Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Theory, Practice & Methodology of Relational Database Design and Programming Copyright © Ellis Cohen 2002-2008 Conditions & Roles These slides are licensed.

Published byGwendoline Jones Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Theory, Practice & Methodology of Relational Database Design and Programming Copyright © Ellis Cohen 2002-2008 Conditions & Roles These slides are licensed."— Presentation transcript:

1 1 Theory, Practice & Methodology of Relational Database Design and Programming Copyright © Ellis Cohen 2002-2008 Conditions & Roles These slides are licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. For more information on how you may use them, please see http://www.openlineconsult.com/db

2 2© Ellis Cohen 2001-2008 Overview of Lecture Pre-Conditions Post-Conditions Using Operation Conditions User Roles Roles & Entity Classes

3 3© Ellis Cohen 2001-2008 Pre-Conditions

4 4© Ellis Cohen 2001-2008 Pre-Conditions A Pre-Condition is a condition that should be checked immediately BEFORE a specific operation is permitted to execute. Pre-conditions are used to determine whether an operation should be permitted to execute

5 5© Ellis Cohen 2001-2008 Pre-conditions for Update Job Entry UpdateJobEntry( :jobno, :compid, :loc, :startdate, :enddate, :descr ) –Updates the current user's :jobno'th job entry Pre-Conditions: Current user must be a job candidate with an existing job entry numbered by :jobno :compid must be the id of a company in the database :enddate must be after :startdate

6 6© Ellis Cohen 2001-2008 Enforcing Pre-Conditions Pre-conditions are typically enforced by Adding code at beginning of an operation which checks whether the condition is satisfied (often involving a database query) If an error would be raised (e.g. by the database) if the operation would allowed to proceed, let it, and handle the error appropriately.

7 7© Ellis Cohen 2001-2008 Types of Pre-Conditions Pre-conditions are (in order of weakest to strongest) Soundness Pre-Conditions –determine whether the operation makes sense, strictly based on the parameters to the operation Status Pre-Conditions –determine whether the operation can take place based on the current status of the database or the environment, but not based on the user (or client) User Pre-Conditions –determine whether the current user (or client) is allowed to perform the operation

8 8© Ellis Cohen 2001-2008 Soundness & Status Examples Soundness-Based example –AddJobEntry( :compid, :title, :location, :startDate, :endDate, :details ) :enddate must be after :startdate Status-Based example –AddJobEntry( :compid, :title, :location, :startDate, :endDate, :details ) :compid must be the id of a company in the database

9 9© Ellis Cohen 2001-2008 User Pre-Conditions Determines whether the current user (or client) is authorized to perform the operation, or whether the parameters are appropriate for that user –Always refers to the role or (some DB information tied to the) identity of the current user/client Role-Based User Pre-Conditions –Only requires checking the role of the current user Identity-Based User Pre-Conditions –Requires checking (some DB information tied to the) identity of the current user

10 10© Ellis Cohen 2001-2008 User Pre-Condition Examples Role-Based example –AddJobEntry( :compid, :title, :location, :startDate, :endDate, :details) The current user's role must be a JobCandidate Identity-Based example –UpdateJobEntry( :jobno, :compid, :title, :location, :startDate, :endDate, :details ) The current user must have a jobno'th job entry

11 11© Ellis Cohen 2001-2008 Post-Conditions

12 12© Ellis Cohen 2001-2008 Post-Conditions A Post-Condition is a condition that you expect to be true immediately AFTER a specific operation executes Post-conditions are used to ensure that an operation executed correctly, and to characterize everything that it needs to do

13 13© Ellis Cohen 2001-2008 Post-Conditions for RemoveCandidate RemoveCandidate –Removes the current user as a candidate Post-Conditions: The current user is no longer a candidate There are no remaining job entries for the current user Boring Interesting What makes a post-condition interesting?

14 14© Ellis Cohen 2001-2008 Interesting Post-Conditions Interesting Post-Conditions have one or more of the following characteristics Don't obviously or immediately follow from a simple description of the operation Not a condition that is invariant (i.e. always true); the operation made it true Involve changes to entity classes or relationships other than the one that the operation obviously needs to affect Ensure that redundant data is kept consistent

15 15© Ellis Cohen 2001-2008 Types of Post-Conditions State-Related Post-Conditions –characterizes resulting changes to the database state -- e.g. the candidate's job entries must have all been deleted Output-Related Post-Conditions –characterizes resulting properties of the operation output -- usually situations under which less information than expected was displayed External Post-Conditions –characterizes resulting changes to the external environment -- e.g. a message was sent, etc. Main Focus

