Survey
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project
Relational algebra wikipedia , lookup
Tandem Computers wikipedia , lookup
Microsoft Access wikipedia , lookup
Oracle Database wikipedia , lookup
Database model wikipedia , lookup
Microsoft Jet Database Engine wikipedia , lookup
Clusterpoint wikipedia , lookup
Relational model wikipedia , lookup
Open Database Connectivity wikipedia , lookup
Theory, Practice & Methodology of Relational Database Design and Programming Copyright © Ellis Cohen 2002-2008 Implementing The Middle Tier These slides are licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. For more information on how you may use them, please see http://www.openlineconsult.com/db 1 Overview of Lecture GUI-Based User Interfaces Command-Based User Interfaces Client vs Server-Side Execution Middle-Tier Data & Cross-Tier Communication © Ellis Cohen 2001-2008 2 GUI-Based User Interfaces © Ellis Cohen 2001-2008 3 Graphical User Interfaces Ordinarily, users invoke user operations through a (web-based) user interface, by – filling in fields, – making choices (e.g. checkboxes & radio buttons), and – invoking actions (e.g. from pushbuttons or menu items). The fields and choices are passed as parameters to code in the middle-tier © Ellis Cohen 2001-2008 4 Login Operation Login :userid :passwd LOGIN IF error, return Login Error Page ELSE build & return Home Page & remember :userid & aRole SELECT role INTO aRole FROM KnownUsers WHERE userid = :userid AND pwd = :passwd Assuming database is responsible for user authentication – e.g. via table KnownUsers :curuser :currole Presentation Tier Middle Tier © Ellis Cohen 2001-2008 Data Tier 5 Using Session Variables User Operation name & parameters ShowSals IMPORTANT: This is the format we use to depict user operations defined in the middle-tier SELECT empno, ename, sal FROM Emps WHERE empno = :curuser OR mgr = :curuser User Operation code Once a session variable has been set, it can be used in subsequent operations. What does the User Query operation ShowSals do? © Ellis Cohen 2001-2008 6 ShowSals ShowSals SELECT empno, ename, sal FROM Emps WHERE empno = :curuser OR mgr = :curuser Shows employee #, name & salary of the current user , and of all employees the current user directly manages! For a web-based interface, the result set would actually be used to build the resulting HTML page, probably by using a query-based FOR LOOP © Ellis Cohen 2001-2008 7 DestroyDept Operation DestroyDept :deptno :reldept Destroy Presentation Tier Destroys dept :deptno If :reldept is NULL, delete all the employees in that department, else, move all the employees in that dept to department :reldept Middle Tier © Ellis Cohen 2001-2008 Data Tier 8 DestroyDept Implementation DestroyDept( :deptno, :reldept ) Destroys dept :deptno If :reldept is NULL, delete all the employees in that department, else, move all the employees in that dept to department :reldept BEGIN IF :reldept IS NULL THEN -- delete all the employees in dept :deptno DELETE FROM Emps WHERE deptno = :deptno; ELSE -- move the employees in dept :deptno to dept :reldept UPDATE Emps SET deptno = :reldept WHERE deptno = :deptno; END IF; -- delete dept :deptno DELETE FROM Depts WHERE deptno = :deptno; END; For a web-based interface, an acknowledgement page or some other useful page would then be returned (if there were no error) © Ellis Cohen 2001-2008 9 Command-Based User Interfaces © Ellis Cohen 2001-2008 10 Web-Based 3-Tier Architecture Handles overall DB mgt, formatting & page navigation DB Application A P I Database Server User Web or Application Server Web Browser Implements User Operations Implements DB Operations Middle Tier Data Tier Presentation Tier (DB) Client-Side © Ellis Cohen 2001-2008 (DB) Server-Side 11 Command-Based 3-Tier Architecture Implement using PL/SQL DB Application A P I Database Server User Terminal Interface Command Interpreter Use SQL*Plus as the Command Interpreter © Ellis Cohen 2001-2008 12 DestroyDept Implementation DestroyDept( :deptno, :reldept ) Destroys dept :deptno If :reldept is NULL, delete all the employees in that