Home : Documentation : Part III. For ACS Developers : 4. ACS Developer's Guide : 2. ACS 4 Data Models and the Object System 

2. ACS 4 Data Models and the Object System

Table of Contents

2.1. Overview
2.2. How to Use Objects
2.3. When to Use Objects
2.4. Design Guidance
2.5. Summary

By Pete Su

2.1. Overview

Developing data models in ACS 4 is much like developing data models for ACS 3, save for the implementation. As usual, you need to examine how to model the information that the application must store and manipulate, and define a suitable set of SQL tables. In our Notes application, we have to be able to keep track of who entered a particular note, when they did it, and the actual text of the notes that users have entered. A simple data model might look like this:

create table notes (
    note_id integer primary key,
    owner_id integer references users(user_id),
    creation_user references(user_id) not null,
    creation_date date not null,
    last_modified date not null,
    title varchar(255) not null,
    body varchar(1024)
)

We've omitted constraint names for the purpose of clarity.

Thinking further ahead, we can imagine doing any of the following things with Notes as well:

  • Define access control policies on notes.

  • Attach user comments on notes.

  • Allows users to define custom fields to store on their notes.

  • Automatically generate input forms or output displays for notes.

  • Allow other applications to use notes in ways we don't know of yet.

In ACS 4, the key to enabling these types of services on your application data is to take advantage of the Object System. The first question anyone asks is usually "Just what are objects, and what do you use them for anyway?". The short answer: objects are anything represented in the application's data model that will need to be managed by any central service in ACS 4, or that may be reusable in the context of future applications. Every object in the system is represented using a row in the acs_objects table. This table defines all the standard attributes that are stored on every object, including its system-wide unique ID, object type, and some generic auditing columns.

To make use of the object system, you as the application developer have to write your data model in a way that is slightly more complex than before. What you get for this extra work includes:

  • The Permissions System lets you track who is allowed to do what to the rows in an application table, and gives you an easy way to enforce this from Tcl.

  • Every object has an attribute called context_id that provides a way to trivially specify both the default permissions for an object, and the intended "scope" of an object. Just set the context_id to the controlling object and forget about it.

  • And most importantly, any future object-level service - from a general-comments replacement to personalized ranking - will become available to your application "for free."

2.2. How to Use Objects

Using ACS objects is straightforward: all that's required are a few extra steps in the design of your application data model.

For our example Notes application, to hook into the object system we make some calls to use our notes table as the basis for a new object type. Object types are analogous to classes in programming languages such as C++ and Java. For example, in Java a class defines a set of attributes that store data and a set of methods that run code. In ACS 4, we use one or more Oracle tables to store the data attributes, and we define a PL/SQL package to hold procedures to define the programming interface to the data model.

The object type itself is described using data in the acs_object_types and acs_attributes tables, which plays a role similar to the data dictionary in Oracle. As in Java, object types can inherit attributes from a parent type, so the type system forms a hierarchy. Unlike Java, Oracle does not support this inheritance transparently, so we have to make sure we add our own bookkeeping code to keep everything consistent. Given all of this, below you'll find the code needed to describe a new object type called notes in your system.

Fire up your text editor and open the ROOT/packages/notes/sql/notes-create.sql file created during the earlier created the package. Then, do the following:

2.2.1. Describe the new type to the type system

First, add an entry to the acs_object_types table with the following PL/SQL call:

begin  
  acs_object_type.create_type ( 
    supertype     => 'acs_object', 
    object_type   => 'note', 
    pretty_name   => 'Note', 
    pretty_plural => 'Notes', 
    table_name    => 'NOTES', 
    id_column     => 'NOTE_ID' 
  ); 
end;
/
show errors;

This PL/SQL call tells the system that we would like to use the table NOTES as the basis for a new object type called note. This type is a subtype of the acs_object type, which means that we want to inherit all of the basic attributes of all ACS objects. As mentioned, it will take some work on our part to make this happen, since Oracle can't do it automatically. In general, most basic applications will define types that are simple subtypes of acs_object.

