Including user id in domain eventsDomain Driven Designsymfony domain eventHow layers Talk to each other in NLayered DDD (Domain Driven Design)Do Domain Events in Domain Driven Design hide the intent?How to update audit fields in a domain model?Delaying the creation and dispatch of domain eventsShould services always return DTOs, or can they also return domain models?Domain Events for confirming stateDDD: Referencing MediatR interface from the domain projectDomain Driven Design, How do I deal with user specific data?
LaTeX: Why are digits allowed in environments, but forbidden in commands?
Can a monk's single staff be considered dual wielded, as per the Dual Wielder feat?
Replacing matching entries in one column of a file by another column from a different file
Malformed Address '10.10.21.08/24', must be X.X.X.X/NN or
Are astronomers waiting to see something in an image from a gravitational lens that they've already seen in an adjacent image?
Add text to same line using sed
What typically incentivizes a professor to change jobs to a lower ranking university?
What does it mean to describe someone as a butt steak?
Is it unprofessional to ask if a job posting on GlassDoor is real?
Is it legal for company to use my work email to pretend I still work there?
I'm flying to France today and my passport expires in less than 2 months
Can you really stack all of this on an Opportunity Attack?
meaning of に in 本当に?
What would happen to a modern skyscraper if it rains micro blackholes?
How is the claim "I am in New York only if I am in America" the same as "If I am in New York, then I am in America?
If human space travel is limited by the G force vulnerability, is there a way to counter G forces?
"You are your self first supporter", a more proper way to say it
What is a clear way to write a bar that has an extra beat?
Why are electrically insulating heatsinks so rare? Is it just cost?
Accidentally leaked the solution to an assignment, what to do now? (I'm the prof)
RSA: Danger of using p to create q
What does "Puller Prush Person" mean?
What is the word for reserving something for yourself before others do?
Why can't we play rap on piano?
Including user id in domain events
Domain Driven Designsymfony domain eventHow layers Talk to each other in NLayered DDD (Domain Driven Design)Do Domain Events in Domain Driven Design hide the intent?How to update audit fields in a domain model?Delaying the creation and dispatch of domain eventsShould services always return DTOs, or can they also return domain models?Domain Events for confirming stateDDD: Referencing MediatR interface from the domain projectDomain Driven Design, How do I deal with user specific data?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;
I've been working on a new document management project that uses DDD architecture. I'm new to DDD and event driven design, so it's been a learning experience.
My application is structured like this:
- MyProgram.Domain
- MyProgram.Infrastructure
- MyProgram.App
- MyProgram.WebApi
Domain has all of my domain logic, infrastructure is persistence, application is mostly commands and handlers, and the webapi is just the thing webapi.
Right now I'm working on implementing user authorization, and at the moment I've decided on using authorization handlers that will do permissions check before a command or query is executed. I think this gives me good flexibility perform complex resource-based authorization, since many of my permissions will depend on the current state of a certain entity.
So that is working out so far, I've implemented authorization in my application layer, leaving most of the user-specifics out of my domain model.
Now, the problem I'm trying to figure out is how to best include user information in my domain events, raised from my domain classes.
Example, I have a certain aggregate, let's say its document, and the document has a certain approval workflow. So when the document gets approved, I want to raise a domain event such as
public class DocumentApproved : IDomainEvent
public DocumentApproved (Package package)
DocumentId= document.Id;
Timestamp = DateTime.Now;
public Guid Id get;
public Guid UserId get;
public DateTime Timestamp get;
public Guid PackageId get;
The system needs to be auditable, so I'm planning on using the domain events both as an audit trail as well as a mechanism to cause side effects or message other systems.
The Document entity might have a method that looks something like this:
public void Approve()
State = State.Approve(this);
ApprovalRevision.Next();
Events.Add(new DocumentApproved(this));
My Question
I'd like to include the UserId on just about every applicable domain event, but I can't think of how do to this without having to have the userId be a parameter for every relevant method on my domain entities, meaning they would only be a parameter for the sake of creating the domain events, since all authorization type activity will be happening in the application layer.
Is this a reasonable way to approach this, or maybe should I be trying to capture user activity a different way, such as my request pipeline, and keep those separate from domain events? That doesn't quite sound right to me. It really isn't such a problem to have the userId be a parameter for every method that might cause a domain event, but this seems like it would just be adding clutter to every domain entity signature.
For raising my domain events, I'm doing something similar to what is suggested here, where the entity has a DomainEvents collection, and they are published via MediatR right before the entity is saved.
c# dns domain-driven-design mediatr
asked Mar 9 at 0:56
ErpaDerpErpaDerp
8929
add a comment |
I've been working on a new document management project that uses DDD architecture. I'm new to DDD and event driven design, so it's been a learning experience.
My application is structured like this:
- MyProgram.Domain
- MyProgram.Infrastructure
- MyProgram.App
- MyProgram.WebApi
Domain has all of my domain logic, infrastructure is persistence, application is mostly commands and handlers, and the webapi is just the thing webapi.
Right now I'm working on implementing user authorization, and at the moment I've decided on using authorization handlers that will do permissions check before a command or query is executed. I think this gives me good flexibility perform complex resource-based authorization, since many of my permissions will depend on the current state of a certain entity.
So that is working out so far, I've implemented authorization in my application layer, leaving most of the user-specifics out of my domain model.
Now, the problem I'm trying to figure out is how to best include user information in my domain events, raised from my domain classes.
Example, I have a certain aggregate, let's say its document, and the document has a certain approval workflow. So when the document gets approved, I want to raise a domain event such as
public class DocumentApproved : IDomainEvent
public DocumentApproved (Package package)
DocumentId= document.Id;
Timestamp = DateTime.Now;
public Guid Id get;
public Guid UserId get;
public DateTime Timestamp get;
public Guid PackageId get;
The system needs to be auditable, so I'm planning on using the domain events both as an audit trail as well as a mechanism to cause side effects or message other systems.
The Document entity might have a method that looks something like this:
public void Approve()
State = State.Approve(this);
ApprovalRevision.Next();
Events.Add(new DocumentApproved(this));
My Question
I'd like to include the UserId on just about every applicable domain event, but I can't think of how do to this without having to have the userId be a parameter for every relevant method on my domain entities, meaning they would only be a parameter for the sake of creating the domain events, since all authorization type activity will be happening in the application layer.
Is this a reasonable way to approach this, or maybe should I be trying to capture user activity a different way, such as my request pipeline, and keep those separate from domain events? That doesn't quite sound right to me. It really isn't such a problem to have the userId be a parameter for every method that might cause a domain event, but this seems like it would just be adding clutter to every domain entity signature.
For raising my domain events, I'm doing something similar to what is suggested here, where the entity has a DomainEvents collection, and they are published via MediatR right before the entity is saved.
c# dns domain-driven-design mediatr
asked Mar 9 at 0:56
ErpaDerpErpaDerp
8929
add a comment |
I've been working on a new document management project that uses DDD architecture. I'm new to DDD and event driven design, so it's been a learning experience.
My application is structured like this:
- MyProgram.Domain
- MyProgram.Infrastructure
- MyProgram.App
- MyProgram.WebApi
Domain has all of my domain logic, infrastructure is persistence, application is mostly commands and handlers, and the webapi is just the thing webapi.
Right now I'm working on implementing user authorization, and at the moment I've decided on using authorization handlers that will do permissions check before a command or query is executed. I think this gives me good flexibility perform complex resource-based authorization, since many of my permissions will depend on the current state of a certain entity.
So that is working out so far, I've implemented authorization in my application layer, leaving most of the user-specifics out of my domain model.
Now, the problem I'm trying to figure out is how to best include user information in my domain events, raised from my domain classes.
Example, I have a certain aggregate, let's say its document, and the document has a certain approval workflow. So when the document gets approved, I want to raise a domain event such as
public class DocumentApproved : IDomainEvent
public DocumentApproved (Package package)
DocumentId= document.Id;
Timestamp = DateTime.Now;
public Guid Id get;
public Guid UserId get;
public DateTime Timestamp get;
public Guid PackageId get;
The system needs to be auditable, so I'm planning on using the domain events both as an audit trail as well as a mechanism to cause side effects or message other systems.
The Document entity might have a method that looks something like this:
public void Approve()
State = State.Approve(this);
ApprovalRevision.Next();
Events.Add(new DocumentApproved(this));
My Question
I'd like to include the UserId on just about every applicable domain event, but I can't think of how do to this without having to have the userId be a parameter for every relevant method on my domain entities, meaning they would only be a parameter for the sake of creating the domain events, since all authorization type activity will be happening in the application layer.
Is this a reasonable way to approach this, or maybe should I be trying to capture user activity a different way, such as my request pipeline, and keep those separate from domain events? That doesn't quite sound right to me. It really isn't such a problem to have the userId be a parameter for every method that might cause a domain event, but this seems like it would just be adding clutter to every domain entity signature.
For raising my domain events, I'm doing something similar to what is suggested here, where the entity has a DomainEvents collection, and they are published via MediatR right before the entity is saved.
c# dns domain-driven-design mediatr
asked Mar 9 at 0:56
ErpaDerpErpaDerp
8929
I've been working on a new document management project that uses DDD architecture. I'm new to DDD and event driven design, so it's been a learning experience.
My application is structured like this:
- MyProgram.Domain
- MyProgram.Infrastructure
- MyProgram.App
- MyProgram.WebApi
Domain has all of my domain logic, infrastructure is persistence, application is mostly commands and handlers, and the webapi is just the thing webapi.
Right now I'm working on implementing user authorization, and at the moment I've decided on using authorization handlers that will do permissions check before a command or query is executed. I think this gives me good flexibility perform complex resource-based authorization, since many of my permissions will depend on the current state of a certain entity.
So that is working out so far, I've implemented authorization in my application layer, leaving most of the user-specifics out of my domain model.
Now, the problem I'm trying to figure out is how to best include user information in my domain events, raised from my domain classes.
Example, I have a certain aggregate, let's say its document, and the document has a certain approval workflow. So when the document gets approved, I want to raise a domain event such as
public class DocumentApproved : IDomainEvent
public DocumentApproved (Package package)
DocumentId= document.Id;
Timestamp = DateTime.Now;
public Guid Id get;
public Guid UserId get;
public DateTime Timestamp get;
public Guid PackageId get;
The system needs to be auditable, so I'm planning on using the domain events both as an audit trail as well as a mechanism to cause side effects or message other systems.
The Document entity might have a method that looks something like this:
public void Approve()
State = State.Approve(this);
ApprovalRevision.Next();
Events.Add(new DocumentApproved(this));
My Question
I'd like to include the UserId on just about every applicable domain event, but I can't think of how do to this without having to have the userId be a parameter for every relevant method on my domain entities, meaning they would only be a parameter for the sake of creating the domain events, since all authorization type activity will be happening in the application layer.
Is this a reasonable way to approach this, or maybe should I be trying to capture user activity a different way, such as my request pipeline, and keep those separate from domain events? That doesn't quite sound right to me. It really isn't such a problem to have the userId be a parameter for every method that might cause a domain event, but this seems like it would just be adding clutter to every domain entity signature.
For raising my domain events, I'm doing something similar to what is suggested here, where the entity has a DomainEvents collection, and they are published via MediatR right before the entity is saved.
c# dns domain-driven-design mediatr
c# dns domain-driven-design mediatr
asked Mar 9 at 0:56
ErpaDerpErpaDerp
8929
asked Mar 9 at 0:56
ErpaDerpErpaDerp
8929
asked Mar 9 at 0:56
ErpaDerpErpaDerp
8929
asked Mar 9 at 0:56
ErpaDerpErpaDerp
8929
asked Mar 9 at 0:56
ErpaDerpErpaDerp
8929
8929
add a comment |
add a comment |
2 Answers
2
active
oldest
votes
The most pragmatic way of doing this would probably be to simply store the user's information (along with other session/request info) as event metadata (hopefully your event store supports that) and handle this concern outside the domain.
For instance, in one application I've written an event store implementation that can be configured with an EventMetadataProvider, which gets registered in the application's composition root and uses the current request context to append metadata such as the user's ID, remote IP address, etc.
Note that you could still enrich some domain events with the approver/creator/etc. where it matters the most for event consumers, but ideally not with a generic UserId concept.
answered Mar 11 at 12:26
plalxplalx
33.3k44770
Thanks for the suggestion, this is definitely the type of information I was looking for. I haven't decided on an event store yet, and since I don't plan on doing full event sourcing right now I haven't decided if I need a full event storage framework or if I should just make a very basic one that fits my needs. Adding in event metadata as a requirement now makes me think to look towards a framework. I've seen a couple event store frameworks out there, is there one you would recommend to start out with?
– ErpaDerp
Mar 11 at 17:00
I created my own backed by SQL Server, but I don't use Event Sourcing. I just use events for integration & auditing.
– plalx
Mar 11 at 17:45
Pretty much what I'm using events for. Overall, do you think making your own was the right choice for you? What pushed you to that decision vs using one of the ES libraries?
– ErpaDerp
Mar 11 at 18:08
@ErpaDerp Implementing my own was not a choice. I had to because the code runs within a secure Intranet and third-party libraries were not approved. I would have looked towards Greg's EventStore if not I guess. The only thing that is difficult to implement is the global sequence number. You can't just rely on an identity field, because someones transaction T1 will commit after T2 and if you tail the log using identities you will therefore miss events (when there are gaps). You basically need to serialize writes to ensure the order.
– plalx
Mar 12 at 13:22
I haven't dealt with that problem yet, because my consumers is only the UI for realtime and missing an event is not the end of the world, but I figured there are only 2 solutions. Serialize all writes or insert events without a global order and have a single writer thread assign a sequence number, but then it means events can't immediately be read by their global sequence number after being written cause they dont have one yet.
– plalx
Mar 12 at 13:31
|
show 2 more comments
I think this gives me good flexibility perform complex resource-based authorization, since many of my permissions will depend on the current state of a certain entity.
That sounds like the authorization is an important part of the business rules and should be implemented in the domain layer. The fact that you have the need to enrich the domain events with user information is an indicator that the user should be part of the domain.
Without knowing the domain exactly I could imagine you have an invariant, something like: "A document can only be approved by the line manager of the author". You can not assert this invariant in the domain without the concept of users/roles.
answered Mar 9 at 14:43
Roman WeisRoman Weis
8315
It's a good point, and one I've gone back and forth myself. I will most likely end up with some of it implemented in the domain layer, but I'm still working out how to fill in the gaps for the rest of my events that don't have explicit user requirements but I still want to keep the user audit trail as part of the event log. I'm liking the sound of plalx's suggestion with event metadata.
– ErpaDerp
Mar 11 at 16:54
You could definitly go with the metadata approach. It just sounds a bit like the good old CreatedBy, ModifiedBy fields that are from my experience usually more disturbing than helpful and definitely do not belong into domain model.
– Roman Weis
Mar 11 at 20:33
By not belonging to the domain model, are you also referring to the domain events? If you were trying to make all actions taken in a system auditable to each user, would you maybe keep that separate from the domain events, maybe some type of logging? Agree that the CreatedBy/ModifiedBy fields don't work so well on the domain entity itself, but I was thinking they do make a lot of sense on the events since.
– ErpaDerp
Mar 11 at 21:23
The "audit" requirement sounds more like an infrastructure concern without any domain specific logic. Domain events are an important part of the domain logic. So I guess you could enrich the domain events with audit info before storing them. But make sure that this audit info does not leak back into your domain.
– Roman Weis
Mar 11 at 22:17
add a comment |
Your Answer
StackExchange.ifUsing("editor", function ()
StackExchange.using("externalEditor", function ()
StackExchange.using("snippets", function ()
StackExchange.snippets.init();
);
);
, "code-snippets");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "1"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55072951%2fincluding-user-id-in-domain-events%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
The most pragmatic way of doing this would probably be to simply store the user's information (along with other session/request info) as event metadata (hopefully your event store supports that) and handle this concern outside the domain.
For instance, in one application I've written an event store implementation that can be configured with an EventMetadataProvider, which gets registered in the application's composition root and uses the current request context to append metadata such as the user's ID, remote IP address, etc.
Note that you could still enrich some domain events with the approver/creator/etc. where it matters the most for event consumers, but ideally not with a generic UserId concept.
answered Mar 11 at 12:26
plalxplalx
33.3k44770
Thanks for the suggestion, this is definitely the type of information I was looking for. I haven't decided on an event store yet, and since I don't plan on doing full event sourcing right now I haven't decided if I need a full event storage framework or if I should just make a very basic one that fits my needs. Adding in event metadata as a requirement now makes me think to look towards a framework. I've seen a couple event store frameworks out there, is there one you would recommend to start out with?
– ErpaDerp
Mar 11 at 17:00
I created my own backed by SQL Server, but I don't use Event Sourcing. I just use events for integration & auditing.
– plalx
Mar 11 at 17:45
Pretty much what I'm using events for. Overall, do you think making your own was the right choice for you? What pushed you to that decision vs using one of the ES libraries?
– ErpaDerp
Mar 11 at 18:08
@ErpaDerp Implementing my own was not a choice. I had to because the code runs within a secure Intranet and third-party libraries were not approved. I would have looked towards Greg's EventStore if not I guess. The only thing that is difficult to implement is the global sequence number. You can't just rely on an identity field, because someones transaction T1 will commit after T2 and if you tail the log using identities you will therefore miss events (when there are gaps). You basically need to serialize writes to ensure the order.
– plalx
Mar 12 at 13:22
I haven't dealt with that problem yet, because my consumers is only the UI for realtime and missing an event is not the end of the world, but I figured there are only 2 solutions. Serialize all writes or insert events without a global order and have a single writer thread assign a sequence number, but then it means events can't immediately be read by their global sequence number after being written cause they dont have one yet.
– plalx
Mar 12 at 13:31
|
show 2 more comments
The most pragmatic way of doing this would probably be to simply store the user's information (along with other session/request info) as event metadata (hopefully your event store supports that) and handle this concern outside the domain.
For instance, in one application I've written an event store implementation that can be configured with an EventMetadataProvider, which gets registered in the application's composition root and uses the current request context to append metadata such as the user's ID, remote IP address, etc.
Note that you could still enrich some domain events with the approver/creator/etc. where it matters the most for event consumers, but ideally not with a generic UserId concept.
answered Mar 11 at 12:26
plalxplalx
33.3k44770
Thanks for the suggestion, this is definitely the type of information I was looking for. I haven't decided on an event store yet, and since I don't plan on doing full event sourcing right now I haven't decided if I need a full event storage framework or if I should just make a very basic one that fits my needs. Adding in event metadata as a requirement now makes me think to look towards a framework. I've seen a couple event store frameworks out there, is there one you would recommend to start out with?
– ErpaDerp
Mar 11 at 17:00
I created my own backed by SQL Server, but I don't use Event Sourcing. I just use events for integration & auditing.
– plalx
Mar 11 at 17:45
Pretty much what I'm using events for. Overall, do you think making your own was the right choice for you? What pushed you to that decision vs using one of the ES libraries?
– ErpaDerp
Mar 11 at 18:08
@ErpaDerp Implementing my own was not a choice. I had to because the code runs within a secure Intranet and third-party libraries were not approved. I would have looked towards Greg's EventStore if not I guess. The only thing that is difficult to implement is the global sequence number. You can't just rely on an identity field, because someones transaction T1 will commit after T2 and if you tail the log using identities you will therefore miss events (when there are gaps). You basically need to serialize writes to ensure the order.
– plalx
Mar 12 at 13:22
I haven't dealt with that problem yet, because my consumers is only the UI for realtime and missing an event is not the end of the world, but I figured there are only 2 solutions. Serialize all writes or insert events without a global order and have a single writer thread assign a sequence number, but then it means events can't immediately be read by their global sequence number after being written cause they dont have one yet.
– plalx
Mar 12 at 13:31
|
show 2 more comments
The most pragmatic way of doing this would probably be to simply store the user's information (along with other session/request info) as event metadata (hopefully your event store supports that) and handle this concern outside the domain.
For instance, in one application I've written an event store implementation that can be configured with an EventMetadataProvider, which gets registered in the application's composition root and uses the current request context to append metadata such as the user's ID, remote IP address, etc.
Note that you could still enrich some domain events with the approver/creator/etc. where it matters the most for event consumers, but ideally not with a generic UserId concept.
answered Mar 11 at 12:26
plalxplalx
33.3k44770
The most pragmatic way of doing this would probably be to simply store the user's information (along with other session/request info) as event metadata (hopefully your event store supports that) and handle this concern outside the domain.
For instance, in one application I've written an event store implementation that can be configured with an EventMetadataProvider, which gets registered in the application's composition root and uses the current request context to append metadata such as the user's ID, remote IP address, etc.
Note that you could still enrich some domain events with the approver/creator/etc. where it matters the most for event consumers, but ideally not with a generic UserId concept.
answered Mar 11 at 12:26
plalxplalx
33.3k44770
answered Mar 11 at 12:26
plalxplalx
33.3k44770
answered Mar 11 at 12:26
plalxplalx
33.3k44770
answered Mar 11 at 12:26
plalxplalx
33.3k44770
33.3k44770
Thanks for the suggestion, this is definitely the type of information I was looking for. I haven't decided on an event store yet, and since I don't plan on doing full event sourcing right now I haven't decided if I need a full event storage framework or if I should just make a very basic one that fits my needs. Adding in event metadata as a requirement now makes me think to look towards a framework. I've seen a couple event store frameworks out there, is there one you would recommend to start out with?
– ErpaDerp
Mar 11 at 17:00
I created my own backed by SQL Server, but I don't use Event Sourcing. I just use events for integration & auditing.
– plalx
Mar 11 at 17:45
Pretty much what I'm using events for. Overall, do you think making your own was the right choice for you? What pushed you to that decision vs using one of the ES libraries?
– ErpaDerp
Mar 11 at 18:08
@ErpaDerp Implementing my own was not a choice. I had to because the code runs within a secure Intranet and third-party libraries were not approved. I would have looked towards Greg's EventStore if not I guess. The only thing that is difficult to implement is the global sequence number. You can't just rely on an identity field, because someones transaction T1 will commit after T2 and if you tail the log using identities you will therefore miss events (when there are gaps). You basically need to serialize writes to ensure the order.
– plalx
Mar 12 at 13:22
I haven't dealt with that problem yet, because my consumers is only the UI for realtime and missing an event is not the end of the world, but I figured there are only 2 solutions. Serialize all writes or insert events without a global order and have a single writer thread assign a sequence number, but then it means events can't immediately be read by their global sequence number after being written cause they dont have one yet.
– plalx
Mar 12 at 13:31
|
show 2 more comments
Thanks for the suggestion, this is definitely the type of information I was looking for. I haven't decided on an event store yet, and since I don't plan on doing full event sourcing right now I haven't decided if I need a full event storage framework or if I should just make a very basic one that fits my needs. Adding in event metadata as a requirement now makes me think to look towards a framework. I've seen a couple event store frameworks out there, is there one you would recommend to start out with?
– ErpaDerp
Mar 11 at 17:00
I created my own backed by SQL Server, but I don't use Event Sourcing. I just use events for integration & auditing.
– plalx
Mar 11 at 17:45
Pretty much what I'm using events for. Overall, do you think making your own was the right choice for you? What pushed you to that decision vs using one of the ES libraries?
– ErpaDerp
Mar 11 at 18:08
@ErpaDerp Implementing my own was not a choice. I had to because the code runs within a secure Intranet and third-party libraries were not approved. I would have looked towards Greg's EventStore if not I guess. The only thing that is difficult to implement is the global sequence number. You can't just rely on an identity field, because someones transaction T1 will commit after T2 and if you tail the log using identities you will therefore miss events (when there are gaps). You basically need to serialize writes to ensure the order.
– plalx
Mar 12 at 13:22
I haven't dealt with that problem yet, because my consumers is only the UI for realtime and missing an event is not the end of the world, but I figured there are only 2 solutions. Serialize all writes or insert events without a global order and have a single writer thread assign a sequence number, but then it means events can't immediately be read by their global sequence number after being written cause they dont have one yet.
– plalx
Mar 12 at 13:31
Thanks for the suggestion, this is definitely the type of information I was looking for. I haven't decided on an event store yet, and since I don't plan on doing full event sourcing right now I haven't decided if I need a full event storage framework or if I should just make a very basic one that fits my needs. Adding in event metadata as a requirement now makes me think to look towards a framework. I've seen a couple event store frameworks out there, is there one you would recommend to start out with?
– ErpaDerp
Mar 11 at 17:00
Thanks for the suggestion, this is definitely the type of information I was looking for. I haven't decided on an event store yet, and since I don't plan on doing full event sourcing right now I haven't decided if I need a full event storage framework or if I should just make a very basic one that fits my needs. Adding in event metadata as a requirement now makes me think to look towards a framework. I've seen a couple event store frameworks out there, is there one you would recommend to start out with?
– ErpaDerp
Mar 11 at 17:00
I created my own backed by SQL Server, but I don't use Event Sourcing. I just use events for integration & auditing.
– plalx
Mar 11 at 17:45
I created my own backed by SQL Server, but I don't use Event Sourcing. I just use events for integration & auditing.
– plalx
Mar 11 at 17:45
Pretty much what I'm using events for. Overall, do you think making your own was the right choice for you? What pushed you to that decision vs using one of the ES libraries?
– ErpaDerp
Mar 11 at 18:08
Pretty much what I'm using events for. Overall, do you think making your own was the right choice for you? What pushed you to that decision vs using one of the ES libraries?
– ErpaDerp
Mar 11 at 18:08
@ErpaDerp Implementing my own was not a choice. I had to because the code runs within a secure Intranet and third-party libraries were not approved. I would have looked towards Greg's EventStore if not I guess. The only thing that is difficult to implement is the global sequence number. You can't just rely on an identity field, because someones transaction T1 will commit after T2 and if you tail the log using identities you will therefore miss events (when there are gaps). You basically need to serialize writes to ensure the order.
– plalx
Mar 12 at 13:22
@ErpaDerp Implementing my own was not a choice. I had to because the code runs within a secure Intranet and third-party libraries were not approved. I would have looked towards Greg's EventStore if not I guess. The only thing that is difficult to implement is the global sequence number. You can't just rely on an identity field, because someones transaction T1 will commit after T2 and if you tail the log using identities you will therefore miss events (when there are gaps). You basically need to serialize writes to ensure the order.
– plalx
Mar 12 at 13:22
I haven't dealt with that problem yet, because my consumers is only the UI for realtime and missing an event is not the end of the world, but I figured there are only 2 solutions. Serialize all writes or insert events without a global order and have a single writer thread assign a sequence number, but then it means events can't immediately be read by their global sequence number after being written cause they dont have one yet.
– plalx
Mar 12 at 13:31
I haven't dealt with that problem yet, because my consumers is only the UI for realtime and missing an event is not the end of the world, but I figured there are only 2 solutions. Serialize all writes or insert events without a global order and have a single writer thread assign a sequence number, but then it means events can't immediately be read by their global sequence number after being written cause they dont have one yet.
– plalx
Mar 12 at 13:31
|
show 2 more comments
I think this gives me good flexibility perform complex resource-based authorization, since many of my permissions will depend on the current state of a certain entity.
That sounds like the authorization is an important part of the business rules and should be implemented in the domain layer. The fact that you have the need to enrich the domain events with user information is an indicator that the user should be part of the domain.
Without knowing the domain exactly I could imagine you have an invariant, something like: "A document can only be approved by the line manager of the author". You can not assert this invariant in the domain without the concept of users/roles.
answered Mar 9 at 14:43
Roman WeisRoman Weis
8315
It's a good point, and one I've gone back and forth myself. I will most likely end up with some of it implemented in the domain layer, but I'm still working out how to fill in the gaps for the rest of my events that don't have explicit user requirements but I still want to keep the user audit trail as part of the event log. I'm liking the sound of plalx's suggestion with event metadata.
– ErpaDerp
Mar 11 at 16:54
You could definitly go with the metadata approach. It just sounds a bit like the good old CreatedBy, ModifiedBy fields that are from my experience usually more disturbing than helpful and definitely do not belong into domain model.
– Roman Weis
Mar 11 at 20:33
By not belonging to the domain model, are you also referring to the domain events? If you were trying to make all actions taken in a system auditable to each user, would you maybe keep that separate from the domain events, maybe some type of logging? Agree that the CreatedBy/ModifiedBy fields don't work so well on the domain entity itself, but I was thinking they do make a lot of sense on the events since.
– ErpaDerp
Mar 11 at 21:23
The "audit" requirement sounds more like an infrastructure concern without any domain specific logic. Domain events are an important part of the domain logic. So I guess you could enrich the domain events with audit info before storing them. But make sure that this audit info does not leak back into your domain.
– Roman Weis
Mar 11 at 22:17
add a comment |
I think this gives me good flexibility perform complex resource-based authorization, since many of my permissions will depend on the current state of a certain entity.
That sounds like the authorization is an important part of the business rules and should be implemented in the domain layer. The fact that you have the need to enrich the domain events with user information is an indicator that the user should be part of the domain.
Without knowing the domain exactly I could imagine you have an invariant, something like: "A document can only be approved by the line manager of the author". You can not assert this invariant in the domain without the concept of users/roles.
answered Mar 9 at 14:43
Roman WeisRoman Weis
8315
It's a good point, and one I've gone back and forth myself. I will most likely end up with some of it implemented in the domain layer, but I'm still working out how to fill in the gaps for the rest of my events that don't have explicit user requirements but I still want to keep the user audit trail as part of the event log. I'm liking the sound of plalx's suggestion with event metadata.
– ErpaDerp
Mar 11 at 16:54
You could definitly go with the metadata approach. It just sounds a bit like the good old CreatedBy, ModifiedBy fields that are from my experience usually more disturbing than helpful and definitely do not belong into domain model.
– Roman Weis
Mar 11 at 20:33
By not belonging to the domain model, are you also referring to the domain events? If you were trying to make all actions taken in a system auditable to each user, would you maybe keep that separate from the domain events, maybe some type of logging? Agree that the CreatedBy/ModifiedBy fields don't work so well on the domain entity itself, but I was thinking they do make a lot of sense on the events since.
– ErpaDerp
Mar 11 at 21:23
The "audit" requirement sounds more like an infrastructure concern without any domain specific logic. Domain events are an important part of the domain logic. So I guess you could enrich the domain events with audit info before storing them. But make sure that this audit info does not leak back into your domain.
– Roman Weis
Mar 11 at 22:17
add a comment |
I think this gives me good flexibility perform complex resource-based authorization, since many of my permissions will depend on the current state of a certain entity.
That sounds like the authorization is an important part of the business rules and should be implemented in the domain layer. The fact that you have the need to enrich the domain events with user information is an indicator that the user should be part of the domain.
Without knowing the domain exactly I could imagine you have an invariant, something like: "A document can only be approved by the line manager of the author". You can not assert this invariant in the domain without the concept of users/roles.
answered Mar 9 at 14:43
Roman WeisRoman Weis
8315
I think this gives me good flexibility perform complex resource-based authorization, since many of my permissions will depend on the current state of a certain entity.
That sounds like the authorization is an important part of the business rules and should be implemented in the domain layer. The fact that you have the need to enrich the domain events with user information is an indicator that the user should be part of the domain.
Without knowing the domain exactly I could imagine you have an invariant, something like: "A document can only be approved by the line manager of the author". You can not assert this invariant in the domain without the concept of users/roles.
answered Mar 9 at 14:43
Roman WeisRoman Weis
8315
answered Mar 9 at 14:43
Roman WeisRoman Weis
8315
answered Mar 9 at 14:43
Roman WeisRoman Weis
8315
answered Mar 9 at 14:43
Roman WeisRoman Weis
8315
8315
It's a good point, and one I've gone back and forth myself. I will most likely end up with some of it implemented in the domain layer, but I'm still working out how to fill in the gaps for the rest of my events that don't have explicit user requirements but I still want to keep the user audit trail as part of the event log. I'm liking the sound of plalx's suggestion with event metadata.
– ErpaDerp
Mar 11 at 16:54
You could definitly go with the metadata approach. It just sounds a bit like the good old CreatedBy, ModifiedBy fields that are from my experience usually more disturbing than helpful and definitely do not belong into domain model.
– Roman Weis
Mar 11 at 20:33
By not belonging to the domain model, are you also referring to the domain events? If you were trying to make all actions taken in a system auditable to each user, would you maybe keep that separate from the domain events, maybe some type of logging? Agree that the CreatedBy/ModifiedBy fields don't work so well on the domain entity itself, but I was thinking they do make a lot of sense on the events since.
– ErpaDerp
Mar 11 at 21:23
The "audit" requirement sounds more like an infrastructure concern without any domain specific logic. Domain events are an important part of the domain logic. So I guess you could enrich the domain events with audit info before storing them. But make sure that this audit info does not leak back into your domain.
– Roman Weis
Mar 11 at 22:17
add a comment |
It's a good point, and one I've gone back and forth myself. I will most likely end up with some of it implemented in the domain layer, but I'm still working out how to fill in the gaps for the rest of my events that don't have explicit user requirements but I still want to keep the user audit trail as part of the event log. I'm liking the sound of plalx's suggestion with event metadata.
– ErpaDerp
Mar 11 at 16:54
You could definitly go with the metadata approach. It just sounds a bit like the good old CreatedBy, ModifiedBy fields that are from my experience usually more disturbing than helpful and definitely do not belong into domain model.
– Roman Weis
Mar 11 at 20:33
By not belonging to the domain model, are you also referring to the domain events? If you were trying to make all actions taken in a system auditable to each user, would you maybe keep that separate from the domain events, maybe some type of logging? Agree that the CreatedBy/ModifiedBy fields don't work so well on the domain entity itself, but I was thinking they do make a lot of sense on the events since.
– ErpaDerp
Mar 11 at 21:23
The "audit" requirement sounds more like an infrastructure concern without any domain specific logic. Domain events are an important part of the domain logic. So I guess you could enrich the domain events with audit info before storing them. But make sure that this audit info does not leak back into your domain.
– Roman Weis
Mar 11 at 22:17
It's a good point, and one I've gone back and forth myself. I will most likely end up with some of it implemented in the domain layer, but I'm still working out how to fill in the gaps for the rest of my events that don't have explicit user requirements but I still want to keep the user audit trail as part of the event log. I'm liking the sound of plalx's suggestion with event metadata.
– ErpaDerp
Mar 11 at 16:54
It's a good point, and one I've gone back and forth myself. I will most likely end up with some of it implemented in the domain layer, but I'm still working out how to fill in the gaps for the rest of my events that don't have explicit user requirements but I still want to keep the user audit trail as part of the event log. I'm liking the sound of plalx's suggestion with event metadata.
– ErpaDerp
Mar 11 at 16:54
You could definitly go with the metadata approach. It just sounds a bit like the good old CreatedBy, ModifiedBy fields that are from my experience usually more disturbing than helpful and definitely do not belong into domain model.
– Roman Weis
Mar 11 at 20:33
You could definitly go with the metadata approach. It just sounds a bit like the good old CreatedBy, ModifiedBy fields that are from my experience usually more disturbing than helpful and definitely do not belong into domain model.
– Roman Weis
Mar 11 at 20:33
By not belonging to the domain model, are you also referring to the domain events? If you were trying to make all actions taken in a system auditable to each user, would you maybe keep that separate from the domain events, maybe some type of logging? Agree that the CreatedBy/ModifiedBy fields don't work so well on the domain entity itself, but I was thinking they do make a lot of sense on the events since.
– ErpaDerp
Mar 11 at 21:23
By not belonging to the domain model, are you also referring to the domain events? If you were trying to make all actions taken in a system auditable to each user, would you maybe keep that separate from the domain events, maybe some type of logging? Agree that the CreatedBy/ModifiedBy fields don't work so well on the domain entity itself, but I was thinking they do make a lot of sense on the events since.
– ErpaDerp
Mar 11 at 21:23
The "audit" requirement sounds more like an infrastructure concern without any domain specific logic. Domain events are an important part of the domain logic. So I guess you could enrich the domain events with audit info before storing them. But make sure that this audit info does not leak back into your domain.
– Roman Weis
Mar 11 at 22:17
The "audit" requirement sounds more like an infrastructure concern without any domain specific logic. Domain events are an important part of the domain logic. So I guess you could enrich the domain events with audit info before storing them. But make sure that this audit info does not leak back into your domain.
– Roman Weis
Mar 11 at 22:17
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f55072951%2fincluding-user-id-in-domain-events%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
