will be used by one user. However, there will be a lot of user related info. So i have a class called User.h/.m and #property many fields. One one instance will be made of this class since only one user will be using the phone.
My question is,
1.should i adopt a singleton design pattern for this class? I don't want to continuously instantiate this class again and again thru out different view controllers.
I'm saving all info about this class using core data. Having said that, does this compel one to use singleton more?
is singleton design pattern the way to go? or should it be using external json file or plist?
Thank you
Like #iOS Weblineindia said Singleton will do the job just fine. But if you think in different direction, maybe not. Did you consider that your User obj can have more than one Google (lets assume) accounts? How your app wil interact and deal with such social accounts?
Here is the real use case scenario - I have one account when I'm at work (mail, services, drive etc.) and separate one when I'm out of the office. I want them to stay separate. I'm in such position myself now.
Maybe if you hare some more information about your User class logic it'll be easy to answer.
Is it possible to make sure a user only can open one instance of a specific form, for instance CustTrans from CustTable?
Modal form is not an option. Some sort of Singleton pattern?
You can use the global cache for this, more info on MSDN: http://msdn.microsoft.com/en-us/library/aa891830.aspx. However a lot of the time the use of the global cache is a sign of bad design.
You can use the global cache to implement a singleton pattern as demonstrated here: http://www.axaptapedia.com/Singleton_pattern
Also consider alternative solutions to your problem, for example the one used on inventory journals. When you open the lines for a journal, it is marked as "in use" so no one else can open that particular journal.
Side note: I believe what you are trying to achieve is a bit of an anti-pattern. Dynamics AX uses dynalinks to link forms together. All of this functionality will be lost if you implement this.
I have an application that has different data sets depending on which company the user has currently selected (dropdown box on sidebar currently used to set a session variable).
My client has expressed a desire to have the ability to work on multiple different data sets from a single browser simultaneously. Hence, sessions no longer cut it.
Googling seems to imply get or post data along with every request is the way, which was my first guess. Is there a better/easier/rails way to achieve this?
You have a few options here, but as you point out, the session system won't work for you since it is global across all instances of the same browser.
The standard approach is to add something to the URL that identifies the context in which to execute. This could be as simple as a prefix like /companyx/users instead of /users where you're fetching the company slug and using that as a scope. Generally you do this by having a controller base class that does this work for you, then inherit from that for all other controllers that will be affected the same way.
Another approach is to move the company identifying component from the URL to the host name. This is common amongst software-as-a-service providers because it makes sharding your application much easier. Instead of myapp.com/companyx/users you'd have companyx.myapp.com/users. This has the advantage of preserving the existing URL structure, and when you have large amounts of data, you can partition your app by customer into different databases without a lot of headache.
The answer you found with tagging all the URLs using a GET token or a POST field is not going to work very well. For one, it's messy, and secondly, a site with every link being a POST is very annoying to work with as it makes navigating with the back-button or forcing a reload troublesome. The reason it has seen use is because out of the box PHP and ASP do not have support routes, so people have had to make do.
You can create a temporary database table, or use a key-value database and store all data you need in it. The uniq key can be used as a window id. Furthermore, you have to add this window id to each link. So you can receive the corresponding data for each browser tab out of the database and store it in the session, object,...
If you have an object, lets say #data, you can store it in the database using Marshal.dump and get it back with Marshal.load.
I'm developing a webapp that allows the editing of records. There is a possibility that two users could be working on the same screen at a time and I want to minimise the damage done, if they both click save.
If User1 requests the page and then makes changes to the Address, Telephone and Contact Details, but before he clicks Save, User2 requests the same page.
User1 then clicks save and the whole model is updated using TryUpdateModel(), if User2 simply appends some detail to the Notes field, when he saves, the TryUpdateModel() method will overwrite the new details User1 saved, with the old details.
I've considered storing the original values for all the model's properties in a hidden form field, and then writing a custom TryUpdateModel to only update the properties that have changed, but this feels a little too like the Viewstate we've all been more than happy to leave behind by moving to MVC.
Is there a pattern for dealing with this problem that I'm not aware of?
How would you handle it?
Update: In answer to the comments below, I'm using Entity Framework.
Anthony
Unless you have any particular requirements for what happens in this case (e.g. lock the record, which of course requires some functionality to undo the lock in the event that the user decides not to make a change) I'd suggest the normal approach is an optimistic lock:
Each update you perform should check that the record hasn't changed in the meantime.
So:
Put an integer "version" property or a guid / rowversion on the record.
Ensure this is contained in a hidden field in the html and is therefore returned with any submit;
When you perform the update, ensure that the (database) record's version/guid/rowversion still matches the value that was in the hidden field [and add 1 to the "version" integer when you do the update if you've decided to go with that manual approach.]
A similar approach is obviously to use a date/time stamp on the record, but don't do that because, to within the accuracy of your system clock, it's flawed.
[I suggest you'll find fuller explanations of the whole approach elsewhere. Certainly if you were to google for information on NHibernate's Version functionality...]
Locking modification of a page while one user is working on it is an option. This is done in some wiki software like dokuwiki. In that case it will usually use some javascript to free the lock after 5-10 minutes of inactivity so others can update it.
Another option might be storing all revisions in a database so when two users submit, both copies are saved and still exist. From there on, all you'd need to do is merge the two.
You usually don't handle this. If two users happen to edit a document at the same time and commit their updates, one of them wins and the other looses.
Resources lockout can be done with stateful desktop applications, but with web applications any lockout scheme you try to implement may only minimize the damage but not prevent it.
Don't try to write an absolutely perfect and secure application. It's already good as it is. Just use it, probably the situation won't come up at all.
If you use LINQ to SQL as your ORM it can handle the issues around changed values using the conflicts collection. However, essentially I'd agree with Mastermind's comment.