Instant Microservices: Rules for Logic and Security
See how to build a complete database system with one command: a multi-page web app and a multi-page API. Customize with rules and Python.
Join the DZone community and get the full member experience.Join For Free
In this article, see how to build a complete database system, in minutes instead of weeks or months:
- An API, and, we'll add UI and logic to make it a microservice
- Logic and security: Multi-table constraints and derivations, and role-based security
- An Admin app: And finally, a multi-page, multi-table web app
We'll use API Logic Server (open source), providing:
The entire process takes 10 minutes, instead of several weeks using traditional development.
You can use this article in several ways:
- Conceptual overview: The main article focuses on the concepts and basic process. Operational details are moved to the Appendix to retain focus.
- Self-demo: Install and create this system yourself.
- Self-demo with video: You can also use this video (it's the same system, but the database is created with ChatGPT).
1. Automation: Instant Project
This project was created with a command like:
$ ApiLogicServer create --project_name=basic_demo --db_url=basic_demo
db_url value is an abbreviation. For your own databases, you would supply a SQLAlchemy URI.
This creates a project by reading your schema. The database is Customer, Orders, Items, and Product, as shown in the Appendix.
You can open it with VSCode, and run it as follows:
- Create a virtual environment: As shown in the Appendix
- Start the server: F5 (also described in the Appendix)
- Start the Admin App: Either use the links provided in the IDE console or click http://localhost:5656/. The screen shown below should appear in your Browser.
The sections below explore the system that has been created (which would be similar for your own database).
API With Swagger
The system creates an API with endpoints for each table, with filtering, sorting, pagination, optimistic locking, and related data access - self-serve, ready for custom app dev.
It also creates an Admin App: multi-page, multi-table- ready for business user agile collaboration, and back office data maintenance. This complements custom UIs created with the API.
You can click Customer 2, and see their Orders, and Items.
2. Customize in Your IDE
While API/UI automation is a great start, it's critical to enforce logic and security. Here's how.
apply_customizations process simulates adding security to your project, and using your IDE to declare logic and security in
security/declare_security.py. Declared security and logic are shown in the screenshots below.
To apply customizations, in a terminal window for your project:
- Stop the server (red stop button, or Shift-F5 - see Appendix)
- Apply Customizations
# mac, linux sh apply_customizations.sh #windows ./apply_customizations.ps1
apply_customizations process above has simulated the
ApiLogicServer add-authcommand, and using your IDE to declare security in
To see security in action:
- Start the server F5
- Start the Admin app: http://localhost:5656/
- Login as
- Click Customers
- The admin app now shows fewer customers
- The screenshot below illustrates the security declaration and operation:
- The declarative
Grantsin the upper code panel, and
- The logging in the lower panel, to assist in debugging by showing which
+ Grant:) are applied:
- The declarative
Logic (multi-table derivations and constraints) is a significant portion of a system, typically nearly half. API Logic server provides spreadsheet-like rules that dramatically simplify and accelerate logic development.
Rules are declared in Python and simplified with IDE code completion. The screen below shows the 5 rules for Check Credit Logic.
apply_customizations process above has simulated the process of using your IDE to declare logic in
To see the logic in action:
- In the admin app, Logout (upper right), and log in as admin, p.
- Use the admin app to add an Order and Item for
Customer 1(see Appendix).
Observe the rules firing in the console log, as shown in the next screenshot.
Logic provides significant improvements over procedural logic, as described below.
A. Complexity Scaling
The screenshot below shows our logic declarations and the logging for inserting an
Item. Each line represents a rule firing and shows the complete state of the row.
Note that it's a
Multi-Table Transaction, as indicated by the indentation. This is because - like a spreadsheet - rules automatically chain, including across tables.
B. 40X More Concise
The 5 spreadsheet-like rules represent the same logic as 200 lines of code, shown here. That's a remarkable 40X decrease in the backend half of the system.
C. Automatic Re-Use
The logic above, perhaps conceived for
Place order, applies automatically to all transactions: deleting an order, changing items, moving an order to a new customer, etc. This reduces code and promotes quality (no missed corner cases).
D. Automatic Optimizations
SQL overhead is minimized by pruning, and by elimination of expensive aggregate queries. These can result in orders of magnitude impact.
Rules are an executable design. Note that they map exactly to our natural language design (shown in comments) - readable by business users.
Optionally, you can use the Behave TDD approach to define tests, and the Rules Report will show the rules that execute for each test. For more information, click here.
