220 likes | 239 Views
http://flic.kr/p/7Az9cn. Webapp Design with System Sequence Diagrams. A Key Software Design Principle…. Also: Each of your objects should have only one reason to change. From Head First Software Development Chapter 5.
E N D
http://flic.kr/p/7Az9cn Webapp Design with System Sequence Diagrams
A Key Software Design Principle… Also: Each of your objects should have only one reason to change. From Head First Software Development Chapter 5
Design Questions:How many servlets should you have?How to assign responsibilities to servlets?
Creating System Sequence Diagrams (SSDs)can help! Model interactions between the system to be build and external actors • Capture one scenario of events • System is a black box • Emphasizes system events • Represented using UML sequence diagram notation
Consider a Use Case (UC) for a POS System Point-of-Sale (POS) System Use Case: Archetypal scenario of interaction w/ system http://flic.kr/p/4UtQzk
Process Sale Use Case (UC) Main Success Scenario • Customer arrives at POS checkout with goods to purchase • Cashier starts a new sale • Cashier enters item identifier • System records sale line item and presents item description, price, and running total Cashier repeats steps 3-4 until indicates done • System presents total, and asks for payment • Customer pays and System handles payment • System logs completed sale • System presents receipt
POS Example: Process Sale SSD System asblack box External actor Actor lifelines Time progresses downward
Process Sale UC Main Success Scenario • Customer arrives at POS checkout with goods to purchase • Cashier starts a new sale • Cashier enters item identifier • System records sale line item and presents item description, price, and running total Cashier repeats steps 3-4 until indicates done • System presents total, and asks for payment • Customer pays and System handles payment • System logs completed sale • System presents receipt
POS Example: Process Sale SSD Messageevent
Process Sale UC Main Success Scenario • Customer arrives at POS checkout with goods to purchase • Cashier starts a new sale • Cashier enters item identifier • System records sale line item and presents item description, price, and running total Cashier repeats steps 3-4 until indicates done • System presents total, and asks for payment • Customer pays and System handles payment • System logs completed sale • System presents receipt
Loop guard Loopingevent POS Example: Process Sale SSD “Return” values fromprevious message
Process Sale UC Main Success Scenario • Customer arrives at POS checkout with goods to purchase • Cashier starts a new sale • Cashier enters item identifier • System records sale line item and presents item description, price, and running total Cashier repeats steps 3-4 until indicates done • System presents total, and asks for payment • Customer pays and System handles payment • System logs completed sale • System presents receipt
Process Sale UC Main Success Scenario • Customer arrives at POS checkout with goods to purchase • Cashier starts a new sale • Cashier enters item identifier • System records sale line item and presents item description, price, and running total Cashier repeats steps 3-4 until indicates done • System presents total, and asks for payment • Customer pays and System handles payment • System logs completed sale • System presents receipt
Why are SSDs useful? • Help you come up with a minimal set of system operations your system must support • Each system operation can be a servlet System operations
System events discovered with the SSDs reveal System operations that handle the events all of which form The system interface
Translate this SSD into a servlet-based web app itemID: New Sale End Quant.: Enter Description: … Total: $ ... Total+tax: $ ... Payment: $ Enter Change: $... Receipt: … … …
Design Question:What standard actions should a servlet perform? • Validate input! • Perform appropriate interaction with model • Forward request to appropriate view
What types of bad input should you check for? Hint: http://xkcd.com/327/
What types of bad input should you check for? • Values that violate preconditions of model operations • SQL injection attacks • If input contains evil SQL snippet, and your program inserts that input into an SQL query, then ... • Cross-site scripting attacks • If input contains evil JavaScript snippet, and your program inserts that input into a web page, then … • Anything that might be a problem (hard!)
Recap • Single-Responsibility Principle (SRP) • Create SSDs to reveal system operations • Each servlet has responsibility to handle one system operation • Make sure your servlets validate input!