16 16© Ellis Cohen 2001-2008 Output-Related Post-Condition for ShowCompaniesWithPostings ShowCompaniesWithPostings –Shows companies which have job postings Output-Related Post-Condition: if current user is not a premium member, only shows companies with postings more than 5 days old

17 17© Ellis Cohen 2001-2008 Using Operation Conditions

18 18© Ellis Cohen 2001-2008 Operation Conditions Pre-Condition: Condition that should be checked before an operation is executed Used to determine if an operation should be allowed to execute Post-Condition: Condition that can be checked after an operation is executed Used to ensure that an operation executed correctly characterize everything it needed to do

19 19© Ellis Cohen 2001-2008 Enforcing Operation Conditions There are two places to enforce operation conditions Application Enforcement: –Enforce constraints through code executed by an operation Database Enforcement: –Use built-in database features to automatically enforce constraints in the data-tier column constraints, table constraints, assertions, views, triggers & access control

20 20© Ellis Cohen 2001-2008 Value of Operation Conditions Why is it important to specify operation conditions? –They often correspond to business rules (in the requirements), perhaps added in a later revision –Clarifies intent and semantics of user operations –Helps discover deficiencies in the conceptual ER model –Enforcing conditions helps ensure that database applications work correctly!

21 21© Ellis Cohen 2001-2008 Operation Conditions & Business Rules Business Rules specify/ determine 1.Conceptual Model 2.User Operation Functionality 3.Behavior Constraints & Operation Conditions constraints and conditions on the behavior of user and database operations 4.State Constraints constraints on the state of the data that's allowed to be stored in the database 5.Performance Requirements Operation Conditions are just part of the business rules of a database application

22 22© Ellis Cohen 2001-2008 User Roles

23 23© Ellis Cohen 2001-2008 User Roles A user role characterizes a kind of user who uses a particular database application Users who take on different roles (are allowed to) use different sets of operations What are the roles (i.e. names for different groups of users) for the Job Board application?

24 24© Ellis Cohen 2001-2008 Job Board User Roles Different users of the system play different roles. The two roles we've discussed are –Job Candidate –Company Representative There are other roles as well (which we won't discuss now) –Administrator (too complicated) –UnknownUser (someone who is not logged in, but perhaps can still get some job board information)

25 25© Ellis Cohen 2001-2008 Organizing User Operations Why use roles?  Organizing operations by role & by operation type helps ensure that the list of operations is complete, and that we really understand what we expect the application to be able to support Roles QueriesActions Job Candidate Show Company Postings Show Company Info … Add Job Entry … Company Representative Show Company Postings Show Company Info … Add Job Posting …

26 26© Ellis Cohen 2001-2008 Common Operations Are there any operations that are common to both roles (i.e. to both groups of users)? YES  Use super-roles so that an operation can be associated with just a single role!

27 27© Ellis Cohen 2001-2008 Super-Roles and Sub-Roles Job Candidate User Means two things (BOTH are important!) A Job Candidate is a kind of User (but not every User is a Job Candidate) Every operation that a User is allowed to perform can also be performed by a Job Candidate User Role Diagram User is a super-role of Job Candidate Job Candidate is a sub-role of User

28 28© Ellis Cohen 2001-2008 Multiple Subroles User Job Candidate Company Representative User is a super-role of Company Representative and Job Candidate User Role Diagrams show the roles used in an application and the relationships among them. They are a simplification of UML Use Case Diagrams in which just the actors are shown User Role Diagram

29 29© Ellis Cohen 2001-2008 Reorganizing User Operations Roles QueriesActions User Show Company Postings Show Company Info … … Job Candidate …Add Job Entry … Company Representative …Add Job Posting … Allows common operations to be associated with the common super-role

30 30© Ellis Cohen 2001-2008 Designing with Role Hierarchies Role hierarchies simplify design. They allow an operation to be associated with just a single role. Suppose an operation can be performed by (1) a Company Representative, (2) a Job Candidate and (3) potentially any other kind of User Instead of having to associate the operation with all 3 roles, we simply note that Job Candidate and Company Representatives are subroles of User, and just associate the operation with the User role. Why use role hierarchies?