department, else, move all the employees in that dept to department :reldept BEGIN IF :reldept IS NULL THEN DELETE FROM Emps WHERE deptno = :deptno; ELSE UPDATE Emps SET deptno = :reldept WHERE deptno = :deptno; END IF; DELETE FROM Depts WHERE deptno = :deptno; pl( 'Department Destroyed' ); END; / This is for a command-driven interface. A real web-based interface would show an acknowledgement page or some other useful page © Ellis Cohen 2001-2008 13 SQL*Plus User Operations SQL*Plus does not have a way of defining user operations. However, we can put each user operation into a separate script file – To invoke the operation, just run the corresponding script file – Use script file parameters to provide operation parameters © Ellis Cohen 2001-2008 14 Using Script File Parameters User Action: DestroyDept &1 – :deptno &2 – :reldept Script files can instead use command line parameters referred to as &num SQL> -- delete dept 20 and its employees SQL> @path/DestroyDept 20 NULL Destroys dept :deptno If :reldept is NULL, delete all the employees in that department, else, move all the employees in that dept to department :reldept The contents of DestroyDept.sql BEGIN IF &2 IS NULL THEN DELETE FROM Emps WHERE deptno = &1; ELSE UPDATE Emps SET deptno = &2 WHERE deptno = &1; END IF; DELETE FROM Depts WHERE deptno = &1; pl( 'Department Destroyed' ); END; / © Ellis Cohen 2001-2008 15 Renaming Script File Parameters DestroyDept &1 – :deptno &2 – :reldept DECLARE aDeptno int := &1; reldept int := &2; BEGIN IF reldept IS NULL THEN DELETE FROM Emps WHERE deptno = aDeptno; ELSE UPDATE Emps SET deptno = aDeptno WHERE deptno = reldept; END IF; DELETE FROM Depts WHERE deptno = aDeptno; pl( 'Department Destroyed' ); END; / © Ellis Cohen 2001-2008 16 Client vs Server-Side Execution © Ellis Cohen 2001-2008 17 SQL*Plus and PL/SQL Begins PL/SQL block SQL> BEGIN insert into project( pno, pname, pmgr ) values ( …, …, … ); insert into project( pno, pname, pmgr ) values ( …, …, … ); … insert into project( pno, pname, pmgr ) values ( …, …, … ); END; SQL*Plus knows how to parse pure SQL, but / not PL/SQL, so it doesn't know when a PL/SQL block actually ends. Use / to tell it. © Ellis Cohen 2001-2008 18 Client-Side Processing If the block is executed on the client, then each INSERT command is separately encountered, and sent as a separate request to the DB server. Command Interpreter Client-Side PL/SQL Engine DB Client-side (Oracle) Database Server DB Server-side © Ellis Cohen 2001-2008 19 Server- vs Client-Side Processing If SQL*Plus were configured for client-side processing: – it would pass anonymous PL/SQL blocks to a client-side PL/SQL engine If SQL*Plus were configured for server-side processing (as the default SQL*Plus application is) – it passes anonymous PL/SQL blocks to the database server, which passes the block to its internal server-side PL/SQL engine © Ellis Cohen 2001-2008 20 Server-Side Processing In server-side processing, the entire block is shipped once to the DB server, which executes it in its embedded PL/SQL engine PL/SQL Engine Ship down PL/SQL block of code Command Interpreter DB Client-side Oracle Database Server Core SQL Database Engine DB Server-side © Ellis Cohen 2001-2008 21 Server-Side Output Execution of dbms_output.put_line( 'Hello' ) PL/SQL Engine Client-side Program Oracle Database Server Core SQL Database Engine Strings passed to dbms_output.put_line are shipped to the client-side program through a separate channel. If the client-side program is SQL*Plus, it will display the output if the SQL*Plus variable serveroutput is set. © Ellis Cohen 2001-2008 22 Middle-Tier Data & Cross-Tier Communication © Ellis Cohen 2001-2008 23 Middle-Tier Data A variety of middle-tier data is typically available, which can be used in executing user operations: • Named middle-tier constants • Parameters passed to user operations • Session data maintained by the middle-tier © Ellis Cohen 2001-2008 24 SQL*Plus Constants SQL> define myDeptno = 10 SQL> -- defines a SQL*Plus constant SQL> SELECT ename FROM Emps WHERE deptno = &myDeptno; SQL> Use of a BEGIN constant FOR rec IN ( SELECT