SlideShare a Scribd company logo

IN4308 Lecture 3

Eelco Visser
Eelco Visser

Lecture on WebDSL for course on model-driven software development at Delft University of Technology

1 of 112
Download to read offline
WebDSL a domain-specific language for web programming Lecture 3 Course IN4308 Eelco Visser http://eelcovisser.org Master Computer Science Delft University of Technology
Model-Driven Software Development Problem DSL HLL Machine Domain domain-specific models reduce gap between problem domain and implementation
Language/Model Composition code model model code code code modeling aspects of software system with different languages customization/extensibility of models
Research: Software Language Engineering Automatically derive efficient, scalable, incremental compiler + usable IDE from high-level, declarativelanguage definition
Research: Software Language Design Systematically design domain- specific software languages with optimal tradeoff between expressivity, completeness, portability, coverage, and maintainability
A Case Study in Domain- Specific Language Engineering Eelco Visser. WebDSL: A Case Study in Domain- Specific Language Engineering. GTTSE 2008: 291-373
The Web Domain browser server database web app code runs on server, browser, and database
Concerns in Web Programming ❖ Persistent data ★ data integrity ★ search ❖ User interface ★ data validation ★ styling, layout ★ navigation ★ actions ❖ Workflow and m ore ... ❖ Access control
Separation of Concerns in Web Programming Example ❖ Data modeling ★ Java classes with JPA annotations ❖ User interface ★ Java ServerFaces XML templates ★ Seam Java classes ❖ Access control ★ Acegi configuration/annotation
Problems in Web Programming ❖ Lack of integration ★ no inter-language consistency checking ★ leads to late (detection of) failures ❖ Low-level encoding ★ leads to boilerplate code
When Seam Fails Welcome #{user.name} Welcome #{user.nam}
When Rails Fails @post = Post.new(params[:get]) @post = Post.new(params[:post])
Late Failures in Web Applications Zef Hemel, Danny M. Groenewegen, Lennart C. L. Kats, Eelco Visser. Static consistency checking of web applications with WebDSL. Journal of Symbolic Computation, 46(2):150-182, 2011.
WebDSL Separation of Concerns & Linguistic Integration Danny M. Groenewegen, Zef Hemel, Eelco Visser. Separation of Concerns and Linguistic Integration in WebDSL. IEEE Software, 27(5), September/October 2010.
WebDSL Linguistic integration of ❖ Data models ❖ User interface templates ❖ Access control ❖ Data validation
webdsl.org <screenshot webdsl.org>
YellowGrass <screenshot yellowgrass>
researchr
1,190,303 publications http://researchr.org
publication records correct & extend
author profiles
bibliographies tagging reputation system access control rules user groups conference calendar community engineering etc.
18,000 lines of WebDSL code 138 (generated) tables in mysql
Data Models
Entity Declarations entity declaration property
Data Model for Wiki object identifier domain-specific type
Automatic Persistence Data Entity DB Model Classes Schema WebDSL Java DB Object Object Records
Embedded Queries entity Page { name :: String (id) content :: WikiText modified :: DateTime } function recentlyChanged(n : Int) : List<Page> { return from Page order by modified desc limit n; }
Extending Built-in Types type DateTime { // includes Date and Time types utils.DateType.format as format(String):String before(DateTime):Bool after(DateTime):Bool getTime():Long setTime(Long) } type WikiText{ org.webdsl.tools.WikiFormatter.wikiFormat as format():String } type Email { utils.EmailType.isValid as isValid():Bool } public class DateType { public static String format(Date d, String s){ return (new java.text.SimpleDateFormat(s).format(d,new StringBuffer(), new java.text.FieldPosition(0))).toString(); } }
Importing External Types native class org.json.JSONObject as JSONObject { constructor() constructor(String) get(String) : Object getBoolean(String) : Bool getDouble(String) : Double getInt(String) : Int getJSONArray(String) : JSONArray getJSONObject(String) : JSONObject getString(String) : String has(String) : Bool names() : JSONArray put(String, Object) toString() : String toString(Int) : String }
User Interface Templates
Page Definition & Navigation page navigation (page call) entity A { b -> B } entity B { name :: String } define page a(x : A) { navigate b(x.b){ output(x.b.name) } } define page b(y : B) { output(y.name) } page definiti on
Rendering Data rendering values define page page(p : Page) { header{output(p.name)} markup par{ output(p.content) } navigate editpage(p) { "[edit]" } }
Templates (Page Fragments) template definition define main() { includeCSS("wiki.css") top() block[class="content"] { elements() template call } parameter } define span top() { navigate root() {"Wiki"} }
wiki.css define span top() { navigate root() {"Wiki"} } wiki.css
Forms define page editpage(p : Page) { main{ header{output(p.name) " (Edit)"} data form{ binding input(p.content) submit action{ return page(p); } { "Save" } } } } submi t page flow no separate controller: page renders form and handles form submission
Forms navigate action
Non-Existing Wiki Pages navigate action
Creating Objects find/create object by id define page page(name : String) { var p := getUniquePage(name) main{ header{output(p.name)} par{ output(p.content) } navigate editpage(p) { "[edit]" } } }
Modifying Data define page editpage(p : Page) { main{ header{output(p.name) " (Edit)"} form{ input(p.content) submit action{return page(p.name);}{"Save"} } } } pass string
Core Wiki navigate creates page action
Page Index define page root() { main{ list{ for(p : Page order by p.name asc) { listitem{ navigate page(p.name){output(p.name)} } } } } }
Output Object = Navigation define output(p : Page) { navigate page(p.name) { output(p.name) } } define page root() { main{ list{ for(p : Page order by p.name asc) { listitem{ output(p) } } } } }
Output Object = Navigation define output(p : Page) { navigate page(p.name) { output(p.name) } } define output(p : Page) { define page navigate page(p) { output(p.name) } root() { main{ } list{ for(p : Page order by p.name asc) { listitem{ output(p) } } custom definition } default definition } }
Wrapping XML Templates define menubar(){ var elementid := "menu"+getUniqueTemplateId() includeCSS("dropdownmenu.css") <div class="menuwrapper" id=elementid all attributes> <ul id="p7menubar" class="menubar"> elements() </ul> define appmenu() { </div> } menubar{ define menu(){ menu{ <li class="menu" all attributes> elements() menuheader{ "Foo" } </li> menuitems{ } define menuheader(){ menuitem{ "Bar" } <span class="menuheader" all attributes> menuitem{ "Baz" } elements() </span> } } } define menuitems(){ <ul class="menuitems"> } elements() } </ul> } define menuitem(){ <li class="menuitem" all attributes> elements() </li> }
AJAX AJAX Michel Weststrate. Abstractions for Asynchronous User Interfaces in Web Applications. Master's thesis, Delft University of Technology, 2009.
AJAX Deliver page fragments, not just full pages ❖ Replace page elements by new fragments ❖ Templates are unit of replacement
