COMP 6471 Software Design Methodologies Winter 2006 Dr Greg Butler http://www.cs.concordia.ca/~gregb/home/comp647-w2006.html The CU WME Design Case Study Concordia University Work Management Environment (CU WME) provides support for an organisation of people who produce and publish documents Components: • • • • • User Management File Management Change Management Activity Management Collaborative Publication • Project Management The CU WME Design Case Study How do components distribute responsibilities and what are their dependencies? Separate mechanisms from policy. Components: • • • • • User Management File Management Change Management Activity Management Collaborative Publication • Project Management The CU WME Design Case Study How do components distribute responsibilities? • User Management: manage users, roles, rights • File Management: provide file/directories, operations for access, back-up. Access control? • Change Management: change of what?, provide operations, how much policy? • Activity Management: monitor, log. How much policy of control? What mechanisms for control? • Collaborative Publication=Document management: mechanisms on documents, concept of document, what is difference between file mgmt vs doc mgmt? • Project Management: mechanisms for project definition, policy for …. The CU WME Design Case Study What are their dependencies? • • • • User Management depends on …FM? File Management depends on …UM? Change Management depends on FM? Activity Management depends on FM, UM? • Collaborative Publication depends on UM, FM, CM, AM • Project Management depends on ??? The CU WME Design Case Study Separate mechanisms from policy. Which set policy, which provide implementation to enforce policy, which provide basic mechanisms? Components: • • • • • User Management File Management Change Management Activity Management Collaborative Publication • Project Management CU WME – User Management Responsibility:? RBAC (Role Based Access Control) concepts User Role (enumerated list) Operation (eg, read, write, …) Object (= Resource, ie Document/File) Permission of Role to perform an Operation on Object RBAC1 allows role hierarchy (DAG) RBAC2 adds constraint condition (ie lock exists on Object) to modify permissions CU WME – User Management Responsibility:? Does not need to define specific roles for the system, not Operations, nor Objects: these might be requirements from other Components. Eg, role of project management from PM (C6) Eg, operation read for Object file(“…”) from FM (C2) CU WME – File Management Responsibility:? Unix File System File is stream of bytes to provide uniform abstraction Directory hierarchy mixes files/directories/links as entries File identified by pathname (cf URI) Unix permissions (rwx) for roles (user, group, other) Does CUWME FM need its own access control? Who provides storage for UM? How to manage copies of files? Versions of files? CU WME – File Management Responsibility:? Back-up in FM What are mechanisms What are policies for back-up, where are they set What storage (ie files) are needed for back-up? Are these managed by FM? Do these have back-up needs? File replication in distributed system Same file exists in different location What does “same” mean here? Implications for file operations are … How is this managed by FM? CU WME – File Management Responsibility:? Are files atomic? How does FM relate to Change Mgmt and Document Mgmt? Does FM set policy (ie define) how a document is stored by FM? How a change is stored in FM? How a change is named? Do we back-up files or documents? If both, how is doc back-up related to file back-up? Is a back-up a change, activity, copy, version, … CU WME – Change Management Responsibility:? Concurrent Versions System (CVS) Is version control management system Versions of what? …for CVS source code files, binaries, documentation Check-out/check-in to manage concurrent access Version branches … which can be merged later (manually) Tracks versions, not changes Storing deltas (ie changes) is an implementation optimization CU WME – Change Management Responsibility:? Version of file or document or resource or …? Dependency on FM? for storage Which operations create a new “version”? Which do not? How do permissions on X carry over to permissions on version of X? or copy of X … Who sets this policy? Where? CU WME – Change Management Responsibility:? Do change management of files This is basic building block. Do change management of documents Remember documents are composite/recursive. CU WME – Activity Management Responsibility:? Look at basic concepts of web session or DB transaction or Command pattern Session is a sequence of activities by a user (from beginning to end) Activity is execution of an operation (C1) or command (GOF) or activity (C6) AM (C4) records/logs activities with info Session, activity, user, role, … Who is responsible for session creation? Collaborate with UM (C1) to ensure user has permission for the activity (operation). CU WME – Activity Management Responsibility:? Can a user have many sessions at once? Where are command objects created? Executed? Recorded? Does FM supply storage for log? How do operations which create versions communicate to CM (C3) that a version has been created? CU WME – Activity Management Responsibility:? Remember that AM provides mechanisms, not policies. CU WME – Collaborative Publication Responsibility:? …is this just Document Management? It should provide mechanisms, not policy. However, it must provide mechanisms that support the enforcement of policy, eg concurrency. Does this component need to define specific roles and permissions? Or can this be done separately using UM (C1)? CU WME – Collaborative Publication Responsibility:? Think of a document as an XML document, ie composite. How do you capture dependencies between a document and its parts? And the files? And its build process? [ie, compare document publication with software development] You need back-up and versions of documents: can you simply rely on FM back-up facility? CU WME – Collaborative Publication Responsibility:? I do not know of any good CP/DM(C5) system to refer you to as an example. “groupware” tends to focus on calendars, chat, notification rather than documents themselves. “issue tracking” tends to just look at issues and their resolution, but not document changes (or source code changes) OpenText Livelink is a Canadian example, but it does everything in CU WME and more Lotus Domino from IBM is also of interest CU WME – Project Management Responsibility:? Keep the scope simple. This is the place for policy – maybe not the only place. Define project: Sequence of activities, resources (ie roles) required, and schedule (in timeunits of duration). Create project: Set start date, assign users to roles. Monitor project progress: Collaborate with UM (C1) so that user session is associated with a project and role: assigned activities are RBAC “operations” on certain “objects”. Collaborate with AM (C4) to check whether activities are done. CU WME – Project Management Responsibility:? Composite pattern for project? Or for process? So a project can be a sequence of activities and/or subprojects. Allows easier definition of projects. Set/enforce policy? User can only work on assigned projects? User can only do scheduled activities? CU WME – Project Management Responsibility:? Again, difficult to find a simple example for you. Java open source projects include “Ganttproject” (a MS Project in Java) and “teamwork”. OpenText Livelink has project management. Fig. 13.3 UI Domain Swing Sales Web UI UI::Swing UI::Web Swing Web Domain::Sales Domain Sales Important Concepts Model • Abstraction hiding (unimportant) details • Eg, cover of Larman’s book GRASP Principle • for assigning responsibility Design pattern • Solution to design problem in context • Eg, Command pattern Responsibility-Driven Design (RDD) • Detailed object design is usually done from the point of view of the metaphor of: – Objects have responsibilities – Objects collaborate • Responsibilities are an abstraction. – The responsibility for persistence. • Large-grained responsibility. – The responsibility for the sales tax calculation. • More fine-grained responsibility. The 9 GRASP Principles 1. 2. 3. 4. 5. 6. 7. 8. 9. Creator Expert Controller Low Coupling High Cohesion Polymorphism Pure Fabrication Indirection Protected Variations Command Pattern • You have commands that need to be – executed, – undone, or – queued • Command design pattern separates – Receiver from Invoker from Commands • All commands derive from Command and implement do(), undo(), and redo() • Also allows recording history, replay