Well, devLink 2012 is over.  I got exactly what I expected out of the event: a great time, some new ideas, some great interactions, and some great experience.  I see now that I was only partially abusing the Pomodoro technique thanks to @joelcochran, I learned a lot about JavaScript from @ifandelse, and I learned that LINQ really has nothing to do with IEnumerable thanks to an awesome presentation by @kodefuguru. 

I had a great time talking about SpecsFor and about StructureMap.  My SpecsFor talk was much rougher than any of the other times I’ve presented it, but I’d like to think that I redeemed myself with my StructureMap talk.  Thanks, everyone, who provided feedback.  It really does help, and it will help me be that much better next time. 

Anyway, My code and slides are now online for anyone that is interested (links below).  I’ll be posting more details, particularly about some of the StructureMap black magic that I showed, over the coming days (weeks/months).  I’m also putting together a refreshed build of SpecsFor.Mvc to address the compatibility problems introduced by .NET 4.5 final, and I’m going to be working on getting some other things posted that I’ve been dragging my feet on.  It’s going to be a busy few weeks around here…

StructureMapping Your Way to Better Software – Slides, Code

Integration Testing with SpecsFor.Mvc – Slides, Code

Tags:

Another CodeStock has come and gone.  I had a lot of fun this year, and I feel like I walked away with a lot of new knowledge, new ideas, and even a slightly altered perspective on things.  Thanks, everyone, who attended either of my sessions.  I really enjoyed presenting SpecsFor.Mvc for the first time, and I also enjoyed talking about StructureMap (perhaps a bit too much since I didn’t have enough time to cover everything).  I hope everyone that attended learned at least a little something new.  I had hoped to have my slides and code posted by now, but I just haven’t had time to clean things up yet.  Last-minute prep, not to mention several other things going on, have put me way behind.  I’m going to try to get everything cleaned up and published, including a new build of SpecsFor.Mvc, before the end of the week.  I’ll have screencasts covering the same content available before the summer is over as well. 

Anyway, thanks again, and I look forward to seeing everyone again at CodeStock 2013!

Tags:

I’m going to be attending and speaking at devLink this year!  This will be my first year attending, but I’ve always heard great things about it and I’m very much looking forward to experiencing it first-hand.  And if you can’t catch me at devLink in August, don’t forget that I’ll be at CodeStock next month, too!

Tags:

Here are some random thoughts that have been bouncing around my head for the last couple of days. 

Keep your codebase in a releasable state.  If you are practicing scrum or some other iterative process, make sure your code is releasable at the end of an iteration.  I’m not exactly sure what you do if you’re practicing something like Kanban, but the idea is the same.

Release your application often.  Even if it isn’t to production, go through the process of releasing your code as frequently as you can.  This will force you to design everything to streamline the release process, and it will help identify barriers to releasable code sooner rather than later.

Better yet, automate your releases by practicing continuous deployment.  Even if it is only a release to a lower environment, continuous deployment can be a huge time saver.

One of the best ways to learn a new application and its codebase is through fixing defects.  Unlike new features, which often contain some subjective requirements, defects are usually much more cleanly and tightly defined.  Does that mean that an application with a lot of defects has a shallower learning curve than one with higher quality?

There are few rules in software development, and the answer to any question about software design is “it depends.”  Limiting your abstractions may be the right thing to do, or introducing lots of abstractions might be a better choice.  Sadly, as developers, we have to evaluate each scenario and make the best guess we can with the information at hand.  Then we have to undo that decision 6 to 18 months later when we realize we made the wrong decision.

If it feels more like work than a hobby, You’re Doing It Wrong.  You’re going to spend 8 to 10 hours a day, 5 days a week, “working.”  You better find something you enjoy, or that’s 40-50 hours a week you’re going to spend being miserable.

There.  I feel better now. 

Tags:

I’m a big fan of CodeStock.  I’ve attended every year since its inception, except for the year that I suffered a major knee injury a few days prior.  If you aren’t familiar with it, CodeStock is one of the premier developer events in Tennessee.  It’s once again being hosted in Knoxville, Tennessee, and I’m once again hoping to be presenting a couple of sessions. 

More...

Tags:

We typically think of encryption as a cross-cutting concern or as a separate utility service that our applications use, not as something that’s an integral part of our application domain.  That way of thinking doesn’t always hold though.  In this short post, I’ll show you how I recently implemented support for encryption as a first-class citizen of my domain model. 