Now add entries to the acs_attributes table to describe the data attributes of the new type. This data can eventually be used to do things like automatically generate user interfaces to manipulate the notes table, though that functionality isn't yet available.

declare 
 attr_id acs_attributes.attribute_id%TYPE; 
begin
  attr_id := acs_attribute.create_attribute ( 
    object_type    => 'note', 
    attribute_name => 'TITLE', 
    pretty_name    => 'Title', 
    pretty_plural  => 'Titles', 
    datatype       => 'string' 
  ); 
 
  attr_id := acs_attribute.create_attribute ( 
    object_type    => 'note', 
    attribute_name => 'BODY', 
    pretty_name    => 'Body', 
    pretty_plural  => 'Bodies', 
    datatype       => 'string' 
  ); 
end; 
/ 
show errors; 

We can stop here and not bother to register the usual ACS 3.x attributes of creation_user, creation_date and last_modified, since the object type acs_object already defines these attributes. Again, because the new type note is a subtype of acs_object, it will inherit these attributes, so there is no need for us to define them.

2.2.2. Define a table in which to store your objects

The next thing we do is make a small modification to the data model to reflect the fact that each row in the notes table represents something that is not only an object of type note, but also an acs_object. The new table definition looks like this:

create table notes (
    note_id integer references acs_objects(object_id) primary key,
    owner_id integer references users(user_id),
    title varchar(255) not null,
    body varchar(1024)
)

Again, the usual creation_date and modified_date columns are absent since they already exist in acs_objects. Also, note the constraint we have added to reference the acs_objects table, which makes clear that since note is a subtype of acs_object, every row in the notes table must have a corresponding row in the acs_objects table. This is the fundamental means by which we model inheritance; it guarantees that any services developed that use the acs_objects table to find objects will transparently find any objects that are instances of any subtype of acs_objects.

2.2.3. Define a package for type specific procedures

The next step is to define a PL/SQL package for your new type, and write some basic procedures to create and delete objects. Here is a package definition for our new type:

create or replace package note 
as 
  function new ( 
    note_id             in notes.note_id%TYPE default null, 
    owner_id            in notes.owner_id%TYPE default null, 
    title               in notes.title%TYPE, 
    body                in notes.body%TYPE, 
    object_type         in acs_object_types.object_type%TYPE default 'note', 
    creation_date       in acs_objects.creation_date%TYPE 
                           default sysdate, 
    creation_user       in acs_objects.creation_user%TYPE 
                           default null, 
    creation_ip         in acs_objects.creation_ip%TYPE default null, 
    context_id          in acs_objects.context_id%TYPE default null 
  ) return notes.note_id%TYPE; 
 
  procedure delete ( 
    note_id      in notes.note_id%TYPE 
  ); 
end note; 
/ 
show errors 

You might be wondering what all the extra parameters are to these calls, since we haven't mentioned them before. These parameters are needed to fill out information that will be stored about the object that's not stored directly in the table you defined. The ACS 4 Object System defines these attributes on the type acs_object since all objects should have these attributes. Internally, there are tables that store this information for you. Most of the data is pretty self-explanatory and reflects attributes that existed in the earlier ACS 3.x data models, with the exception of the context_id attribute.

The context_id attribute stores the ID of an object that represents the default security domain to which the object belongs. It is used by the permissions system in this way: if no permissions are explicitly attached to the object, then the object inherits its permissions from the context. For example, if I had told you how to use the permissions system to specify that an object OBJ was "read only", then any other object that used OBJ as its context would also be "read only" by default. We'll talk about this more later.

2.2.4. Define a package body for type specific procedures

The PL/SQL package body contains the implementations of the procedures defined above. The only subtle thing going on here is that we must use acs_object.new to insert a row into acs_objects, before inserting a row into the notes. Similarly, when we delete a row from note, we have to be sure to delete the corresponding acs_object row.

create or replace package body note 
as 
 
  function new ( 
    note_id             in notes.note_id%TYPE default null, 
    owner_id            in notes.owner_id%TYPE default null, 
    title               in notes.title%TYPE, 
    body                in notes.body%TYPE, 
    object_type         in acs_object_types.object_type%TYPE default 'note', 
    creation_date       in acs_objects.creation_date%TYPE 
                           default sysdate, 
    creation_user       in acs_objects.creation_user%TYPE 
                           default null, 
    creation_ip         in acs_objects.creation_ip%TYPE default null, 
    context_id          in acs_objects.context_id%TYPE default null 
  ) return notes.note_id%TYPE 
  is 
    v_note_id integer; 
  begin 
    v_note_id := acs_object.new ( 
      object_id     => note_id, 
      object_type   => object_type, 
      creation_date => creation_date, 
      creation_user => creation_user, 
      creation_ip   => creation_ip, 
      context_id    => context_id 
    ); 
    
    insert into notes 
     (note_id, owner_id, title, body) 
    values 
     (v_note_id, owner_id, title, body); 
 
     return v_note_id; 
  end new; 
  
  procedure delete ( 
    note_id      in notes.note_id%TYPE 
  ) 
  is 
  begin 
    delete from notes 
    where note_id = note.delete.note_id; 
 
    acs_object.delete(note_id); 
  end delete; 
 
end note; 
/ 
show errors; 