Placeholders placeholder define page page(name : String) { var p : Page init{ p := findPage(name); } main{ placeholder pageBody { if(p == null) { pagenotfound(name) } else { showpage(p) } } } } default view
Replace define ajax showpage(p : Page) { header{output(p.name)} block[class:=content]{ output(p.content) } block[class:=modified]{ replace "Last modified on " output(p.modified) " " submitlink action{ replace(pageBody, editpage(p)); } { "[Edit]" } } block[class:=contributions]{ "Contributions by " output(p.authors) } } define ajax editpage(p : Page) { action save() { replace(pageBody, showpage(p)); } header{output(p.name) " (Edit)"} form{ par{ label("Text"){ input(p.content) } } submit save() { "Save" } } }
Inline Edit Text (Call by Ref) define page page(p : Page) { main{ editableText(p.content) } define ajax editableText(text : Ref<WikiText>) { placeholder showText { showWikiText(text) } } } } define ajax showWikiText(text : Ref<WikiText>) { editLink(text) output(text) } define span editLink(text: Ref<WikiText>) { action edit(){ replace(showText, editWikiText(text)); } submitlink edit() { "[edit]" } } define ajax editWikiText(text : Ref<WikiText>) { form{ input(text) submit action{ replace(showText, showWikiText(text)); }{ "Save" } } submit action{ replace(showText, showWikiText(text)); }{ "Cancel" } }
Email AJAX
Email Templates entity Registration { username :: String fullname :: String (name) email :: Email message :: WikiText password :: Secret status :: String created :: DateTime function register() { email confirmEmail(reg); } } define email confirmEmail(reg : Registration) { to(reg.email) subject("Verify your registration") par{ "Dear " output(reg.fullname) ", "} par{ "We have received a registration request for you" } par{ "To confirm the request follow this link: "} navigate registration(reg) {"confirm"} }
Search Search
Search search annotations search queries
Data Validation Data Validation Danny M. Groenewegen, Eelco Visser. Integration of Data Validation and User Interface Concerns in a DSL for Web Applications. Software and Systems Modeling, 2011.
Data Validation Check input & maintain data integrity Types of validation ❖ Data invariants ❖ Input assertions ❖ Action assertions (see paper) ❖ Value well-formedness (see paper) User interface integration ❖ Display errors
Validation Rules data validation form validation action assertions messages
Data Invariants
Data Invariants
Input Assertions
Customizing Error Messages define errorTemplateAction(messages : List<String>){ elements() block[class="validationErrors"] { for(ve: String in messages){ output(ve) } } }
Data Validation Lifecycle
Access Control Danny M. Groenewegen, Eelco Visser. Declarative Access Control for WebDSL: Combining Language Integration and Separation of Concerns. ICWE 2008: 175-188
Principal representation of principal turn on access control
securityContext representation of principal turn on access control
Authentication
Authentication
Authentication
Registration
Access Control Rules Access Control Rules
Access Control Rules Constraints over data model ❖ boolean expression over properties of objects Rules restrict access to resources ❖ page, template, action Infer restriction of navigation ❖ don’t show link to inaccessible page or forbidden action
Access Control Rules ‘may access page f with argument x if boolean expression e is true’
Wiki Access Control Rules ‘anyone can view existing pages, only logged in users can create pages’ ‘only logged in users may edit pages’
Wiki Access Control Rules
Wiki Access Control Rules
Wiki Access Control Rules
Wiki Access Control Rules
Access Control Policies Access Control Policies
Access Control Policies Standard Policies ❖ Mandatory access control (see paper) ❖ Discretionary access control ❖ Role-based access control Mixing policies ❖ Role-based + discretionary access control WebDSL ❖ No restrictions on access control policies
Encoding Access Control Policies Rules ❖ Who may access which resources? ❖ Who can apply which actions? Representation ❖ How are permissions stored? Administration ❖ How can permissions be changed? ❖ Who can change permissions?
Wiki: Data Model
Wiki: User Interface Templates (abbreviated to navigation structure)
Wiki: Generic Access Control Rules
Mandatory Access Control Security Labels ❖ Classification label protects object ★ Top Secret, Secret, Confidential, Unclassified ❖ Clearance indicates access of subject Confidentiality rules ❖ Read-down: clearance should be higher than or equal to classification document to read ❖ Write-up: clearance is lower than or equal to classification of document to write
MAC: representation
MAC: predicates
Discretionary Access Control Access control lists ❖ objects have owner ❖ owner grants, revokes users access to object Example: Unix file permissions ❖ read, write, execute permissions for ❖ owner, group, anyone
DAC: representation
DAC: predicates
DAC: administration
Role-Based Access Control Role: group of activities ❖ authorization assigned to roles ❖ users assigned to roles ❖ robust to organizational changes Hierarchical roles ❖ least privilege: use minimal permissions for task Separation of duties ❖ critical actions require coordination
RBAC: representation
RBAC: predicates
RBAC: administration
Mixing Access Control Policies Real policies ❖ Mix of DAC & RBAC ❖ AC rules are constraints over object graph WebDSL ❖ No policies built-in
AccessSummary Rules Control
Linguistic Integration ❖ Data models ★ automatic persistence ❖ User interface templates ★ parameterized definition of page fragments ★ request and response handling ❖ Data validation ★ form validation & data integrity ❖ Access control rules and policies ★ through constraints over objects
Customization and Extension Built-in ❖ Search (Lucene) ❖ Email ❖ Call-by-ref templates Extension points ❖ Embedded XML, JavaScript, HQL ❖ Importing ‘native’ classes ❖ Extending built-in types
The Future of Quarter 3 ❖ Lecture 4 (10/2 Thursday!) ★ Zef Hemel: mobl ❖ Lecture 5 (15/2) ★ Markus Voelter: DSLs in Industry ❖ Lecture Extra (22/2) ★ Sebastian Erdeweg: Sugar Libraries ❖ Lecture 6 (1/3) ★ Sander Vermolen: Coupled Data Evolution ❖ Lecture 7 (8/3) ★ Andre Boonzaaijer: Domain-Driven Design
Workflow Workflow Zef Hemel, Ruben Verhaaf, Eelco Visser. WebWorkFlow: An Object-Oriented Workflow Modeling Language for Web Applications. MoDELS 2008: 113-127 Note: WebWorkFlow is not supported by current version of WebDSL
Workflow Coordinating activities by participants WebWorkFlow - object-oriented workflow definition - integrate all aspects of workflow ★ data ★ user interface ★ access control ★ control-flow - abstractions on top of base WebDSL
WebWorkFlow by Example: Progress Meeting
workflow procedure workflow object procedure call process definition
parallel enable next step iterate
access control access control
action
no user interface
condition
Workflow Remarks Recursive workflows (see paper) Issue: user interface patterns for workflow Is workflow an anti-pattern? ❖ is workflow good interaction design? ❖ determine order of user actions ❖ what are alternatives?

