Home Archives Search Feed Weekly Roundups Highlights

Highlights

These Are Highlights From Stuff I Am Reading on Kindle/The Internet

Designing Data-Intensive Applications

Leader-based replication has one major downside: there is only one leader, and all writes must go through it.iv If you can’t connect to the leader for any reason, for example due to a network interruption between you and the leader, you can’t write to the database.

Django for Startup Founders: A Better Software Architecture for SaaS Startups and Consumer Apps

original source

The key insight is that there are up to seven basic steps that any given REST endpoint will perform. For many endpoints, there are multiple different orders in which you could perform these steps, but there also happens to exist one specific order that always works for every endpoint. And as it turns out, there are substantial benefits to always performing these seven steps, or at least the subset that are necessary for any given endpoint, in the same way and in the same order:

  1. Specify permissions — Who is allowed to access this endpoint?
  2. Copy input to local variables — What parameters (query params or body params) does this endpoint take?
  3. Sanitize user input — User input must always be sanitized before further processing.
  4. Validate user input — Ensure the user has supplied all of the same required parameters for this endpoint in the correct format. If there are errors, aggregate all of the input validation errors into a dictionary-style response as described below.
  5. Enforce business requirements — Check for cases where the user is allowed to access the endpoint and submitted all of the required parameters correctly, but they aren’t allowed to perform a specific action due to the business logic of the application. E.g. creating an account with a username that has already been taken. If there is an error, return the first error that occurs, as described below.
  6. Perform business logic — Do whatever this endpoint is actually supposed to do, e.g. altering state in the database, returning data to the API consumer, sending data to a third-party processor, etc.
  7. Return HTTP response — Return any data necessary for the API consumer(s), along with a status code.

Microsoft Word - i.doc

original source

Sometimes it is essential to refer to other data. When referencing other data from outside data, it is essential that the identifier used for the reference specifies data that is, itself, immutable.

Be Slightly Evil

These dynamics can also work for you if you are trying to increase productivity in a team rather than block things. You need to build trust and goodwill by demonstrating a willingness to protect a sphere of improvisation” for your reports: a safe zone where you’ll let them operate slightly beyond the roles and rules, in order to get things done, and accept the blame and responsibility.