Etikettarkiv: Programmering

What do to?

One thing that tend to be a bit problematic for me whenever I want to try out a new programming language or technique is coming up with something meningful to do. ”Hello, world!” is obviously a good place to start, but where do you go from there? Perhaps you have some functionalty that you kind of always implement as a kind of reference, and that’s great! That approach hasn’t quite worked out for me as of yet.

For me, the ideas that get me going are commonly too complex and ill-defined to be suitable being new to a programming language. The result is most often a pile of code far from the grand and not very clear vision I had from the beginning. And that’s not very fun.

Now, a couple of months ago, a former colleague of mine told me about some programming challenges posted weekly by Jamis Buck. Prior to that, I had spent a couple of evenings trying out Clojure, but as ususal my idea was too grand with respect to my limited skills in the language. I decided to leave the pile of code to rot and instead start hacking away at the current weekly challenge, which was about finding the shortest path through various mazes.

It took a couple of evenings for me to complete the challenge, but in the end there it was (and here it is on GitHub). The problem to solve was crisp clear, and the solution, implemented in a language new to me, fullfilled the given requirements. The code was far from perfect, but it worked and the solution was complete. And that felt pretty good when compared with the usual pile of code that doesn’t really do anything.

I guess you can find programming challenges all over the web if you look for them, but for me the format that Jamis Buck have come up with is pretty sweet. After some thought I think the reason why this format works for me can be summed up by the below three key points:

a) The problem to solve is well-defined and limited
b) There is a deadline
c) No pressure, just fun

I think I’ve made my argument about well-defined problems and being new to the programming language at hand pretty clear above. Along with being well-defined, the scope in his challenges are limited and require not too many hours to complete. The normal mode for solving a challenge usually takes an evening or two of work, depending on how comfortable you are with your language and the algorithms to apply.

Another key thing is the deadline. To have a date when you need to finish means that you can’t polish your code forever. You have to let it go and, before the time is up, publish it somewhere (e.g. on GitHub) in order to submit your solution. And I think that is something valuable as well, to practice in being comfortable with exposing your code publicly.

Moreover, you get to see the same problem you’ve been working on solved in various languages and with different approaches. The way you ”hand in” your solution is by posting a comment in a web blog post, so you can have a look at all the other attempts there as well. It’s pretty cool to see the challenge implemented in Javascript, Clojure, Haskell, Elm and whatnot.

And finally, it’s okay if you don’t get there. You don’t actually have to post your solution at all, so there is no pressure at all.

Just fun.

Paradigm crisis

Detta inlägg finns även att läsa på HRM Softwares teknikblogg!

Ever since I took the Haskell 101 course I have gradually entered a state best described as a paradigm crisis. Prior to that course I happily hacked away in an object-oriented fashion, and I felt pretty confident in how to tackle problems when I faced them. I knew the most commonly used design patterns and how to look up the ones not that frequently used when needed.

Then came functional programming.

Admittedly I was not immediately convinced when I took my first steps in the Haskell 101 course, and I think the reason for that was that I did not quite see where these new functional tools would fit into my very object-oriented toolbox. Somewhere in that toolbox, along with factories and decorators, I had to find room for map, fold, filter and other functional concepts so I could easily find them.

It turned out that I actually needed a whole new compartment in my toolbox, as object-oriented programming and functional programming indeed are two very different paradigms.

It is true that we in the hybrid world of Java 8 can mix these two paradigms as we see fit, but when we are writing functional Java we leave the object oriented paradigm for a moment and become declarative and immutable, which is really cool. For me as (mainly) a Java programmer, the functional style of doing things are increasingly becoming my first-hand choice. I mean, what’s the point of for-looping a list of elements when all I want to do is to grab some elements that matches a given predicate? The ”old way” of doing this is way to error prone to be worth it. Moreover, when we leave out the ”how” part when working with collections, the language can apply optimizations to the ”how”-part. The declarative style of programming allows you to work on a higher level of abstraction and let the language worry about the specifics of ”how”.

Now, the leading paragraph of my blog post mentioned the word ”crisis”, which intentionally was a strong word to get your attention. 😉 Although the new compartment in my toolbox have complicated my professional life a bit – especially at the time of writing when I am still a newcomer to the functional paradigm – I have noticed that I am starting to think about how to attack problems a bit differently than before. When in the object-oriented world, you would use all kinds of design patterns and language constructs to control mutability of objects in order to get a fair chance to understand and reason about what’s really going on. In the functional world, you would instead work declaratively on immutable data structures, which means that we write code on a higher level of abstraction without the need to worry about mutable data.

And suddenly, the new functional toolbox compartment seems really compelling.