Recommended

Building DSLs with the Spoofax Language Workbench
Building DSLs with the Spoofax Language WorkbenchBuilding DSLs with the Spoofax Language Workbench
Building DSLs with the Spoofax Language WorkbenchEelco Visser
 
DB2 Native XML
DB2 Native XMLDB2 Native XML
DB2 Native XMLAmol Pujari
 
Sqlxml vs xquery
Sqlxml vs xquerySqlxml vs xquery
Sqlxml vs xqueryAmol Pujari
 
Ruby sittin' on the Couch
Ruby sittin' on the CouchRuby sittin' on the Couch
Ruby sittin' on the Couchlangalex
 
jQuery Rescue Adventure
jQuery Rescue AdventurejQuery Rescue Adventure
jQuery Rescue AdventureAllegient
 
Doctrine and NoSQL
Doctrine and NoSQLDoctrine and NoSQL
Doctrine and NoSQLBenjamin Eberlei
 
Doctrine for NoSQL
Doctrine for NoSQLDoctrine for NoSQL
Doctrine for NoSQLBenjamin Eberlei
 
Spray Json and MongoDB Queries: Insights and Simple Tricks.
Spray Json and MongoDB Queries: Insights and Simple Tricks.Spray Json and MongoDB Queries: Insights and Simple Tricks.
Spray Json and MongoDB Queries: Insights and Simple Tricks.Andrii Lashchenko
 

Recommended

Building DSLs with the Spoofax Language Workbench
Building DSLs with the Spoofax Language WorkbenchBuilding DSLs with the Spoofax Language Workbench
Building DSLs with the Spoofax Language WorkbenchEelco Visser
 
DB2 Native XML
DB2 Native XMLDB2 Native XML
DB2 Native XMLAmol Pujari
 
Sqlxml vs xquery
Sqlxml vs xquerySqlxml vs xquery
Sqlxml vs xqueryAmol Pujari
 
Ruby sittin' on the Couch
Ruby sittin' on the CouchRuby sittin' on the Couch
Ruby sittin' on the Couchlangalex
 
jQuery Rescue Adventure
jQuery Rescue AdventurejQuery Rescue Adventure
jQuery Rescue AdventureAllegient
 
Doctrine and NoSQL
Doctrine and NoSQLDoctrine and NoSQL
Doctrine and NoSQLBenjamin Eberlei
 
Doctrine for NoSQL
Doctrine for NoSQLDoctrine for NoSQL
Doctrine for NoSQLBenjamin Eberlei
 
Spray Json and MongoDB Queries: Insights and Simple Tricks.
Spray Json and MongoDB Queries: Insights and Simple Tricks.Spray Json and MongoDB Queries: Insights and Simple Tricks.
Spray Json and MongoDB Queries: Insights and Simple Tricks.Andrii Lashchenko
 
Doctrine MongoDB Object Document Mapper
Doctrine MongoDB Object Document MapperDoctrine MongoDB Object Document Mapper
Doctrine MongoDB Object Document MapperJonathan Wage
 
ZendCon2010 Doctrine MongoDB ODM
ZendCon2010 Doctrine MongoDB ODMZendCon2010 Doctrine MongoDB ODM
ZendCon2010 Doctrine MongoDB ODMJonathan Wage
 
Symfony2 from the Trenches
Symfony2 from the TrenchesSymfony2 from the Trenches
Symfony2 from the TrenchesJonathan Wage
 
jQuery
jQueryjQuery
jQueryJay Poojara
 
Symfony Day 2010 Doctrine MongoDB ODM
Symfony Day 2010 Doctrine MongoDB ODMSymfony Day 2010 Doctrine MongoDB ODM
Symfony Day 2010 Doctrine MongoDB ODMJonathan Wage
 
J query1
J query1J query1
J query1Manav Prasad
 
J query
J queryJ query
J queryManav Prasad
 
2013-03-23 - NoSQL Spartakiade
2013-03-23 - NoSQL Spartakiade2013-03-23 - NoSQL Spartakiade
2013-03-23 - NoSQL SpartakiadeJohannes Hoppe
 
jQuery Fundamentals
jQuery FundamentalsjQuery Fundamentals
jQuery FundamentalsGil Fink
 
Postgre(No)SQL - A JSON journey
Postgre(No)SQL - A JSON journeyPostgre(No)SQL - A JSON journey
Postgre(No)SQL - A JSON journeyNicola Moretto
 
Kotlin dsl
Kotlin dslKotlin dsl
Kotlin dslRoque Buarque Junior
 
A evolução da persistência de dados (com sqlite) no android
A evolução da persistência de dados (com sqlite) no androidA evolução da persistência de dados (com sqlite) no android
A evolução da persistência de dados (com sqlite) no androidRodrigo de Souza Castro
 
SharePointfest Denver - A jQuery Primer for SharePoint
SharePointfest Denver - A jQuery Primer for SharePointSharePointfest Denver - A jQuery Primer for SharePoint
SharePointfest Denver - A jQuery Primer for SharePointMarc D Anderson
 
Hidden Treasures of the Python Standard Library
Hidden Treasures of the Python Standard LibraryHidden Treasures of the Python Standard Library
Hidden Treasures of the Python Standard Librarydoughellmann
 
JSON
JSONJSON
JSONYoga Raja
 
R data interfaces
R data interfacesR data interfaces
R data interfacesBhavesh Sarvaiya
 
Metaworks3
Metaworks3Metaworks3
Metaworks3uEngine Solutions
 
A Rich Web Experience with jQuery, Ajax and .NET
A Rich Web Experience with jQuery, Ajax and .NETA Rich Web Experience with jQuery, Ajax and .NET
A Rich Web Experience with jQuery, Ajax and .NETJames Johnson
 
03DOM.ppt
03DOM.ppt03DOM.ppt
03DOM.pptBhavani Testone
 
Static name resolution
Static name resolutionStatic name resolution
Static name resolutionEelco Visser
 
Software languages
Software languagesSoftware languages
Software languagesEelco Visser
 
Type analysis
Type analysisType analysis
Type analysisEelco Visser
 

More Related Content

What's hot

Doctrine MongoDB Object Document Mapper
Doctrine MongoDB Object Document MapperDoctrine MongoDB Object Document Mapper
Doctrine MongoDB Object Document MapperJonathan Wage
 
ZendCon2010 Doctrine MongoDB ODM
ZendCon2010 Doctrine MongoDB ODMZendCon2010 Doctrine MongoDB ODM
ZendCon2010 Doctrine MongoDB ODMJonathan Wage
 
Symfony2 from the Trenches
Symfony2 from the TrenchesSymfony2 from the Trenches
Symfony2 from the TrenchesJonathan Wage
 
Symfony Day 2010 Doctrine MongoDB ODM
Symfony Day 2010 Doctrine MongoDB ODMSymfony Day 2010 Doctrine MongoDB ODM
Symfony Day 2010 Doctrine MongoDB ODMJonathan Wage
 
2013-03-23 - NoSQL Spartakiade
2013-03-23 - NoSQL Spartakiade2013-03-23 - NoSQL Spartakiade
2013-03-23 - NoSQL SpartakiadeJohannes Hoppe
 
jQuery Fundamentals
jQuery FundamentalsjQuery Fundamentals
jQuery FundamentalsGil Fink
 