31 31© Ellis Cohen 2001-2008 Disjoint Subroles Job Candidate Company Representative User Means that the same user can't play the roles of Job Candidate and Company Representative simultaneously. User is a super-role of Company Representative and Job Candidate User Role Diagram

32 32© Ellis Cohen 2001-2008 Overlapping Subroles User Job Candidate Company Representative User is a super-role of Company Representative and Job Candidate Because Company Representative and Job Candidate are not disjoint, a user can perform operations associated with either role at the same time, without having to explicitly change roles, or log out and log back in. User Role Diagram

33 33© Ellis Cohen 2001-2008 Role Reorganization Problem Suppose there were three groups of users: Job Candidates, Company Representatives & Administrators. Suppose there was a new operation added that Company Representatives & Administrators could do, but not Job Candidates. If so, how would we reorganize this diagram so that an operation is still only assigned to a single role? Job Candidate Company Representative User Administrator User Role Diagram

34 34© Ellis Cohen 2001-2008 Role Reorganization Solution Job Candidate Company Representative User Administrator Privileged User Define new common role & assign operation to this role User Role Diagram Does this meet the "kind-of" requirement?

35 35© Ellis Cohen 2001-2008 Known & Unknown Users Job Candidate Company Representative Known User User Role Diagram User Anyone with access to the system A logged-in user Unknown User A user who is not logged-in

36 36© Ellis Cohen 2001-2008 Logout and Login Why is it important to distinguish –a KnownUser (who is logged in) from –an UnknownUser (who isn't)? We do not know who a user is before she logs in, or after she logs out –The Login operation changes the current user's role from UnknownUser to KnownUser (or a subrole of it) –The Logout operation changes the current user's role back to UnknownUser A user who is already logged in should not be able to log in again –This is enforced automatically if we only allow Login to be performed by a user whose role is UnknownUser A user should not be able to logout if they are already logged out –This is enforced automatically if we only allow Logout to be performed by a user whose role is KnownUser (or a subrole of it) Note: More generally, a result of an action can be a change to the user's role

37 37© Ellis Cohen 2001-2008 Known vs Unknown User Operations Roles QueriesActions Unknown User Login Register Candidate Register Company Known User Show Company Postings Show Company Info … Logout … Job Candidate …Add Job Entry … Company Representative …Add Job Posting …

38 38© Ellis Cohen 2001-2008 Role-Based User Pre-Conditions Assigning an Operation to a Role implicitly defines a role-based user pre-condition –Assigning ShowMatchingCompanies to the JobCandidate role is equivalent to –ShowMatchingCompanies Pre-Condition: The user must be a job candidate

39 39© Ellis Cohen 2001-2008 Roles & Entity Classes

40 40© Ellis Cohen 2001-2008 Entity-Relationship Diagrams Entity-Relationship diagrams –Reflect the static relationships between data persistently stored in the database They do NOT need to reflect –Temporary data structures –Users or roles (unless information is retained about them beyond what is needed for authentication, or if authentication info is stored in the DB) –Operations users might be able to do or have done, unless needed for auditing purposes –Flow of information among tables or between tables and users (i.e. they are not process modeling diagrams)

41 41© Ellis Cohen 2001-2008 Job Board Application: Easy Crow Magnum Diagram Candidate JobPosting job history includes open at postid candid JobEntry Company occurred at compid entryid

42 42© Ellis Cohen 2001-2008 Possibly Expanded ER Diagram Candidate JobPosting job history includes open at postid candid JobEntry Company occurred at compid entryid Company Rep repid has views Is this a better ER model?

43 43© Ellis Cohen 2001-2008 Questionable ER Diagram Expansion Candidate JobPosting job history includes open at postid candid JobEntry Company occurred at compid entryid Company Rep repid has views 1)Adding CompanyRep might make sense, but only so that when a CompanyRep logs in, we can find out their associated company. That's not even necessary if all company reps can login with the same company id, or if authentication & basic user info is managed outside the database (e.g. LDAP, Active Directory, etc.) 2)While company representatives certainly view candidate job entries, nothing suggests that we need to persistently keep track of that information.

44 44© Ellis Cohen 2001-2008 Relationships & Persistence A relationship represents information which needs to be persistently stored in a database! If the information doesn't need to be stored and queried, don't represent it as a relationship Don't include relationships which simply show what a user can do or keep track of what a user has done, unless it is clear that information will be needed later! *

Download ppt "1 Theory, Practice & Methodology of Relational Database Design and Programming Copyright © Ellis Cohen 2002-2008 Conditions & Roles These slides are licensed."

Similar presentations

CMSC 414 Computer (and Network) Security Lecture 13 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 13 Jonathan Katz.
Copyright © 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 5 More SQL: Complex Queries, Triggers, Views, and Schema Modification.

