Monday, February 16, 2015

Never open up access to code protected by ACCESSIBLE BY?

In my Oracle Magazine article, When Packages Need to Lose Weight, I step through the process of breaking up a large package body into "sub" packages whose access is restricted through use of the new-to- Oracle Database 12c ACCESSIBLE BY feature.

The idea, to sum it all up, is that once I move code from my original too-large-to-manage package body to another package, the header moves to the spec of that package. This means that formerly-private functionality is now accessible to anyone with execute authority on that package.

For that reason, I stated:
The body of em_central shrinks to a fraction of its former self, because the body of each procedure is simply a redirect into the em_central_a and em_central_b packages. The subprograms in these packages should be invoked only by em_central.
A reader contacted me with this question:
For me this means that newly written subprograms should not invoke the new packages em_central_a and em_central_b directly. So the ACCESSIBLE BY clause could be applied to these packages as well.  For a colleague of mine, this is carrying things too far. He thinks you see no problem if newly written code accesses the packages em_central_a and em_central_b directly. If you agree to the opinion of my colleague, the cited excerpt from the article should be revised. 
Revise what I wrote? Accept that I was wrong? What is Arne thinking?

He is thinking that I am arational human being. And I deeply appreciate that. In fact, I have no (minimal, anyway) problem admitting I am wrong and fixing what I have written. I do that a lot. :-)

But I think in this case I will fight the good fight and provide a more thorough explanation.

First, Arne, regarding use of ACCESSIBLE BY with "these packages as well." I think that you must be referring to the packages containing the new subprograms that want to use em_central_a or _b? If so, yes, you can certainly expand the list of program units in ACCESSIBLE BY, which brings me to my main point:

The default position you should take regarding previously private code that was made "public" solely to help re-org your chubby packages is:

Don't let anyone/any other program access that code.

Which is what I am saying in that quote. Why? Well, because it wasn't designed for use anywhere else. It wasn't tested for use outside of the current execution path. I do think it is extremely important that the original intention of the original developer be respected until you find a good reason to change it.

Otherwise you are asking for trouble - unless that code is so transparent, so well-written and comes with an automated unit testing script that it can understood and used in a variety of ways with confidence.

Please think about this: how many packages have you written or seen from others for which this is true?

Which brings me to my final point:

Everything changes, and code reuse is critical to overall maintainability of code.

By which I mean: when you first break up the package and create pseudo-private packages for the previously private code, you should tightly restrict usage. But suppose a developer comes along, sees those inaccessible subprograms, investigates and decides: "Wow, I could really use that functionality!"

Am I suggesting you tell them to get lost? No, of course not! At that point, you:

  • do some analysis, verify that there really is a good fit;
  • sort out what would need to change in the existing restricted subprogram to be used elsewhere;
  • ensure that these changes would not affect the original use 
  • make the changes and test them
  • add the new package "user" to the ACCESSIBLE BY clause
So, sure, "no problem" - expand access to that now-possibly-usable code, but do with it intention and careful decision-making. 

Should I revise my article? After all, it's not so "black and white", is it? Well....I don't think I need to do that. After all, I don't say:

NEVER EVER USE THAT CODE ELSEWHERE OR YOU ARE AN IDIOT. [I do NOT say this!]

I say: "The subprograms in these packages should be invoked only by em_central."


For any and every programming feature you ever encounter, there will always be nuances. I'd rather use my articles to make developers aware of what is possible with new features, and the major motivations behind these features.

Good, clever, practical programmers will discover exceptions, interesting new ways to apply a feature, all the time. It's what we do. And my statement includes an implicit admission of that reality.

No comments:

Post a Comment