Postgre(No)SQL - A JSON journey
Postgre(No)SQL - A JSON journeyPostgre(No)SQL - A JSON journey
Postgre(No)SQL - A JSON journeyNicola Moretto
 
A evolução da persistência de dados (com sqlite) no android
A evolução da persistência de dados (com sqlite) no androidA evolução da persistência de dados (com sqlite) no android
A evolução da persistência de dados (com sqlite) no androidRodrigo de Souza Castro
 
SharePointfest Denver - A jQuery Primer for SharePoint
SharePointfest Denver - A jQuery Primer for SharePointSharePointfest Denver - A jQuery Primer for SharePoint
SharePointfest Denver - A jQuery Primer for SharePointMarc D Anderson
 
Hidden Treasures of the Python Standard Library
Hidden Treasures of the Python Standard LibraryHidden Treasures of the Python Standard Library
Hidden Treasures of the Python Standard Librarydoughellmann
 
A Rich Web Experience with jQuery, Ajax and .NET
A Rich Web Experience with jQuery, Ajax and .NETA Rich Web Experience with jQuery, Ajax and .NET
A Rich Web Experience with jQuery, Ajax and .NETJames Johnson
 

What's hot (19)

Doctrine MongoDB Object Document Mapper
Doctrine MongoDB Object Document MapperDoctrine MongoDB Object Document Mapper
Doctrine MongoDB Object Document Mapper
 
ZendCon2010 Doctrine MongoDB ODM
ZendCon2010 Doctrine MongoDB ODMZendCon2010 Doctrine MongoDB ODM
ZendCon2010 Doctrine MongoDB ODM
 
Symfony2 from the Trenches
Symfony2 from the TrenchesSymfony2 from the Trenches
Symfony2 from the Trenches
 
jQuery
jQueryjQuery
jQuery
 
Symfony Day 2010 Doctrine MongoDB ODM
Symfony Day 2010 Doctrine MongoDB ODMSymfony Day 2010 Doctrine MongoDB ODM
Symfony Day 2010 Doctrine MongoDB ODM
 
J query1
J query1J query1
J query1
 
J query
J queryJ query
J query
 
2013-03-23 - NoSQL Spartakiade
2013-03-23 - NoSQL Spartakiade2013-03-23 - NoSQL Spartakiade
2013-03-23 - NoSQL Spartakiade
 
jQuery Fundamentals
jQuery FundamentalsjQuery Fundamentals
jQuery Fundamentals
 
Postgre(No)SQL - A JSON journey
Postgre(No)SQL - A JSON journeyPostgre(No)SQL - A JSON journey
Postgre(No)SQL - A JSON journey
 
Kotlin dsl
Kotlin dslKotlin dsl
Kotlin dsl
 
A evolução da persistência de dados (com sqlite) no android
A evolução da persistência de dados (com sqlite) no androidA evolução da persistência de dados (com sqlite) no android
A evolução da persistência de dados (com sqlite) no android
 
SharePointfest Denver - A jQuery Primer for SharePoint
SharePointfest Denver - A jQuery Primer for SharePointSharePointfest Denver - A jQuery Primer for SharePoint
SharePointfest Denver - A jQuery Primer for SharePoint
 
Hidden Treasures of the Python Standard Library
Hidden Treasures of the Python Standard LibraryHidden Treasures of the Python Standard Library
Hidden Treasures of the Python Standard Library
 
JSON
JSONJSON
JSON
 
R data interfaces
R data interfacesR data interfaces
R data interfaces
 
Metaworks3
Metaworks3Metaworks3
Metaworks3
 
A Rich Web Experience with jQuery, Ajax and .NET
A Rich Web Experience with jQuery, Ajax and .NETA Rich Web Experience with jQuery, Ajax and .NET
A Rich Web Experience with jQuery, Ajax and .NET
 
03DOM.ppt
03DOM.ppt03DOM.ppt
03DOM.ppt
 

Viewers also liked

Static name resolution
Static name resolutionStatic name resolution
Static name resolutionEelco Visser
 
Software languages
Software languagesSoftware languages
Software languagesEelco Visser
 
Thesis Statement
Thesis StatementThesis Statement
Thesis StatementMrs_Bishoff
 
Garbage Collection
Garbage CollectionGarbage Collection
Garbage CollectionEelco Visser
 

Viewers also liked (6)

Static name resolution
Static name resolutionStatic name resolution
Static name resolution
 
Software languages
Software languagesSoftware languages
Software languages
 
Type analysis
Type analysisType analysis
Type analysis
 
Thesis Statement
Thesis StatementThesis Statement
Thesis Statement
 
Dynamic Semantics
Dynamic SemanticsDynamic Semantics
Dynamic Semantics
 
Garbage Collection
Garbage CollectionGarbage Collection
Garbage Collection
 

Similar to IN4308 Lecture 3

Linguistic Abstraction for the Web
Linguistic Abstraction for the WebLinguistic Abstraction for the Web
Linguistic Abstraction for the WebEelco Visser
 
Software Language Design & Engineering
Software Language Design & EngineeringSoftware Language Design & Engineering
Software Language Design & EngineeringEelco Visser
 
EclipseCon2011 Cross-Platform Mobile Development with Eclipse
EclipseCon2011 Cross-Platform Mobile Development with EclipseEclipseCon2011 Cross-Platform Mobile Development with Eclipse
EclipseCon2011 Cross-Platform Mobile Development with EclipseHeiko Behrens
 
Intorduction of Playframework
Intorduction of PlayframeworkIntorduction of Playframework
Intorduction of Playframeworkmaltiyadav
 
Software Language Design & Engineering: Mobl & Spoofax
Software Language Design & Engineering: Mobl & SpoofaxSoftware Language Design & Engineering: Mobl & Spoofax
Software Language Design & Engineering: Mobl & SpoofaxEelco Visser
 
Jython: Python para la plataforma Java (EL2009)
Jython: Python para la plataforma Java (EL2009)Jython: Python para la plataforma Java (EL2009)
Jython: Python para la plataforma Java (EL2009)Leonardo Soto
 
J query b_dotnet_ug_meet_12_may_2012
J query b_dotnet_ug_meet_12_may_2012J query b_dotnet_ug_meet_12_may_2012
J query b_dotnet_ug_meet_12_may_2012ghnash
 
Overview of The Scala Based Lift Web Framework
Overview of The Scala Based Lift Web FrameworkOverview of The Scala Based Lift Web Framework
Overview of The Scala Based Lift Web FrameworkIndicThreads
 
Scala based Lift Framework
Scala based Lift FrameworkScala based Lift Framework
Scala based Lift Frameworkvhazrati
 
jQuery - Chapter 4 - DOM Handling
jQuery - Chapter 4 - DOM Handling jQuery - Chapter 4 - DOM Handling
jQuery - Chapter 4 - DOM Handling WebStackAcademy
 
Intoduction on Playframework
Intoduction on PlayframeworkIntoduction on Playframework
Intoduction on PlayframeworkKnoldus Inc.
 
