That is what they say; it’s the little things in life that make life worth living or something.
Obviously they have never had to debug code before.
I just raised a bug with cakephp that has had me confused for about a month now but it wasn’t a blocker. It became one and after almost two days of debugging and fishing for red herrings I finally uncovered the cause of my grief.
It turns out that it was a full-stop.
Let me explain the problem. The user would be successfully validated and then redirected to their home page. But would be logged out by the time they got there.
It turns out that when the session.cookie variable has a full-stop in it doesn’t retain the session information. The authentication part still works so as I was debugging it I was seeing code that works great. On the next request it was pretending like there was no session information. Tracing it back to the session.cookie configuration option took a while.
This isn’t a post about cakephp having bugs; most software has bugs and cakephp is generally good to work with.
This is about implicit dependencies in integration problems. The cakephp people may come back and say that this isn’t an issue and I should stop putting full-stops in my session cookie names… oh wait I haven’t even finished this article and they already have.
Let me tell another story; I was asked to test a service that was responsible for auditing. Other services would call this service to audit. I said there was not enough time to test it before the release and I was going on six weeks leave. They had business approval to go without auditing so that was the safe option.
I come back 6 weeks later and find auditing had gone to production without being tested.
Apparently without issue.
The first test I run finds that the consuming services are putting null in the source column so all audit records are being written and you can’t tell where they came from. Not a big issue as we only have 40 services. End sarcasm.
I raised the issue with the auditing service developer and he responded. “This isn’t a bug, it is the responsibility of a service to populate the source property”.
He is correct in one regard. But he is also wrong in another.
His service shouldn’t let the consuming services fail. They depend on the auditing service to let them know when they get it wrong.
A null source value is an invalid record as per the business and the auditing service should not allow invalid audit records to exist. Therefore bug.
A session cookie name with a fullstop is invalid as per cakephp code components and cakephp should not allow invalid session cookie names. Therefore to maintain the integrity of the system cakephp should ensure that it’s dependencies are correct.
|
Ryan Boucher is a Software Inquisitor and is passionate about it. You can find a whole raft of articles and anecdotes about software testing and other topics he gets excited about. |
| Tags |
2 Responses to “It’s the little things…”
On second look, I think there’s a few other things that could really be cleared up in the CakePHP API and/or documentation efforts:
- Model and controller names can’t start with numbers
- I’m still testing this, but it seems that you can’t use components inside of controller actions unless each line ends with a semi-colon.
- Full-stops in cookie names is really only the tip of the iceberg. Apparently it’s also required for string concatenation (something completely overlooked in the CakePHP docs)
- The files that perform the mod_rewrite pretty URLs *must* be prepended with full-stops as well. This is only tangentially mentioned.
I plan on speaking to the people in charge to get this solved as soon as possible.
Hi John,
I take it you’re the one in charge of documentation for CakePHP.
I do find your comment most hilarious especially because you don’t seem to understand the purpose of an abstraction in software design. Your colleagues were able to explain the design philosophy of CakePHP as you can see at the end of the ticket linked in the original post where Predominant explains that the CakePHP framework isn’t going to abstract PHP fully.
CakePHP does abstract some aspects of PHP. It also abstracts away a relational database management system (several supported implementations) using an object relational mapping. So you can see that CakePHP does do abstraction in some places but not all places and it turns what I had expected to be abstracted, session management, wasn’t.
This post isn’t an attack on CakePHP because an abstraction leaked back to the consumer. It was a post about how leaky abstractions are realised as implicit dependencies and make finding the root cause of a defect incredibly hard. I used two examples one using CakePHP that was fresh in the mind and one from a past experience testing services.