I have to admit that I may be a bit over enthusiastic right now, I usually behave like that when I try out new things that I like. But when listening to Martin Odersky in yet another course I’m enrolled in on functional programming I find it a bit sad that object-orientation turned out like it did in languages like Java. I mean, why is everything mutable by default? That doesn’t make sense. And why did the programming courses I took at the university teach this mutable object-oriented way of programming? As far as I understand, imperative programming where everything is mutable has been a well-known problem for decades.

Time to sum up this blog post with a stupid quote coined by myself over a cup of coffe: functional programming is like sudoku! 🙂

Event storming

Detta inlägg finns även att läsa på HRM Softwares teknikblogg!

Lately I’ve spent some time catching up on what’s happening in the Domain-Driven Design (DDD) community through watching sessions recorded at the Domain-Driven Design Europe 2016 conference. The session I watched yesterday was about something called event storming – a concept that was new to me but so simple and seemingly powerful that it got me quite worked up. The purpose of this blog post is not to go into details of how event storming works, but rather to convey my initial thoughts of why the idea is worth thinking about.

When running an event storming workshop you only need a few basic things:

  • post-it notes with different colors
  • a lot of space to place the post-it notes on (e.g. a large whiteboard or a paper roll)
  • the right people

The right people are key in event storming and should involve a moderator, developers, domain experts and other people involved that can contribute when storming away at the problem at hand.

Domain events

With all these smart people gathered in a room, you start with identifying a few core domain events. A domain event is formulated as something important that can happened in the domain under analysis, e.g. ”ticket purchased” or ”seat reserved”. As you can see, domain events are always expressed in past tense. Each domain event is written down on a post-it note with a specific color – the resources I’ve found online so far suggests orange stickers by convention – and placed on the whiteboard from left to right in order of occurrence in the business process we are analysing. This means that we get a visual representation of the business process flow to see when the various domain events occur.


During the identification of domain events we also need to ask ourselves how they are triggered. For instance, the domain event ”ticket purchased” might be a consequence of a user placing an order via a web application. The act of placing an order is, in event storming terms, a command. A command is something that generate domain events and is expressed through blue post-it stickies. Commands are formulated in present tense, e.g. ”purchase ticket”, and placed on the whiteboard just before the domain event(s) that are generated as a result of the command. For example, a ”purchase ticket” command should probably be placed just before the ”ticket purchased” domain event to signal that they belong together.

The flow of the workshop

With the two core concepts of commands and domain events, the participants of the workshop keep exploring the problem area to gradually refine and expand it. As the notion of event storminig stems from DDD, we take extra care to capture the ”ubiquitous language”, i.e. we want to make sure we are naming things so that it makes sense for the business problem we are trying to solve. Participants in the workshop are encouraged to question things, no matter how trivial they may sound. Is ”ticket” really the correct word? Is it to general?

It is during the ongoing discussion, with post-its being replaced and moved around, we hope to nail the complexity of the domain problem. Suddenly, a domain expert states that there should be a way to reserve tickets. And by the way, you should be able to get a refund if you cancel your ticket purchase within a given amount of time. The complexity of the problem gradually reveals itself, captured in a process time flow and grouped by commands and domain events on a whiteboard covered with colored post-it stickies.

What do we get out of this?

It should be noted once again that I’ve not actually tried this workshop format, but in my mind it really makes sense. The idea is super simple and the potential outcome of it is interesting in several ways. First and foremost, we can express the components of a problem we are trying to solve (and how they relate to each other) with terminology that comes directly from the domain experts. Another neat thing is that commands and domain events map really well to implementation. They are a natural fit for CQRS and event sourcing, but when you think about it, commands and domain events can be mapped pretty well to any kind implementation technique. Something triggers an action (command) that produces some kind of result (domain event).

Final notes

Event storming include more stickies for e.g. highlighting actors, UIs and domain models. Moreover, as we are in the DDD world, we can map related commands and events to a particular aggregate and express that directly on the whiteboard by simply grouping them together. The same goes for bounded contexts; to group aggregates into a bounded context you just draw a line around the involves post-it stickers with a whiteboard marker.

For those of you versed in DDD, we can start drawing a context map from here, but that’s the topic of a blog post for a later time.

This blog post was authored by Martin Moberg.

Trash Friend

Detta inlägg finns även att läsa på HRM Softwares teknikblogg!

Last week me and some colleagues took part in a hackathon here in Växjö. This hackathon was one of many events that took place during something called Digitala veckan, an entire week packed with IT-related events around the Linneaus university region. For those of you new to the concept, a hackathon is basically a competition in which programmers hacks away at a problem in a limited amount of time. In this particular hackathon, the challenge was to combine open data sources on the web and produce something useful for making our environment better. While HRM had two teams enlisted in the competition, this blog post is about our contribution. Say hello to Trash Friend.