Backbone.js: Run your Application Inside The Browser
Backbone.js: Run your Application Inside The BrowserBackbone.js: Run your Application Inside The Browser
Backbone.js: Run your Application Inside The BrowserHoward Lewis Ship
 
Rails vs Web2py
Rails vs Web2pyRails vs Web2py
Rails vs Web2pyjonromero
 
Local storage in Web apps
Local storage in Web appsLocal storage in Web apps
Local storage in Web appsIvano Malavolta
 
Software Language Evolution
Software Language EvolutionSoftware Language Evolution
Software Language EvolutionSander Vermolen
 

Similar to IN4308 Lecture 3 (20)

Linguistic Abstraction for the Web
Linguistic Abstraction for the WebLinguistic Abstraction for the Web
Linguistic Abstraction for the Web
 
Software Language Design & Engineering
Software Language Design & EngineeringSoftware Language Design & Engineering
Software Language Design & Engineering
 
EclipseCon2011 Cross-Platform Mobile Development with Eclipse
EclipseCon2011 Cross-Platform Mobile Development with EclipseEclipseCon2011 Cross-Platform Mobile Development with Eclipse
EclipseCon2011 Cross-Platform Mobile Development with Eclipse
 
Html5 For Jjugccc2009fall
Html5 For Jjugccc2009fallHtml5 For Jjugccc2009fall
Html5 For Jjugccc2009fall
 
Play!ng with scala
Play!ng with scalaPlay!ng with scala
Play!ng with scala
 
Intorduction of Playframework
Intorduction of PlayframeworkIntorduction of Playframework
Intorduction of Playframework
 
Software Language Design & Engineering: Mobl & Spoofax
Software Language Design & Engineering: Mobl & SpoofaxSoftware Language Design & Engineering: Mobl & Spoofax
Software Language Design & Engineering: Mobl & Spoofax
 
Jython: Python para la plataforma Java (EL2009)
Jython: Python para la plataforma Java (EL2009)Jython: Python para la plataforma Java (EL2009)
Jython: Python para la plataforma Java (EL2009)
 
J query b_dotnet_ug_meet_12_may_2012
J query b_dotnet_ug_meet_12_may_2012J query b_dotnet_ug_meet_12_may_2012
J query b_dotnet_ug_meet_12_may_2012
 
Overview Of Lift Framework
Overview Of Lift FrameworkOverview Of Lift Framework
Overview Of Lift Framework
 
Overview of The Scala Based Lift Web Framework
Overview of The Scala Based Lift Web FrameworkOverview of The Scala Based Lift Web Framework
Overview of The Scala Based Lift Web Framework
 
Scala based Lift Framework
Scala based Lift FrameworkScala based Lift Framework
Scala based Lift Framework
 
jQuery - Chapter 4 - DOM Handling
jQuery - Chapter 4 - DOM Handling jQuery - Chapter 4 - DOM Handling
jQuery - Chapter 4 - DOM Handling
 
Intoduction on Playframework
Intoduction on PlayframeworkIntoduction on Playframework
Intoduction on Playframework
 
Backbone.js: Run your Application Inside The Browser
Backbone.js: Run your Application Inside The BrowserBackbone.js: Run your Application Inside The Browser
Backbone.js: Run your Application Inside The Browser
 
Rails vs Web2py
Rails vs Web2pyRails vs Web2py
Rails vs Web2py
 
jQuery
jQueryjQuery
jQuery
 
Local storage in Web apps
Local storage in Web appsLocal storage in Web apps
Local storage in Web apps
 
Intake 37 ef2
Intake 37 ef2Intake 37 ef2
Intake 37 ef2
 
Software Language Evolution
Software Language EvolutionSoftware Language Evolution
Software Language Evolution
 

More from Eelco Visser

CS4200 2019 | Lecture 5 | Transformation by Term Rewriting
CS4200 2019 | Lecture 5 | Transformation by Term RewritingCS4200 2019 | Lecture 5 | Transformation by Term Rewriting
CS4200 2019 | Lecture 5 | Transformation by Term RewritingEelco Visser
 
CS4200 2019 | Lecture 4 | Syntactic Services
CS4200 2019 | Lecture 4 | Syntactic ServicesCS4200 2019 | Lecture 4 | Syntactic Services
CS4200 2019 | Lecture 4 | Syntactic ServicesEelco Visser
 
CS4200 2019 | Lecture 3 | Parsing
CS4200 2019 | Lecture 3 | ParsingCS4200 2019 | Lecture 3 | Parsing
CS4200 2019 | Lecture 3 | ParsingEelco Visser
 
CS4200 2019 | Lecture 2 | syntax-definition
CS4200 2019 | Lecture 2 | syntax-definitionCS4200 2019 | Lecture 2 | syntax-definition
CS4200 2019 | Lecture 2 | syntax-definitionEelco Visser
 
CS4200 2019 Lecture 1: Introduction
CS4200 2019 Lecture 1: IntroductionCS4200 2019 Lecture 1: Introduction
CS4200 2019 Lecture 1: IntroductionEelco Visser
 
A Direct Semantics of Declarative Disambiguation Rules
A Direct Semantics of Declarative Disambiguation RulesA Direct Semantics of Declarative Disambiguation Rules
A Direct Semantics of Declarative Disambiguation RulesEelco Visser
 
Declarative Type System Specification with Statix
Declarative Type System Specification with StatixDeclarative Type System Specification with Statix
Declarative Type System Specification with StatixEelco Visser
 
Compiler Construction | Lecture 17 | Beyond Compiler Construction
Compiler Construction | Lecture 17 | Beyond Compiler ConstructionCompiler Construction | Lecture 17 | Beyond Compiler Construction
Compiler Construction | Lecture 17 | Beyond Compiler ConstructionEelco Visser
 
Domain Specific Languages for Parallel Graph AnalytiX (PGX)
Domain Specific Languages for Parallel Graph AnalytiX (PGX)Domain Specific Languages for Parallel Graph AnalytiX (PGX)
Domain Specific Languages for Parallel Graph AnalytiX (PGX)Eelco Visser
 
Compiler Construction | Lecture 15 | Memory Management
Compiler Construction | Lecture 15 | Memory ManagementCompiler Construction | Lecture 15 | Memory Management
Compiler Construction | Lecture 15 | Memory ManagementEelco Visser
 
Compiler Construction | Lecture 14 | Interpreters
Compiler Construction | Lecture 14 | InterpretersCompiler Construction | Lecture 14 | Interpreters
Compiler Construction | Lecture 14 | InterpretersEelco Visser
 
Compiler Construction | Lecture 13 | Code Generation
Compiler Construction | Lecture 13 | Code GenerationCompiler Construction | Lecture 13 | Code Generation
Compiler Construction | Lecture 13 | Code GenerationEelco Visser
 