The Domain

Almost every application contains some element that needs to be encrypted or hashed (a user’s credentials, perhaps?).  In the past, I’ve never bothered encapsulating the encrypted value as its own separate data type.  I’ll still encapsulate the logic for encrypting or hashing in the domain, but I typically place that logic in the owning entity.  Here’s a User object from RageFeed as an example:

public class User
{
    public virtual Guid Id { get; set; }

    public virtual string Username { get; set; }

    public virtual string Email { get; set; }

    public virtual string PasswordSalt { get; set; }

    public virtual string PasswordHash { get; set; }

    ...snip...

    public virtual void SetPassword(string password)
    {
        GenerateNewSalt();

        PasswordHash = HashPassword(password);
    }

    public virtual bool IsThisTheUsersPassword(string password)
    {
        var hash = HashPassword(password);

        return hash == PasswordHash;
    }

    private string HashPassword(string password)
    {
        ...snip...
    }

    private void GenerateNewSalt()
    {
        ...snip...
    }

    ...snip...
}

There’s quite a bit of logic related to securely storing the user’s password in this redacted snippet.  While it’s fairly easy to test, it does make for a slightly less-cohesive domain model since there are now true business concerns mixed in with encryption concerns.  Since it was really only this one entity and applied only to the credentials, I decided at the time to leave the code in the User object instead of refactoring it to somewhere else. 

Encrypted Members as a First Class Citizen

On a recent application though, I found that I had several members that all needed to be encrypted.  I decided I would encapsulate the encrypted members as first-class data types instead of rolling the encryption responsibility into the owning entity.  The difference is subtle, but it greatly changes where behavior lives within the domain.  The entities with encrypted members become simpler and more cohesive since they no longer contain encryption-related logic.  That logic is now encapsulated separately from the owning entity and is far easier to reuse throughout the domain.

public class AccountDetails
{
    ...snip...

    public virtual EncryptedString ReallySecretNumber { get; private set; }
    
    public virtual EncryptedString AnotherReallySecretNumber { get; private set; }
    
    ...snip...
}

The actual data type doesn’t do much directly: 

public class EncryptedString
{
    public virtual string EncryptedValue { get; set; }

    public virtual string CertificateName { get; set; }

    public virtual string Key { get; set; }

    protected EncryptedString()
    {

    }

    public static EncryptedString Create(string value, IEncryptData encrypter)
    {
        var encryptionResult = encrypter.Encrypt(value);

        return new EncryptedString
        {
            EncryptedValue = encryptionResult.EncryptedText,
            CertificateName = encryptionResult.CertificateName,
            Key = encryptionResult.Key
        };
    }

    public virtual string GetDecryptedValue(IEncryptData encrypter)
    {
        return encrypter.Decrypt(EncryptedValue, CertificateName, Key);
    }
}

Instead, it depends on a separate service, IEncryptData, to provide the low-level encryption API it requires.  This keeps the domain decoupled from the low-level methods, making it easier to test, extend, and maintain in the future.

Which is Better?

As always, the answer is “it depends.”  The approach I took with RageFeed and Fail Tracker, where I embedded the logic within the owning entity, has never caused me issues.  However, I chose to go a different route as soon as I had multiple members that required encryption.  That feels like the right approach in this case. 

Tags:

I’ve spent the last year working at a company that embraced Agile from the top-down.  I’ve been on a Scrum team as it transitioned from semi-chaos to self-organizing and back to complete-chaos.  I’ve seen Scrum at its best and at its worst.  During this year, I’ve made a few observations on Scrum, its strengths, and its weaknesses.  Read on, ye readers, to find out why I think Scrum fails.

More...

Tags:

Every team, whether you are practicing agile or not, regardless of platform or language, should really have some Definition of Done.  What does it mean for a story/feature/defect/whatever to be “done?”  What things have to happen to achieve “done” status?  Defining these things will help with estimating effort, and it may also help increase the quality of your product.  Here are a few of the things I look for in a Definition of Done.

More...

Tags:

Here’s another one for the non-.NET category.  I’ve been involved in both sides of the interview process recently.  I previously outlined the types of questions I ask if I’m in the interviewer seat, but what about about when I’m the interviewee?  Asking the right questions as an interviewee is just as important (if not more important) than asking the right questions as the interviewer.  The position you are interviewing for is going to play a major role in your life.  You need to find out now if it isn’t a good fit for you.  Here are some of the questions I like to ask.

More...

Tags:

So we’re hiring another senior developer for our team at my day job, and I’ve spent a fair amount of time in the last week brushing up my list of questions (and coding exercises).  There are tons of posts strewn across the web of developer interview questions, but I thought I’d add my own thoughts to the mix.  Here are the questions you’re likely to encounter should you interview with me.  

More...

Tags: