Step 1. To make something useful work

Consider the simplest system running on a single server. An instance of the platform (program) is running there.

Case: A domain administrator executes an API method to create an account for another user.
ws dc

Web server (role WS) is an application of the "Incoplax" platform that opens the HTTP port on the server to serve APIs, and processes API requests received there. HTTP request is received - processed, response is sent, connection is closed. The basic data format in all API – JSON.

The main volume of useful actions WS performs only after authorization (quality attribute "security"). Authorization can be performed by a separate API-request, creating a session on Cookie-files, or authorization parameters are specified in each API-request to the system - login and password. The system must know about the existence of this user in advance. It knows about it through the user account entity (user), which is contained in one of the domains. Thus, the user must specify his domain, login and password to execute the API.

A domain administrator is a special user whose account is assigned a role that allows them to fulfill requests to manage domain entities, such as viewing, creating, deleting, modifying (CRUD) accounts of other domain users.

seq ws dc simple

or in more detail

seq ws dc

So, uh,

  1. The domain administrator makes an HTTP request to the server with the installed system on the HTTP port opened by the web server. Realizes it to the account management page (/api/crud/v1/user/create). In the API request, it specifies the domain, login, password, and other parameters of a particular API method (in the above example it is data).

  2. WS checks if the specified account exists in the domain by querying the domain center (role DC).

  3. If the account has a role that allows to perform domain entity management requests, WS authorizes the request and passes it to the domain center for execution. Otherwise, an error response to the API request.

  4. The Domain Center checks if the request parameters are correct and performs CRUD operation of creating a user account in the administrator domain. If the parameters are incorrect, an error response to the API request (contains the reason). Then

    1. stores the account in its RAM,

    2. runs a query to add a user to the users table in the database of this domain connected to the domain center.

    3. records in the table of the same database history of changes the fact of the operation performed with mentioning all [modified] fields.

Child domains are created in a similar manner. The complicating difference, which is important at this stage, is that creating a domain involves creating a new database in DomainDB. Consequently, the query takes longer to complete and has more error options.

Table 1. Terms used
term Determination

WS

!

DC

!

Domain Database (DomainDB)

!

Role of access (Role)

!

User

!

CRUD

!

domain database

!

domain entities

!

change history table

!

user table

!
Repetition questions

  1. Which role serves web-api requests?

  2. What are some authorization methods for making requests?

  3. What data do I need to provide for authorization?

  4. What access role must a user have in order to create a new user account?

  5. What role does the account creation operation fulfill?

  • Personalization
  • Increase font size
  • Decrease font size