Data Access - Best Practice

Lars-Erik KindbladSenior ConsultantBlog: kindblad.com

Data Access – Best Practice

| Sector, Alliance, Offering

Agenda

Why is Data Access so important? Common issues in many applications How to solve these issues Summary


Why is Data Access so important?

Retrieving, creating, updating and deleting data are core operations Affects the entire application in a bad way if done incorrectly


Common issues in many applications


Code issues

The code in the data access layer is often put into a single or a few huge classes• Hard to maintain

Database queries are constructed in the frontend or business layer• Leads to messy frontend or business code

ORM framework limitations or lack of «ORM masters»• A lot of quickfixes

Doesn’t support rollback of changes when errors occurs


Performance issues

The application slow• Too many database queries• Too heavy database queries• Lazy loading• Poorly generated SQL by the ORM framework


Security issues

Vulnerable to SQL Injection Users get access to data they should not have access too


Quality issues

Many bugs• No tests• ... or tests that doesn’t test the important stuff


How to solve these issues


What do we want? Well structured data access code that is easy to maintain

• Small simple classes that does only one thing - Single Responsiblity Principle The application should be fast

• Only retrieve the data that we actually need – Criteria Pattern• Do as much as possible in one query – SQL Joins• Avoid lazy loading

The application should be secure• Use an ORM framework and/or use parameters instead of concatenated strings• Always check for permissions when retrieving, creating, updating or deleting data

Rollback uncomitted changes if anything goes wrong• Transaction support

As little dependency on the ORM as possible• Gateway Pattern

Frontend, Business and Data Access Code should be separated• Logical Layering

High quality – Bug free code• Integration tests


Example code


HOW TO:REDUCE ORM DEPENDENCIESSTRICTER LAYERINGROLLBACK IF ERROR OCCURSHAVE SIMPLE DATA ACCESS CODE


The Common Way

Frontend Layer

Business Layer

Data Access Layer

ORM

Query the Database

Query the Database

Query the Database


A Better Way

Frontend Layer

Business Layer

Data Access Layer

ORM

Query the Database

Transaction Management

Rollback, CommitORM Gateway

Initialize ORMTransaction management


DbContexGateway for FluentData


Data Access Layer


Business Layer


Frontend Layer


EFFICIENT DATA RETRIEVAL & FILTERING


Overview

Business Class

Frontend Class

Data Access Class

Criteria Pattern: Decide what data to retrieve and filter on

Business logic

Construct the most optimal and secure query


Frontend Layer


Business Layer


Data Access Layer


Overview

Business Layer

Frontend Layer

Data Access Layer

Transaction managementDecide what data to retrieve and filter on

Business logic

Construct the most optimal and secure query


HOW TO:GET A HIGH QUALITY APPLICATIONTHROUGH INTEGRATION TESTS


Test - CreateProductDbCommand


Test - GetProductsDbCommand


Summary

Have small simple classes that does only one thing Use the Criteria Pattern to decide what data to retrieve Use joins to retrieve as much data as needed in one query Avoid lazy loading Use parameters instead of concatenated strings Always check for permissions when retrieving, creating, updating or

deleting data Use transactions to rollback when errors occurs Use the Gateway Pattern to reduce ORM dependency Have a strict Frontend layer, Business layer, Data Access layer Verify quality through Integration Tests


QUESTIONS?

www.capgemini.com

The information contained in this presentation is proprietary. ©2010 Capgemini. All rights reserved

Technology

Data Access - Best Practice