The rationale for Trash Friend came to us while struggling hard figuring out what to do. We had been provided a list of example open data sources in-line with the overall environmental theme, but the data sources were admittedly not all that great and not always up to date. Moreover, our friends in the other HRM team were hacking away like crazy right from the start with a pretty neat idea, which made at least me feel a bit stressed out. We did come up with a few kick ass ideas right from the start too, but the open data sources were not fitting in nicely in any of those. What to do?

Figuring out what to do

After some headache we finally settled on an idea that were nicely motivated by another colleague of ours during a coffee break. One of the provided open data sources contain information about cars entering one of the recycling stations in Norremark, Växjö, and while brainstorming he said something like:

”They should have a webcam over at that recycling station. The queues can be terrible over there and you never know until you actually get there.”

Now, we did not have access to a webcam or any live data, but we did have access to the data set I just mentioned, which contained statistics over the course of a few months. It included data such as the time of visitors entering the station, the length of the cars (!) and the speed of the cars passing through the sensor. The latter two were not that useful for us, but the time of entry had some potential. Although there were no information about when cars left the recycling station, you could take a wild guess and say that the average time for a visitor staying at the recycling station is, say, fifteen minutes. Not that we actually had any coverage for that estimation, but for a hackathon such as this that estimation was perfectly fine.

With the time of entry and an estimation of how long visitors were hanging out at the recycling station, we could take a particular point in time, for example at three o’clock Friday afternoon, and calculate the expected number of visitors at that time. The algorithm we used to calculate that approximation was to historically look at the visitors to the station at that time on that particular weekday. From all of these occurrences we simply came up with an average to make the approximation somewhat reliable, that is, taking all Friday afternoons at three o’clock into account.

The idea

So, the idea we had was to make recycling easier for citizens and to relieve them from long queues at the recycling station. Such a tool has the potential to be beneficial in several ways:

  • Avoid a high load of visitors; if a citizen has a way to find out that the queue to the recycling station is long s/he can decide to wait before deciding to pay a visit.
  • Reduce the emission level at the station; cars in queue means that there will be more emissions, which leads to our next point.
  • Improve the work environment for employees at the station; less emissions and less visitors at peak hours.

There are probably more points to such a list, but let us settle for those and head over to implementation details.


With the algorithm in place for calculating the number of visitors at the recycling station at a given point in time, we had one more crucial nut to crack – the information had to be super-easy to get a hold of. Would a web site do? For some cases yes, but remembering the URL of that particular site you tend to visit occasionally would not cut it. We wanted something that was just there when you needed it. Perhaps a notification could pop up in your smart phone when things are looking okay at the recycling station? Notifications are nice and all, but how could we possibly know when the citizen wants to recycle their trash? No, we needed something accessible that the citizen could consult when needed. And for this purpose a widget felt just right.

We finally settled on an architecture that involved three central components, described in more detail below.

RESTful web service

As the recycling central station data was encoded in a csv-file, we decided to crunch it and expose it in a format more suitable for our needs (i.e. JSON) via a simple RESTful web service. The technologies we chose for these tasks were Java and Spring Boot. With Spring Boot we had a RESTful web service up and running in no time, which was perfect for the time pressure we had during the hackathon. Aside from the recycling station data, service we build also included weather data. The weather data was fetched from an open weather data API and adjusted to the needs of the widget to inform the citizen about the weather conditions at the station. I mean, it is no fun to recycle your trash when it is raining.

Trash Friend Widget

The widget was developed for Android using Android Studio. This was the first time for me developing a widget, but after a while I got a hang of it and the result came out quite okay for a UI novice like me. As seen in the screenshot below, the widget presents a colored cycle to the far left. This icon indicates the status on the recycling station with one of the three colors red, yellow and green. A red circle tells you that you should wait your visit to the station for a later time, a yellow circle means that you probably will be in queue for a little while and, finally, a green circle means thumbs up, you should stop what you are doing and head over there right away.

The Trash Friend Widget

For a more concrete approximation (if there is such a thing) the text to the far right tells you the approximated number of visitors at the station at the present time. Finally, the weather icon show the weather conditions over at the station at the present moment. The information in the widget is updated every 30 minutes, which in my mind is acceptable as we are not dealing with live data (at least regarding visitor data).

But what if the queues are terrible right now? When should I go? To answer this question, the user simply taps the widget to launch the Trash Friend web application.

