N-Tiered Architecture
Internally, Elements uses the class N-tiered architecture consisting of three layers.
- Presentation Layer is a thinly defined layer of abstraction over the underlying Service Layer. RESTful APIS provide a translation between the Service layer. JSON-RPC APIs (experimental) are essentially calling service layer methods directly. The endpoint code simply unpacks the requests and translates that to the service layer. It does nothing to enforce security.
- Service Layer (also sometimes called Logic Layer) houses all the business logic of the system. This layer exists with multiple implementations of each service. All APIs labeled "service" (eg
namazu.elements.service.smartcontract.evm) will always consider the context of the user making the request. In some cases, the Service layer implementation is configured to do nothing but throw exceptions. - DAO Layer (also sometimes called Data Layer) is the layer that provides access to the database through layers of abstraction. All apis labeled "dao" (eg
namazu.elements.dao.user)
Presentation Layer
The presentation layer is the layer closet to the client code. In the context of Elements, this is the Resource handling the cloud function invocation. Internally, Elements uses JAX-RS annotated methods at the presentation layer.
Service Layer
The Service Layer houses the logic of the application. Each Service is a common interface through which client code makes calls. Depending on User Acccess Level, Elements will use a different implementation of the Service. Most services honor user access level. However, as the developer of the application, you should not worry about these details. When using the Scripting engine, invoking service layer code will typically enforce the appropriate permissions.
If Service is not available for a particular access level, the Service will throw the appropriate exception indicating that the permission check failed.
Scoped Services
A service which specifically honors User access level is said to be scoped. Which means it may have a reference to the currently logged-in user while processing the request. Information, may be inferred from this scoping.
Unscoped Services
A service which does not honor User access level, for whatever reason, is said to be unscoped. It will not have any reference to the currently logged-in user. Typically unscoped services provide super user access to the system. Or, they may provide information that is available to all users without restriction. When writing cloud functions, you should handle the service layer with care.
Data Layer
The data layer has no user scope, and therefore provides unrestricted access to the database. The Data Layer, abstracts the database details. This performs operations such as querying, inserting, updating, and deleting. As with unscoped services, Data Layer code provides raw access to the database without regard for any scoping rules. Therefore, special care must be taken to make use of this.