3. Iterate With Rules and Python
Not only are spreadsheet-like rules 40X more concise, but they meaningfully simplify maintenance. Let's take an example:
Give a 10% discount for carbon-neutral products for 10 items or more.
apply_iteration process simulates an iteration:
- Acquires a new database with
- Issues the
ApiLogicServer rebuild-from-databasecommand that rebuilds your project (the database models, the API), while preserving the customizations we made above
- Acquires a revised
ui/admin/admin.yamlthat shows this new column in the admin app
- Acquires this revised logic: In
logic/declare_logic.py, we replaced the 2 lines for the
models.Item.Amountformula with this (next screenshot shows revised logic executing with breakpoint):
def derive_amount(row: models.Item, old_row: models.Item, logic_row: LogicRow): amount = row.Quantity * row.UnitPrice if row.Product.CarbonNeutral and row.Quantity >= 10: amount = amount * Decimal(0.9) # breakpoint here return amount Rule.formula(derive=models.Item.Amount, calling=derive_amount)
To apply this iteration, in a terminal window for your project:
- Stop the server (red stop button, or Shift-F5 - see Appendix)
- Apply iteration
# mac, linux sh apply_iteration.sh #windows ./apply_iteration.ps1
3. Set the breakpoint as shown in the screenshot below
4. Test: Start the server, log in as Admin
5. Use the Admin App to update your Order by adding 12
At the breakpoint, observe you can use standard debugger services to debug your logic (examine
Item attributes, step, etc).
This simple example illustrates some significant aspects of iteration, described in the sub-sections below.
A. Maintenance Automation
Along with perhaps documentation, one of the tasks programmers most loathe is maintenance. That's because it's not about writing code, but it's mainly archaeology - deciphering code someone else wrote, just so you can add 4 or 5 lines that will hopefully be called and function correctly.
Rules change that since they self-order their execution (and pruning) based on system-discovered dependencies. So, to alter logic, you just "drop a new rule in the bucket," and the system will ensure it's called in the proper order, and re-used over all the use cases to which it applies. Maintenance is faster, and higher quality.
Extensible With Python
In this case, we needed to do some if/else testing, and it was convenient to add a pinch of Python. Using "Python as a 4GL" is remarkably simple, even if you are new to Python.
Of course, you have the full object-oriented power of Python and its many libraries, so there are no automation penalty restrictions.
Debugging: IDE, Logging
The screenshot above illustrates that debugging logic is what you'd expect: use your IDE's debugger. This "standard-based" approach applies to other development activities, such as source code management, and container-based deployment.
Note we rebuilt the project from our altered database, illustrating we can iterate while preserving customizations.
4. API Customization: Standard
Of course, we all know that all businesses the world over depend on the
hello world app. This is provided in
api/customize_api. Observe that it's:
- Standard Python
- Using Flask
- For database access, SQLAlchemy: Note all updates from custom APIs also enforce your logic.
5. Deploy Containers: Collaborate
API Logic Server also creates scripts for deployment. While these are not required at this demo, this means you can enable collaboration with business users:
- Create a container from your project - see
- Upload to Docker Hub
- Deploy for Agile collaboration
In minutes - not days or weeks - you've used API Logic Server to convert an idea into working software, customized logic and security, and iterated to meet new requirements.
To dive deeper, you can install API Logic Server and execute this demo - or create a system from your own databases.
Appendix: Database Schema
Specific procedures for running the demo are here, so they do not interrupt the conceptual discussion above.
You can use either VSCode or Pycharm.
1. Establish Your Virtual Environment
Python employs a virtual environment for project-specific dependencies. Create one as shown below, depending on your IDE.
venv, and run it via the first pre-built Run Configuration. To establish your
python -m venv venv; venv\Scripts\activate # win python3 -m venv venv; . venv/bin/activate # mac/linux pip install -r requirements.txt
For PyCharm, you will get a dialog requesting to create the
venv; say yes.
See here for more information.
2. Start and Stop the Server
Both IDEs provide Run Configurations to start programs. These are pre-built by
For VSCode, start the server with F5 and stop with Shift-F5 or the red stop button.
For PyCharm, start the server with CTL-D and stop with the red stop button.
3. Entering a New Order
To enter a new Order:
Click `Customer 1`
+ ADD NEW ORDER
Notesto "hurry", and press
SAVE AND SHOW
+ ADD NEW ITEM
Enter Quantity 1, lookup "Product 1", and click
SAVE AND ADD ANOTHER
Enter Quantity 2000, lookup "Product 2", and click
Observe the constraint error, triggered by rollups from the
Correct the quantity to 2, and click
4. Update the Order
To explore our new logic for green products:
Access the previous order, and
ADD NEW ITEM
Enter quantity 11, lookup product
Green, and click
Appendix: Add Database Column
The database here is SQLite. You can use the SQLite CLI to add a column using the terminal window of your IDE:
$ sqlite3 database/db.sqlite > alter table Products Add CarbonNeutral Boolean; > .exit
The SQLite DBMS is installed with API Logic Server, but the CLI is not provided on all systems. If it's not installed, you can install it like this.
Published at DZone with permission of Val Huber, DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.