Trash Friend web application

The purpose of the Trash Friend web application is to answer questions just like the ones asked in the closing sentences of the previous section. When the widget is tapped, the default browser in your mobile phone fires up with an overview of the expected load of visitors at specific times throughout the current day (see figure below).

The Trash Friend web application

One can easily switch to a weekly overview by tapping the button ”Veckoöversikt” in order to see how the situation at the recycling station is expected to be later on during the week. This web application was developed using the Ionic Framework to make it mobile friendly right from the start.

Summing up

So there you have it. In just a couple of hours we went from frustrated to pretty satisfied with what we had produced. And while we did not win the hackathon (due to stiff competition of course ;)) we pulled through and produced something that, if polished a bit, at least in my mind would be a valuable tool for citizens living near this large recycling station. If all recycling stations in Växjö would start to gather entry data it would be quite easy to improve the design to let citizens select their station to track in their widget. In Android, the way to configure widgets is to flip them over and adjust its settings. Imagine if available stations were available in a list in which you could select the station to track? A tap on the widget would then, naturally, direct the browser to the statistics at that particular station.

That’s all for this time, keep hacking! 🙂 By the way, the code we wrote is MIT licensed and available on GitHub.

Security through domain modeling

Detta inlägg finns även att läsa på HRM Softwares teknikblogg!

At the time of writing this I am sitting on the train home after attending the jDays 2016, a two-day conference packed with talks about Java and related technologies. Me and two of my fellow colleagues had a really nice time there and right now I feel quite stuffed with information that will need some time to sink in. One of the keynote speakers actually pointed out that sleeping and resting are important ingredients for accommodating what you are trying to learn, and fortunately those ingredients are perfectly in line with what my mind is signaling right now.

But prior to resting there is one thing that I need to put down in words right away. Being a fan of Domain-Driven Design (DDD) for quite some years now I am glad that I attended a talk about the concept of Domain-Driven Security (DDS) with the irresistible name ”Arm yourself with Domain Driven Security. It’s time to slay some security trolls…” by Daniel Deogun and Dan Bergh Johnsson. In the next couple of paragraphs I will attempt to pass on my understanding of the concept. If the notion of DDD is new to you then I warmly recommend you to read up on it. For me I found DDD to be an eye opener to say the least.

Now, the overall idea behind DDS is that we can use DDD as a way tackle various security challenges that we all have to deal with in some way or another, for example input validation, cross-site scripting or SQL injections. And the really nice part of this is that there is no technical wizardry or mysterious frameworks here – it all comes down to modeling the domain properly. Let me describe this with an injection attack example inspired from the talk I refereed to earlier. Here we go.

In a simple on-line registration page for a cat owner community there is an input field where you are asked to fill in the name of your favorite cat. Everything works fine and the community site is coming along nicely with an ever-growing user base, but then one day a terrible thing happened. Someone had injected JavaScript code in the cat name input field which made the browser redirect to a dog owner community page whenever the cat name was supposed to be displayed on the screen. Under the hood, the value in the cat name input field had been persisted as is, and when retrieved from the database to be displayed the JavaScript code executed, redirecting the browser.

The cat owner community was not pleased.

If the cat owner community instead had designed the application according to DDS they would most probably not have ended up in this situation. A cat name is a domain concept in its own that clearly differ from a string in that it cannot contain weird characters such as ”<” or ”>”. And if you think about it, does the concept of a ”string” really have any meaning in the domain of cat owners? Probably not. Moreover, numbers are probably not be something that the should allow in a cat name. With such business rules in place, we can define a class – for instance CatName – within the domain model that enforces all of these rules in its constructor.

We now repeat the injection attack described above with our new domain model construct CatName in place. The attacker enters the terrible script into the input field and submits the form. The string containing the JavaScript code, including the ”<” and ”>” characters, are passed on down towards the domain model, eventually to be mapped to the domain model concept CatName. Depending on how the cat naming rule is enforced, an exception could be thrown or any characters that aren’t letters are filtered away from the string. In any case, we can be sure that a CatName instance will never, ever contain malicious JavaScript code.

What I just tried to explain is just one example of security challenges that DDS aims to tackle. And the great thing is that much of DDS really comes for free if you just do DDD properly. Just think about the example above – the injection attack was avoided as a consequence of thorough domain modeling work a la DDD. The restrictions and rules enforced by the domain model saved the day for many cat owners.

For me, the talk about DDS was yet another piece of evidence that DDD is worth the extra modeling work up front. Through exploiting the ideas in DDD we can take a proactive stance to fight security challenges by simply doing our domain modeling work properly.

If you want to have a look at this particular talk it will be available on the jDays 2016 site in a couple of weeks. I strongly recommend watching it!