Compiler Construction | Lecture 12 | Virtual Machines
Compiler Construction | Lecture 12 | Virtual MachinesCompiler Construction | Lecture 12 | Virtual Machines
Compiler Construction | Lecture 12 | Virtual MachinesEelco Visser
 
Compiler Construction | Lecture 11 | Monotone Frameworks
Compiler Construction | Lecture 11 | Monotone FrameworksCompiler Construction | Lecture 11 | Monotone Frameworks
Compiler Construction | Lecture 11 | Monotone FrameworksEelco Visser
 
Compiler Construction | Lecture 10 | Data-Flow Analysis
Compiler Construction | Lecture 10 | Data-Flow AnalysisCompiler Construction | Lecture 10 | Data-Flow Analysis
Compiler Construction | Lecture 10 | Data-Flow AnalysisEelco Visser
 
Compiler Construction | Lecture 9 | Constraint Resolution
Compiler Construction | Lecture 9 | Constraint ResolutionCompiler Construction | Lecture 9 | Constraint Resolution
Compiler Construction | Lecture 9 | Constraint ResolutionEelco Visser
 
Compiler Construction | Lecture 8 | Type Constraints
Compiler Construction | Lecture 8 | Type ConstraintsCompiler Construction | Lecture 8 | Type Constraints
Compiler Construction | Lecture 8 | Type ConstraintsEelco Visser
 
Compiler Construction | Lecture 7 | Type Checking
Compiler Construction | Lecture 7 | Type CheckingCompiler Construction | Lecture 7 | Type Checking
Compiler Construction | Lecture 7 | Type CheckingEelco Visser
 
Compiler Construction | Lecture 6 | Introduction to Static Analysis
Compiler Construction | Lecture 6 | Introduction to Static AnalysisCompiler Construction | Lecture 6 | Introduction to Static Analysis
Compiler Construction | Lecture 6 | Introduction to Static AnalysisEelco Visser
 
Compiler Construction | Lecture 5 | Transformation by Term Rewriting
Compiler Construction | Lecture 5 | Transformation by Term RewritingCompiler Construction | Lecture 5 | Transformation by Term Rewriting
Compiler Construction | Lecture 5 | Transformation by Term RewritingEelco Visser
 

More from Eelco Visser (20)

CS4200 2019 | Lecture 5 | Transformation by Term Rewriting
CS4200 2019 | Lecture 5 | Transformation by Term RewritingCS4200 2019 | Lecture 5 | Transformation by Term Rewriting
CS4200 2019 | Lecture 5 | Transformation by Term Rewriting
 
CS4200 2019 | Lecture 4 | Syntactic Services
CS4200 2019 | Lecture 4 | Syntactic ServicesCS4200 2019 | Lecture 4 | Syntactic Services
CS4200 2019 | Lecture 4 | Syntactic Services
 
CS4200 2019 | Lecture 3 | Parsing
CS4200 2019 | Lecture 3 | ParsingCS4200 2019 | Lecture 3 | Parsing
CS4200 2019 | Lecture 3 | Parsing
 
CS4200 2019 | Lecture 2 | syntax-definition
CS4200 2019 | Lecture 2 | syntax-definitionCS4200 2019 | Lecture 2 | syntax-definition
CS4200 2019 | Lecture 2 | syntax-definition
 
CS4200 2019 Lecture 1: Introduction
CS4200 2019 Lecture 1: IntroductionCS4200 2019 Lecture 1: Introduction
CS4200 2019 Lecture 1: Introduction
 
A Direct Semantics of Declarative Disambiguation Rules
A Direct Semantics of Declarative Disambiguation RulesA Direct Semantics of Declarative Disambiguation Rules
A Direct Semantics of Declarative Disambiguation Rules
 
Declarative Type System Specification with Statix
Declarative Type System Specification with StatixDeclarative Type System Specification with Statix
Declarative Type System Specification with Statix
 
Compiler Construction | Lecture 17 | Beyond Compiler Construction
Compiler Construction | Lecture 17 | Beyond Compiler ConstructionCompiler Construction | Lecture 17 | Beyond Compiler Construction
Compiler Construction | Lecture 17 | Beyond Compiler Construction
 
Domain Specific Languages for Parallel Graph AnalytiX (PGX)
Domain Specific Languages for Parallel Graph AnalytiX (PGX)Domain Specific Languages for Parallel Graph AnalytiX (PGX)
Domain Specific Languages for Parallel Graph AnalytiX (PGX)
 
Compiler Construction | Lecture 15 | Memory Management
Compiler Construction | Lecture 15 | Memory ManagementCompiler Construction | Lecture 15 | Memory Management
Compiler Construction | Lecture 15 | Memory Management
 
Compiler Construction | Lecture 14 | Interpreters
Compiler Construction | Lecture 14 | InterpretersCompiler Construction | Lecture 14 | Interpreters
Compiler Construction | Lecture 14 | Interpreters
 
Compiler Construction | Lecture 13 | Code Generation
Compiler Construction | Lecture 13 | Code GenerationCompiler Construction | Lecture 13 | Code Generation
Compiler Construction | Lecture 13 | Code Generation
 
Compiler Construction | Lecture 12 | Virtual Machines
Compiler Construction | Lecture 12 | Virtual MachinesCompiler Construction | Lecture 12 | Virtual Machines
Compiler Construction | Lecture 12 | Virtual Machines
 
Compiler Construction | Lecture 11 | Monotone Frameworks
Compiler Construction | Lecture 11 | Monotone FrameworksCompiler Construction | Lecture 11 | Monotone Frameworks
Compiler Construction | Lecture 11 | Monotone Frameworks
 
Compiler Construction | Lecture 10 | Data-Flow Analysis
Compiler Construction | Lecture 10 | Data-Flow AnalysisCompiler Construction | Lecture 10 | Data-Flow Analysis
Compiler Construction | Lecture 10 | Data-Flow Analysis
 
Compiler Construction | Lecture 9 | Constraint Resolution
Compiler Construction | Lecture 9 | Constraint ResolutionCompiler Construction | Lecture 9 | Constraint Resolution
Compiler Construction | Lecture 9 | Constraint Resolution
 
Compiler Construction | Lecture 8 | Type Constraints
Compiler Construction | Lecture 8 | Type ConstraintsCompiler Construction | Lecture 8 | Type Constraints
Compiler Construction | Lecture 8 | Type Constraints
 
Compiler Construction | Lecture 7 | Type Checking
Compiler Construction | Lecture 7 | Type CheckingCompiler Construction | Lecture 7 | Type Checking
Compiler Construction | Lecture 7 | Type Checking
 
Compiler Construction | Lecture 6 | Introduction to Static Analysis
Compiler Construction | Lecture 6 | Introduction to Static AnalysisCompiler Construction | Lecture 6 | Introduction to Static Analysis
Compiler Construction | Lecture 6 | Introduction to Static Analysis
 
Compiler Construction | Lecture 5 | Transformation by Term Rewriting
Compiler Construction | Lecture 5 | Transformation by Term RewritingCompiler Construction | Lecture 5 | Transformation by Term Rewriting
Compiler Construction | Lecture 5 | Transformation by Term Rewriting
 

IN4308 Lecture 3

  • 1. WebDSL a domain-specific language for web programming Lecture 3 Course IN4308 Eelco Visser http://eelcovisser.org Master Computer Science Delft University of Technology
  • 2. Model-Driven Software Development Problem DSL HLL Machine Domain domain-specific models reduce gap between problem domain and implementation
  • 3. Language/Model Composition code model model code code code modeling aspects of software system with different languages customization/extensibility of models
  • 4. Research: Software Language Engineering Automatically derive efficient, scalable, incremental compiler + usable IDE from high-level, declarativelanguage definition
  • 5. Research: Software Language Design Systematically design domain- specific software languages with optimal tradeoff between expressivity, completeness, portability, coverage, and maintainability
  • 6. A Case Study in Domain- Specific Language Engineering Eelco Visser. WebDSL: A Case Study in Domain- Specific Language Engineering. GTTSE 2008: 291-373
  • 7. The Web Domain browser server database web app code runs on server, browser, and database
  • 8. Concerns in Web Programming ❖ Persistent data ★ data integrity ★ search ❖ User interface ★ data validation ★ styling, layout ★ navigation ★ actions ❖ Workflow and m ore ... ❖ Access control
  • 9. Separation of Concerns in Web Programming Example ❖ Data modeling ★ Java classes with JPA annotations ❖ User interface ★ Java ServerFaces XML templates ★ Seam Java classes ❖ Access control ★ Acegi configuration/annotation
  • 10. Problems in Web Programming ❖ Lack of integration ★ no inter-language consistency checking ★ leads to late (detection of) failures ❖ Low-level encoding ★ leads to boilerplate code
  • 11. When Seam Fails Welcome #{user.name} Welcome #{user.nam}
  • 12. When Rails Fails @post = Post.new(params[:get]) @post = Post.new(params[:post])
  • 13. Late Failures in Web Applications Zef Hemel, Danny M. Groenewegen, Lennart C. L. Kats, Eelco Visser. Static consistency checking of web applications with WebDSL. Journal of Symbolic Computation, 46(2):150-182, 2011.
  • 14. WebDSL Separation of Concerns & Linguistic Integration Danny M. Groenewegen, Zef Hemel, Eelco Visser. Separation of Concerns and Linguistic Integration in WebDSL. IEEE Software, 27(5), September/October 2010.
  • 15. WebDSL Linguistic integration of ❖ Data models ❖ User interface templates ❖ Access control ❖ Data validation
  • 20. publication records correct & extend
  • 22. bibliographies tagging reputation system access control rules user groups conference calendar community engineering etc.
  • 23. 18,000 lines of WebDSL code 138 (generated) tables in mysql
  • 26. Data Model for Wiki object identifier domain-specific type
  • 27. Automatic Persistence Data Entity DB Model Classes Schema WebDSL Java DB Object Object Records
  • 28. Embedded Queries entity Page { name :: String (id) content :: WikiText modified :: DateTime } function recentlyChanged(n : Int) : List<Page> { return from Page order by modified desc limit n; }
  • 29. Extending Built-in Types type DateTime { // includes Date and Time types utils.DateType.format as format(String):String before(DateTime):Bool after(DateTime):Bool getTime():Long setTime(Long) } type WikiText{ org.webdsl.tools.WikiFormatter.wikiFormat as format():String } type Email { utils.EmailType.isValid as isValid():Bool } public class DateType { public static String format(Date d, String s){ return (new java.text.SimpleDateFormat(s).format(d,new StringBuffer(), new java.text.FieldPosition(0))).toString(); } }
  • 30. Importing External Types native class org.json.JSONObject as JSONObject { constructor() constructor(String) get(String) : Object getBoolean(String) : Bool getDouble(String) : Double getInt(String) : Int getJSONArray(String) : JSONArray getJSONObject(String) : JSONObject getString(String) : String has(String) : Bool names() : JSONArray put(String, Object) toString() : String toString(Int) : String }
  • 32. Page Definition & Navigation page navigation (page call) entity A { b -> B } entity B { name :: String } define page a(x : A) { navigate b(x.b){ output(x.b.name) } } define page b(y : B) { output(y.name) } page definiti on
  • 33. Rendering Data rendering values define page page(p : Page) { header{output(p.name)} markup par{ output(p.content) } navigate editpage(p) { "[edit]" } }
  • 34. Templates (Page Fragments) template definition define main() { includeCSS("wiki.css") top() block[class="content"] { elements() template call } parameter } define span top() { navigate root() {"Wiki"} }
  • 35. wiki.css define span top() { navigate root() {"Wiki"} } wiki.css
  • 36. Forms define page editpage(p : Page) { main{ header{output(p.name) " (Edit)"} data form{ binding input(p.content) submit action{ return page(p); } { "Save" } } } } submi t page flow no separate controller: page renders form and handles form submission
  • 37. Forms navigate action
  • 38. Non-Existing Wiki Pages navigate action
  • 39. Creating Objects find/create object by id define page page(name : String) { var p := getUniquePage(name) main{ header{output(p.name)} par{ output(p.content) } navigate editpage(p) { "[edit]" } } }
  • 40. Modifying Data define page editpage(p : Page) { main{ header{output(p.name) " (Edit)"} form{ input(p.content) submit action{return page(p.name);}{"Save"} } } } pass string
  • 41. Core Wiki navigate creates page action
  • 42. Page Index define page root() { main{ list{ for(p : Page order by p.name asc) { listitem{ navigate page(p.name){output(p.name)} } } } } }
  • 43. Output Object = Navigation define output(p : Page) { navigate page(p.name) { output(p.name) } } define page root() { main{ list{ for(p : Page order by p.name asc) { listitem{ output(p) } } } } }
  • 44. Output Object = Navigation define output(p : Page) { navigate page(p.name) { output(p.name) } } define output(p : Page) { define page navigate page(p) { output(p.name) } root() { main{ } list{ for(p : Page order by p.name asc) { listitem{ output(p) } } custom definition } default definition } }
  • 45. Wrapping XML Templates define menubar(){ var elementid := "menu"+getUniqueTemplateId() includeCSS("dropdownmenu.css") <div class="menuwrapper" id=elementid all attributes> <ul id="p7menubar" class="menubar"> elements() </ul> define appmenu() { </div> } menubar{ define menu(){ menu{ <li class="menu" all attributes> elements() menuheader{ "Foo" } </li> menuitems{ } define menuheader(){ menuitem{ "Bar" } <span class="menuheader" all attributes> menuitem{ "Baz" } elements() </span> } } } define menuitems(){ <ul class="menuitems"> } elements() } </ul> } define menuitem(){ <li class="menuitem" all attributes> elements() </li> }
  • 46. AJAX AJAX Michel Weststrate. Abstractions for Asynchronous User Interfaces in Web Applications. Master's thesis, Delft University of Technology, 2009.