Copyright © 2011 Pearson Education, Inc. Publishing as Pearson Addison-Wesley Chapter 5 More SQL: Complex Queries, Triggers, Views, and Schema Modification.
OOAD Using the UML - Use-Case Analysis, v 4.2 Copyright  1998-1999 Rational Software, all rights reserved 1/18 Use Case Analysis – continued Control Classes.

OOAD Using the UML - Use-Case Analysis, v 4.2 Copyright  Rational Software, all rights reserved 1/18 Use Case Analysis – continued Control Classes.
Design Principles: Faithfulness

Design Principles: Faithfulness
Practical Object-Oriented Design with UML 2e Slide 1/1 ©The McGraw-Hill Companies, 2004 PRACTICAL OBJECT-ORIENTED DESIGN WITH UML 2e Chapter 5: Restaurant.

Practical Object-Oriented Design with UML 2e Slide 1/1 ©The McGraw-Hill Companies, 2004 PRACTICAL OBJECT-ORIENTED DESIGN WITH UML 2e Chapter 5: Restaurant.
Copyright W. Howden1 Lecture 13: Programming by Contract.

Copyright W. Howden1 Lecture 13: Programming by Contract.
Database Design Concepts INFO1408 Term 2 week 1 Data validation and Referential integrity.

Database Design Concepts INFO1408 Term 2 week 1 Data validation and Referential integrity.
9 1 Chapter 9 Database Design Database Systems: Design, Implementation, and Management, Seventh Edition, Rob and Coronel.

9 1 Chapter 9 Database Design Database Systems: Design, Implementation, and Management, Seventh Edition, Rob and Coronel.
A Guide to SQL, Seventh Edition. Objectives Understand, create, and drop views Recognize the benefits of using views Grant and revoke user’s database.

A Guide to SQL, Seventh Edition. Objectives Understand, create, and drop views Recognize the benefits of using views Grant and revoke user’s database.
Systems Analysis I Data Flow Diagrams

Systems Analysis I Data Flow Diagrams
Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,

Database Auditing Models Dr. Gabriel. 2 Auditing Overview Audit examines: documentation that reflects (from business or individuals); actions, practices,
Database Constraints. Database constraints are restrictions on the contents of the database or on database operations Database constraints provide a way.

Database Constraints. Database constraints are restrictions on the contents of the database or on database operations Database constraints provide a way.
DB Audit Expert v1.1 for Oracle Copyright © 1999-2002 SoftTree Technologies, Inc. This presentation is for DB Audit Expert for Oracle version 1.1 which.

DB Audit Expert v1.1 for Oracle Copyright © SoftTree Technologies, Inc. This presentation is for DB Audit Expert for Oracle version 1.1 which.
Ch5: ER Diagrams - Part 2 Much of the material presented in these slides was developed by Dr. Ramon Lawrence at the University of Iowa.

Ch5: ER Diagrams - Part 2 Much of the material presented in these slides was developed by Dr. Ramon Lawrence at the University of Iowa.
1 Some Patterns of Novice Programs Author : Eugene Wallingford ; Dan Steinberg ; Robert Duvall ; Ralph Johnson Source : PLoP 2004 Advisor : Ku-Yaw Chang.

1 Some Patterns of Novice Programs Author : Eugene Wallingford ; Dan Steinberg ; Robert Duvall ; Ralph Johnson Source : PLoP 2004 Advisor : Ku-Yaw Chang.
CSC271 Database Systems Lecture # 6. Summary: Previous Lecture  Relational model terminology  Mathematical relations  Database relations  Properties.

CSC271 Database Systems Lecture # 6. Summary: Previous Lecture  Relational model terminology  Mathematical relations  Database relations  Properties.
Databases From A to Boyce Codd. What is a database? It depends on your point of view. For Manovich, a database is a means of structuring information in.

Databases From A to Boyce Codd. What is a database? It depends on your point of view. For Manovich, a database is a means of structuring information in.
REFACTORING Lecture 4. Definition Refactoring is a process of changing the internal structure of the program, not affecting its external behavior and.

REFACTORING Lecture 4. Definition Refactoring is a process of changing the internal structure of the program, not affecting its external behavior and.
Relational Database Concepts. Let’s start with a simple example of a database application Assume that you want to keep track of your clients’ names, addresses,

Relational Database Concepts. Let’s start with a simple example of a database application Assume that you want to keep track of your clients’ names, addresses,
Copyright © Ellis Cohen

Copyright © Ellis Cohen

Similar presentations

Ads by Google