如何正确地将数据库数据共享给其他开发人员？ [英] How to I properly share database data to other developers?

问题描述

我设计了一个MSSQL数据库，供我用c＃开发的应用程序使用。后来，我要求将一些数据暴露给另一个部门的另一个开发人员开发的另一个应用程序。该开发人员的应用程序是基于Web的。他要求我通过数据库视图公开数据，这是我不愿意做的。公开的数据仅用于在网络上显示。数据可能会从Web应用程序发送回数据库，我打算使用视图和/或存储过程来执行此操作。

我的问题是

1.我的决定对？ - 为什么是或否）

2.是否将他的观点和功能暴露给他？

3.你建议我为此设计一个API吗？ （需要建议。）

4.如何验证从Web应用程序收到的数据？

欢迎提出其他建议。



我尝试了什么：



还在考虑如何做到这一点

I designed a MSSQL database to be used by an application I developed with c#. Later a requirement came for me expose some data to another application developed by a different developer of another department. The application of that developer is web based. He requested I exposed the data via database views which I'm reluctant to do. The data exposed will be just for displaying on the web. Data may be sent back from the web app to the database which I intend to use views and or stored procedures to do that.
My questions are
1. Are my decisions right? - And why yes or no)
2. Is exposing the views and functions to him secured?
3. Do you suggest I design an API for that? ( Recommendations needed.)
4. How do I validate the data received from the web application?
Other suggestions are welcome.

What I have tried:

Still thinking of how to do that

推荐答案

然而，所有有效的问题，它们只能通过业务需求和安全策略来解决，而不是从技术角度来看。因此，我们无法为您解答此问题。



MS SQL可以处理您可能遇到的所有安全需求，以保护数据等。



因此，您需要自己回答为什么您出于安全或商业原因而不愿意这样做的原因。技术解决方案是次要的（或将取决于）业务需求。



验证方法有很多种，从WEB程序本身到转换表中的临时存储数据单独的验证过程。



再次取决于你自己的情况和需求。

All valid questions, however, they can only be anwered by the Business needs and security policies and not really from a technical perspective. Hence we will not be able to answer this for you.

MS SQL can handle all the security needs you may come across with views to protect the data etc.

Hence you need to answer for yourself why you reluctant to do this from a security or business reason. The technical solution comes secondary on (or will depend on ) the business needs.

Validation means are many and varied from the WEB program itself to temporary storing data in transition tables for a seperate validation process.

Again it depends on your own situation and the needs.

不太明白为什么你不想使用视图。在所有视图最初设计用于处理例如安全问题之后。通过视图，您可以控制使用应用程序可以查看或更新的行和列。此外，视图的用户无需访问原始表。



如果查询很复杂，您需要能够更新数据然后视图可能不是一个好的选择。在视图中，更复杂的查询很容易变得不可更新。在这种情况下，您只能使用视图运行SELECT语句。如果是这种情况，则存储过程为数据处理提供了更大的灵活性。

Don't quite understand why you don't want to use a view. After all the view is originally designed to handle for example security questions. With a view you can control what rows and columns the using application can see or update. Also the user of the view does not need to have any access to the originating tables.

Then again if the queries are complex and you need to be able to update the data then a view may not be a good choice. A bit more complex query easily becomes non-updatable in the view. In such situation you can only run SELECT statements using the view. If this would be the case then stored procedures give you more flexibility what comes to data handling.

您可能不应该将数据库结构暴露给另一个应用程序 - 因此没有视图，没有表等。

如果你这样做，你将紧密耦合两个应用程序 - 如果由于某种原因数据结构发生变化，你可能会破坏其他应用程序。



相反，请考虑通过WebAPI公开功能。如果您的应用程序发生变化，您可以在WebAPI&不要破坏其他应用程序。

You should probably not expose the database structure to another application - so no Views, no Tables etc.
If you do, you'll be tightly-coupling both applications - if th data structure changes for some reason, you'll likely break the other application.

Instead, consider exposing functionality via a WebAPI. hat way, if your applcation changes, you can compensate in the WebAPI & not break the other application.

这篇关于如何正确地将数据库数据共享给其他开发人员？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！