  • 47. AJAX Deliver page fragments, not just full pages ❖ Replace page elements by new fragments ❖ Templates are unit of replacement
  • 48. Placeholders placeholder define page page(name : String) { var p : Page init{ p := findPage(name); } main{ placeholder pageBody { if(p == null) { pagenotfound(name) } else { showpage(p) } } } } default view
  • 49. Replace define ajax showpage(p : Page) { header{output(p.name)} block[class:=content]{ output(p.content) } block[class:=modified]{ replace "Last modified on " output(p.modified) " " submitlink action{ replace(pageBody, editpage(p)); } { "[Edit]" } } block[class:=contributions]{ "Contributions by " output(p.authors) } } define ajax editpage(p : Page) { action save() { replace(pageBody, showpage(p)); } header{output(p.name) " (Edit)"} form{ par{ label("Text"){ input(p.content) } } submit save() { "Save" } } }
  • 50. Inline Edit Text (Call by Ref) define page page(p : Page) { main{ editableText(p.content) } define ajax editableText(text : Ref<WikiText>) { placeholder showText { showWikiText(text) } } } } define ajax showWikiText(text : Ref<WikiText>) { editLink(text) output(text) } define span editLink(text: Ref<WikiText>) { action edit(){ replace(showText, editWikiText(text)); } submitlink edit() { "[edit]" } } define ajax editWikiText(text : Ref<WikiText>) { form{ input(text) submit action{ replace(showText, showWikiText(text)); }{ "Save" } } submit action{ replace(showText, showWikiText(text)); }{ "Cancel" } }
  • 52. Email Templates entity Registration { username :: String fullname :: String (name) email :: Email message :: WikiText password :: Secret status :: String created :: DateTime function register() { email confirmEmail(reg); } } define email confirmEmail(reg : Registration) { to(reg.email) subject("Verify your registration") par{ "Dear " output(reg.fullname) ", "} par{ "We have received a registration request for you" } par{ "To confirm the request follow this link: "} navigate registration(reg) {"confirm"} }
  • 54. Search search annotations search queries
  • 55. Data Validation Data Validation Danny M. Groenewegen, Eelco Visser. Integration of Data Validation and User Interface Concerns in a DSL for Web Applications. Software and Systems Modeling, 2011.
  • 56. Data Validation Check input & maintain data integrity Types of validation ❖ Data invariants ❖ Input assertions ❖ Action assertions (see paper) ❖ Value well-formedness (see paper) User interface integration ❖ Display errors
  • 57. Validation Rules data validation form validation action assertions messages
  • 61. Customizing Error Messages define errorTemplateAction(messages : List<String>){ elements() block[class="validationErrors"] { for(ve: String in messages){ output(ve) } } }
  • 63. Access Control Danny M. Groenewegen, Eelco Visser. Declarative Access Control for WebDSL: Combining Language Integration and Separation of Concerns. ICWE 2008: 175-188
  • 64. Principal representation of principal turn on access control
  • 65. securityContext representation of principal turn on access control
  • 70. Access Control Rules Access Control Rules
  • 71. Access Control Rules Constraints over data model ❖ boolean expression over properties of objects Rules restrict access to resources ❖ page, template, action Infer restriction of navigation ❖ don’t show link to inaccessible page or forbidden action
  • 72. Access Control Rules ‘may access page f with argument x if boolean expression e is true’
  • 73. Wiki Access Control Rules ‘anyone can view existing pages, only logged in users can create pages’ ‘only logged in users may edit pages’
  • 78. Access Control Policies Access Control Policies
  • 79. Access Control Policies Standard Policies ❖ Mandatory access control (see paper) ❖ Discretionary access control ❖ Role-based access control Mixing policies ❖ Role-based + discretionary access control WebDSL ❖ No restrictions on access control policies
  • 80. Encoding Access Control Policies Rules ❖ Who may access which resources? ❖ Who can apply which actions? Representation ❖ How are permissions stored? Administration ❖ How can permissions be changed? ❖ Who can change permissions?
  • 82. Wiki: User Interface Templates (abbreviated to navigation structure)
  • 83. Wiki: Generic Access Control Rules
  • 84. Mandatory Access Control Security Labels ❖ Classification label protects object ★ Top Secret, Secret, Confidential, Unclassified ❖ Clearance indicates access of subject Confidentiality rules ❖ Read-down: clearance should be higher than or equal to classification document to read ❖ Write-up: clearance is lower than or equal to classification of document to write
  • 87. Discretionary Access Control Access control lists ❖ objects have owner ❖ owner grants, revokes users access to object Example: Unix file permissions ❖ read, write, execute permissions for ❖ owner, group, anyone
  • 91. Role-Based Access Control Role: group of activities ❖ authorization assigned to roles ❖ users assigned to roles ❖ robust to organizational changes Hierarchical roles ❖ least privilege: use minimal permissions for task Separation of duties ❖ critical actions require coordination
  • 95. Mixing Access Control Policies Real policies ❖ Mix of DAC & RBAC ❖ AC rules are constraints over object graph WebDSL ❖ No policies built-in
  • 97. Linguistic Integration ❖ Data models ★ automatic persistence ❖ User interface templates ★ parameterized definition of page fragments ★ request and response handling ❖ Data validation ★ form validation & data integrity ❖ Access control rules and policies ★ through constraints over objects
  • 98. Customization and Extension Built-in ❖ Search (Lucene) ❖ Email ❖ Call-by-ref templates Extension points ❖ Embedded XML, JavaScript, HQL ❖ Importing ‘native’ classes ❖ Extending built-in types
  • 99. The Future of Quarter 3 ❖ Lecture 4 (10/2 Thursday!) ★ Zef Hemel: mobl ❖ Lecture 5 (15/2) ★ Markus Voelter: DSLs in Industry ❖ Lecture Extra (22/2) ★ Sebastian Erdeweg: Sugar Libraries ❖ Lecture 6 (1/3) ★ Sander Vermolen: Coupled Data Evolution ❖ Lecture 7 (8/3) ★ Andre Boonzaaijer: Domain-Driven Design
  • 100. Workflow Workflow Zef Hemel, Ruben Verhaaf, Eelco Visser. WebWorkFlow: An Object-Oriented Workflow Modeling Language for Web Applications. MoDELS 2008: 113-127 Note: WebWorkFlow is not supported by current version of WebDSL
  • 101. Workflow Coordinating activities by participants WebWorkFlow - object-oriented workflow definition - integrate all aspects of workflow ★ data ★ user interface ★ access control ★ control-flow - abstractions on top of base WebDSL
  • 102. WebWorkFlow by Example: Progress Meeting
  • 103.
  • 104. workflow procedure workflow object procedure call process definition
  • 105. parallel enable next step iterate
  • 107.
  • 108.
  • 109. action
  • 112. Workflow Remarks Recursive workflows (see paper) Issue: user interface patterns for workflow Is workflow an anti-pattern? ❖ is workflow good interaction design? ❖ determine order of user actions ❖ what are alternatives?