ename FROM Emps WHERE deptno = &myDeptno) LOOP pl( rec.ename ); END LOOP; SQL*Plus replaces uses of END; named constants by their / values before passing anything to the server © Ellis Cohen 2001-2008 25 SQL*Plus Constant Substitution SQL> DEFINE myDeptno = 10 SQL> -- defines a SQL*Plus constant SQL> SELECT ename FROM Emps WHERE deptno = &myDeptno; Automatically converted by SQL*Plus before passing it to the server SQL> SELECT ename FROM Emps WHERE deptno = 10; The same is true of script parameters, e.g. &1, &2, etc. © Ellis Cohen 2001-2008 26 SQL*Plus Session Variables SQL> VARIABLE myDeptno number SQL> -- defines a SQL*Plus variable SQL> SELECT ename FROM Emps WHERE deptno = :myDeptno; SQL> BEGIN FOR rec IN ( SELECT ename FROM Emps WHERE deptno = :myDeptno) LOOP pl( rec.ename ); END LOOP; END; / SQL> EXECUTE :myDeptno := 10; © Ellis Cohen 2001-2008 This is how client-side session variables are defined! Session variables used in code passed to the DB server are called bind variables Setting a session variable to a value 27 Passing Bind Variables SELECT ename FROM Emps WHERE deptno = :myDeptno myDeptno 10 When SQL*Plus parses the command, it ships the name & value of myDeptno to the server along with the request Client-side Program DB Client-side SELECT ename FROM Emps WHERE deptno = :myDeptno myDeptno 10 The DB server can access bind variables PL/SQL Engine Oracle Database Server Core SQL Database Engine DB Server-side © Ellis Cohen 2001-2008 28 Returning Bind Variables myDeptno NULL EXECUTE :myDeptno := 10 myDeptno 10 myDeptno NULL BEGIN :myDeptno := 10; END; myDeptno 10 PL/SQL Engine After executing a command or anonymous block, the values of any bind variables passed to the server are returned to the client Client-side Program DB Client-side Oracle Database Server Core SQL Database Engine DB Server-side © Ellis Cohen 2001-2008 29 Setting Session Variables Login( :userid, :passwd ) Checks if the provided user id and password identify an authorized user If so, set :curuser to the user id, and set :currole to the user's role Below are the definitions of :curuser and :currole SQL> VARIABLE curuser number -- assumes userid is a number -- instead use VARIABLE curuser varchar2(40) -- if your userid was a 40 char max string SQL> VARIABLE currole char -- assumes current role is represented by a single character © Ellis Cohen 2001-2008 30 Defining Login User operation name & parameters Login( :userid, :passwd ) BEGIN SELECT userid, role INTO :curuser, :currole FROM KnownUsers WHERE userid = :userid AND pwd = :passwd; pl( 'User logged in with role ' || :currole ); EXCEPTION WHEN OTHERS THEN RAISE_APPLICATION_ERROR( …, ' Illegal Userid or Password' ); END; © Ellis Cohen 2001-2008 31 Setting Session Variables curuser currole NULL NULL BEGIN login code END curuser currole 7782 C . curuser currole NULL NULL BEGIN … END; curuser currole 7782 C . PL/SQL Engine Client-side Program Oracle Database Server © Ellis Cohen 2001-2008 Core SQL Database Engine 32 Script-Based Login Implementation Login( :userid, :passwd ) &1 – :userid &2 – :passwd BEGIN SELECT userid, role INTO :curuser, currole FROM KnownUsers WHERE userid = &1 AND pwd = '&2'; pl( 'User logged in with role ' || :currole ); EXCEPTION WHEN OTHERS THEN RAISE_APPLICATION_ERROR( …, ' Illegal Userid or Password' ); END; © Ellis Cohen 2001-2008 33 Clearer Script-Based Login Implementation Login( :userid, :passwd ) &1 – :userid &2 – :passwd DECLARE aUserid number := &1; passwd varchar(40) := '&2'; BEGIN SELECT userid, role INTO :curuser, :currole FROM KnownUsers WHERE userid = aUserid AND pwd = passwd; pl( 'User logged in with role ' || :currole ); EXCEPTION WHEN OTHERS THEN RAISE_APPLICATION_ERROR( …, ' Illegal Userid or Password' ); END; © Ellis Cohen 2001-2008 34 Middle-Tier User Authentication App User 1) User provides 7782 as their userid 7782 Web Browser Middle-Tier :curuser 7782 2) Application authenticates the user logging in as 7782 when the user does a Login © Ellis Cohen 2001-2008 EmpDB 3) Database authenticates the application connecting as EmpDB The application can then access all of EmpDB's objects 35