Wednesday, April 1, 2009

ORM for DBAs

I gave a presentation today:
Title ORM 101: Object Relational Mappers for Database Administrators
Sub-title Why Should I Be Afraid?
Audience Professional Association of SQL Server (PASS) members
Attendees About 18
Date/Time Wednesday 1 April @ 12pm EST
Thursday 2 April @ 5AM NZT
Slides Introduction to ORM for DBA

Newbie mistake: I ran out of material!  However, I was able to fill in with “Why get Microsoft Certified?” until the questions started flowing.

The questions were right on the ball, and added to the body of this presentation.  Specifically:

  1. What does the generated code look like? 
    • This sparked a reminder that I was meant to show an example of partial classes.  However, I couldn’t get the new method in the partial class to work! 
    • I realise now that the reason why was because I forgot about the NameSpace of the generated code.
  2. How does the dynamic SQL avoid injection attack? 
    • The answer, “via parameters” I was able to show by opening the code.
  3. Can you have different permissions/applications using the same DAL? 
    • I talked about an example solution I’m working on that has multiple Web Applications working from the same Database via the same Data Access Layer.
  4. How does it work?
    • “Duh, I dunno.”  I’m a lazy programmer.  If it works, it just works.
  5. Can you connect to more than one database at a time?
    • Great question.  This sparked an explanation of the SubSonic providers and the way that they put each of their objects into separate folders.
    • This further sparked an explanation of some of SubSonic’s provider options, where:
      • Pluralization can be preserved or eliminated;
      • Prefixes can be preserved or removed.
Further Comments

I was persuaded to put in an April Fool’s Day joke.  I did this by passing on a bogus Microsoft Announcement (attributed to Greg Low) that Azure was replacing SQL Server for the retail market.  Apparently, according to Mike the convenor, I was sufficiently convincing until I put up the “April Fool” slide.  Boy, it’s tough talking to a wall of silence!

I discovered SubSonic 2.1 is LINQ-like, but not actual LINQ.  SubSonic 3.0 is LINQ.

I made the decision not to bore the DBA audience with the creation of the presentation layer, and to concentrate on the flow of data through the layers instead.  However, I had the time, so need to think that through better next time.

The subtitle was decided because DBA’s traditionally hate Dynamic SQL for 2 reasons:

  • SQL Injection Attack – alleviated by use of parameters
  • Store Procedure Superior Compiled Performance – is a myth

The convenor did not read my bio (as I expected) so I was forced to introduce myself.  I able to speak with confidence from my credentialing (as at this time) as:

  • Microsoft Certified Professional Developer: Web Developer
  • Microsoft Certified IT Professional: Database Developer
  • Microsoft Certified Trainer
  • Microsoft Certified Solution Developer .NET

No comments:

Post a Comment