Original: http: //t.cn/Eau2d0h
Translation: http: //21cto.com/article/2093
When you realize that you do at the beginning of the project a lightweight, simple idea turned out to be completely wrong when you've spent six months into this project.
Now you need to address these issues, in order for this system to continue to run it, you find that you use on this project energies far beyond your expectations, if you start to do the right way, this would not have happened thing.
Today, I want to tell you is a common mistake, a problem will bring you endless words, it is " the Users ."
This word has two fundamental errors:
1, "you need for the User " is almost never a good description.
2, " the User " will lead to a fundamental design security flaws.
The concept of "user" is ambiguous, the use of more accurate term is almost always play better results.
You do not have users
In the beginning, a software system without any user really exist. At first glance "user" is a good description, but you will realize that you want a little business logic is actually much more complex than that.
I will use three examples from an extreme situation.
Ticket booking system is not "users"
I have written to access to airline reservation system control logic, the following is only a small part of the demand:
Passengers can use the code to view the scheduled recording reservation information through the website.
Buyers after a four-digit credit card number can be modified by booking information on the site.
Travel agents can view and modify their reservation.
Airline check-in staff can view and modify subscription information based on roles and airlines, which requires passengers to provide identification information.
Not enumerated. Some basic concepts related to human beings "Passenger", "agent" (website but also seen as a proxy) and "buyers."
“user”这个概念根本没用,并且在许多请求中我根本不会使用这个单词,举个例子,我们的请求必须包括旅客和代理人的证件,而不是使用者的证件。
Unix 没有 “users”
我们看一个不太一样的例子。Unix (这些天被称为POSIX)有用户,他们可以登录并执行代码。这样看起来很不错吧?我们深入看一下。
如果我们把所有都当作“users”的话,我们将会有:使用终端或者图形界面登录的人
像邮件或者web服务器这种系统服务也会以“users”的身份运行,例如nginx可以以httpd用户运行。
在服务器上经常会有多人共享一个管理员账号用来SSH登录(例如,亚马逊的Ubuntu虚拟机默认SSH账号就是‘ubuntu’)
root 身份,和上面其他身份都不同。
上面四个是几乎不同的概念,但是在POSIX上他们都是 “users”. 一会儿我们就会看到,把这些概念都称为‘user’会导致很多安全问题。
在操作上,因为POSIX的用户模型边界存在,我们甚至不能找到一种方式说“只能让 Alice 和 Bob 通过这个账号登录”。
SaaS 服务提供商没有 “users”
Jeremy Green 最近就用户模型在SaaS中的应用在推特上发文,它第一次提醒了我写下这篇文章,他的基本观点是SaaS 服务几乎总是:
1、某个组织中的一个人支付服务费用。
2、一个或多个人共同使用这个服务。
如果你一开始就把这些人作为一个用户,你将会陷入一个痛苦的世界。你无法建立团队模型,你无法组建同时为多人支付的模型,然后你就会开始改造你的系统。现在你在SaaS案例中学到了一课,我们来看一看你的生活。
但是这只是众多例子中的一个:“users”的概念太模糊了。如果你开始怀疑“user”这个词,最终你可能发现最终你其实只需要两个概念:团队(用来组织关系和支付)和成员(实际使用服务的人)。
“Users” 是一个安全问题
"User" The word is not only the business logic of the problem, it also led to a series of security problems. "User" The word is so vague that it from the root of two concepts merged:
A person.
They representation in software.
To illustrate this, assume that you are visiting a ill-intentioned websites, images on its servers led to your browser out of memory. Remote site control of your browser, and begin to upload your files to his service. Why is it doing this?
Because the system is based on the identity of the user's browser running, it is considered the same as your human identity, in fact, you are different.
You as a 'user', do not want to upload files. But the account system is 'user', the ability to upload a file, if the browser is running under your account, all his actions will be deemed to be your intention, that is to say you let it do so, in fact, No.
This is known as Confused Deputy problems. If you use the "user" is the word to describe two fundamentally different things, then the problem is more likely to become part of your design.
The value of the pre-design
Spend less effort to deal with the same problem is the key to become a high-yield programmers. The use of vague concepts such as "user" to organize your software will bill a lot of time and effort to solve the problems occur in the future. One up on the start coding appears to be highly productive, the opposite is true.
The next time you start a new software project, you spend a few hours in advance to determine the terms and concepts: You still will not be completely correct, but you will do better. The future will thank you for all the work you do and the prevention of waste.
< END >