That's pretty much it! As long as you use the note.new function to create notes, and the note.delete function to delete them, you'll be assured that the relationship each note has with its corresponding acs_object is preserved.

The last thing to do is to make a file ROOT/packages/notes/sql/notes-drop.sql so it's easy to drop the data model when, say, you're testing:

begin 
  acs_object_type.drop_type ('note'); 
end; 
/ 
show errors 
 
drop package note; 
drop table notes; 

2.3. When to Use Objects

While it is generally hard to give general design advice without knowing anything about a particular application, you should follow the following rule of thumb when deciding when to hook part of your data model to the object system:

Anything in your data model that needs to be available to general ACS services such as user comments, permissions, and so on should be a subtype of acs_object. In addition, if you want your data model to take advantage of attributes that exist in some object type that is a subtype of acs_object, then you should use the object system.

For example, for most applications, you will want to use objects to represent the data in your application that is user visible and thus requires access control. But other internal tables, views, mapping tables and so on probably don't need to be objects. As before, this kind of design decision is mostly made on an application-by-application basis, but this is a good baseline from which to start.

2.4. Design Guidance

In this section we cover some overall guidelines for designing data models that are meant to be integrated with the ACS object system.

There are two basic rules you should follow when designing ACS 4 data models:

  1. Never utilize fields in the acs_objects table in application specific ways. That is, never assign any application-specific semantics to this data. In the notes application, we use the creation_date and last_modified fields, but this is OK since we do not assign any application-specific meaning to these fields.

  2. In particular, never assign any application specific semantics to the context_id attribute of an object. This field is used for a very specific purpose by the permissions system, and using this field in any other way whatsoever is guaranteed to make your application act strangely.

    As we'll see later, the Notes example will point each note object's context_id to the package instance in which the note was created. The idea will be that in a real site, the administrator would create one package instance for every separate set of Notes (say, one per user). The instance would "own" all of the notes that it created, and the administrator would be able to use the package instance as the basis for access control, which is convenient.

The reason behind these two rules is pretty straightforward: First, the ACS Object system itself is meant to be a generic and reusable tool for any application to use for basic services. Second, in order for this to work, the various parts of the ACS Objects data model must be interpreted in the same way by all applications that use the data model. Therefore, assigning any application-specific semantics to any part of the core data model is a bad thing to do, because then the semantics of the data model are no longer independent of the application. This would make it impossible to build the generic tools that the data model is trying to support.

Another less important reason for these two rules is to not introduce any joins against the acs_objects table in SQL queries in your application that you do not absolutely need.

In the Notes example, the result of applying these rules is that we are careful to define our own attribute for owner_id rather than overloading creation_user from the objects table. But, since we will probably use creation_date and so on for their intended purposes, we don't bother to define our own attributes to store that data again. This will entail joins with acs_objects but that's OK because it makes the overall data model cleaner. The real lesson is that deciding exactly how and when to use inherited attributes is fairly straightforward, but requires a good amount of thought at design time even for simple applications.

2.5. Summary

Hooking into the ACS 4 object system brings the application developer numerous benefits, and doing it involves only four easy steps:

  • Describe the a new object type to the system. Most new application types will be subtypes of the built-in type acs_object.

  • Define a table to store application object data.

  • Define a PL/SQL package to store procedures related to the new type. You have to define at least a function called new to create new application objects and a procedure called delete to delete them.

  • Define a package body that contains the implementations of the PL/SQL procedures defined above.

  • Try not to write queries in your application that join against acs_objects. This means you should never use the fields in acs_objects for application-specific purposes. This is especially true for the context_id field.

($Id: objects.html,v 1.1 2001/03/13 22:59:26 ben Exp $)