Versions Compared

Old Version 6

changes.mady.by.user Stephen Fuqua

Saved on

compared with

New Version 7

changes.mady.by.user Stephen Fuqua

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Gliffy
imageAttachmentIdatt105414657
macroIdbd95cf57-61a6-4fd3-b72f-037c0c6d375d
baseUrlhttps://edfi.atlassian.net/wiki
name1
diagramAttachmentIdatt104792069
containerId82280450
timestamp17157036834601715709069713

Design Patterns

Direct Database Access

Gliffy
imageAttachmentIdatt104923154
macroIde0532385-a421-449d-8dd1-5ee4bb881384
baseUrlhttps://edfi.atlassian.net/wiki
name2
diagramAttachmentIdatt104267783
containerId82280450
timestamp1715704210164

...

1715709049088

How it works

...

(either GraphQL or REST)

Backend-for-Frontend

...

A dedicated backend application interacts directly with the Ed-FI database, bypassing the Ed-Fi API.

If there is a user interface (UI), then it interfaces with that backend. In that case, the backend is likely an example of a Backend-for-Frontend (BFF). The BFF could be implementing either a REST or GraphQL interface.

When to use

The Ed-Fi Alliance strongly discourages this pattern for the following reasons:

  1. It bypasses the authorization security in the Ed-Fi API, potentially affecting both read and write operations.

  2. This approach may put too much strain on the primary data storage, causing resource contention for other Ed-Fi client applications that are using the Ed-Fi API.

  3. The Ed-Fi database is not a standard. Thus, different implementations or even different versions of the same implementation could have unstated breaking changes at the database layer. For example, the Ed-Fi ODS/API Platform and the Ed-Fi Data Management Service (unreleased at the time of writing) have very different backend database structures. An integration built on the ODS/API’s EdFi_ODS database would not be compatible with the Data Management Service’s database.

Implementation Notes

Although no longer considered advisable, the performance benefits make this a tempting option, and indeed many applications have been built on this model in the past. In such cases, it is advisable to limit the direct database interaction to read operations only, and to run from a read-only database copy. The copy could be a snapshot or replica. Using a read-only copy mitigates the resource contention concern on the primary database. Limiting to read operations eliminates half of the authorization security concern.

Also see Row-Level Authorization below.

Backend-for-Frontend

Gliffy
macroIdc62ffbe5-1690-4616-b9bb-05c2a5186de9

How it works

When to use

There is only a single front-end application that needs access to the Ed-Fi resources.How it works:

Implementation Notes

Also see Row-Level Authorization below.

Central Aggregating Gateway

Gliffy
macroIdfa7c27ec-3580-41c6-a811-9b319f95313e

How it works

When to use

...

There are multiple front-end applications with different use cases.How it works: .

Implementation Notes

Also see Row-Level Authorization below.

Row-Level Authorization
Anchor
auth
auth

...

Define the problem:

  • Course-grained access to fine-grained resources (“chattiness”)

    • Network latency

  • Getting rid of composites

  • Alternate security protocols

...