Win a copy of Head First Android this week in the Android forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Paul Clapham
  • Ron McLeod
  • Tim Cooke
  • Junilu Lacar
Sheriffs:
  • Rob Spoor
  • Devaka Cooray
  • Jeanne Boyarsky
Saloon Keepers:
  • Jesse Silverman
  • Stephan van Hulst
  • Tim Moores
  • Carey Brown
  • Tim Holloway
Bartenders:
  • Jj Roberts
  • Al Hobbs
  • Piet Souris

How to model a different type of app users in microservices

 
Greenhorn
Posts: 9
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Sorry for posting this question here, since the question is more of a microservice architecture.

I have an outpatient app that has two completely distinct groups of users, the patients, and the caregiver. The patient consists of senior citizens and any person who can not physically take them of themselves.
The caregiver users have roles such as being able to administer a drug to patients or only to clean the patient, or have both.
The app is to schedule a patient's day-to-day care by the health care company. The company assigns its staff to different patients based on the type of care contract the patient signed. The services the
company offers are, taking seniors for a walk, playing games with them, cleaning them up, administering drugs, giving injections, and bringing patients to doctor visits. So the core domain of the system is the schedule domain.

My question is, should the creation and management of both users be in the same microservice, or they should be on a separate microservice?
 
Saloon Keeper
Posts: 24517
167
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Microservices or otherwise, my position has always been that the creation and maintenance of user security data should never be in the same application as the business services.

As a general rule, putting both functions in the same app requires elevating the data access rights for the user data and thus opens more options for exploitation. Separating them allows a more restricted security environment on the business services. And, in fact, you might even be able to limit the account management all to in-house access only even when the business services are public Internet services.
 
Marshal
Posts: 74354
334
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Welcome to the Ranch

Maybe our web services forum will be a better place for your question.
 
Famous M. Ighodaro
Greenhorn
Posts: 9
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Tim Holloway wrote:Microservices or otherwise, my position has always been that the creation and maintenance of user security data should never be in the same application as the business services.

As a general rule, putting both functions in the same app requires elevating the data access rights for the user data and thus opens more options for exploitation. Separating them allows a more restricted security environment on the business services. And, in fact, you might even be able to limit the account management all to in-house access only even when the business services are public Internet services.



Thanks for your feedback. I will follow as you suggested, separating the main application logics from the user management service. Secondly if I understand you correctly, it will be better to have both type of users on same microservice?
 
Famous M. Ighodaro
Greenhorn
Posts: 9
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Campbell Ritchie wrote:Welcome to the Ranch

Maybe our web services forum will be a better place for your question.


Oh, I didn't see that initially, I will ask same question there now since I can delete this one.
 
Tim Holloway
Saloon Keeper
Posts: 24517
167
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator

Famous M. Ighodaro wrote:

Campbell Ritchie wrote:Welcome to the Ranch

Maybe our web services forum will be a better place for your question.


Oh, I didn't see that initially, I will ask same question there now since I can delete this one.



No, don't do that. We can move topics. Deleting things isn't really how we work here. Too much stuff vanishes from the Internet as it is.
 
You showed up just in time for the waffles! And this tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop
https://coderanch.com/wiki/718759/books/Building-World-Backyard-Paul-Wheaton
reply
    Bookmark Topic Watch Topic
  • New Topic