why not comile a designated language directly to microservices?

That’s not serious, ok? So…

there’s so much mess and annoying articles and whatever around the m-word, that the question popped up, why not to compile some language directly to m-s to eliminate all the noise once and for all and cover as many other buzzwords as possible on the way? so instead of “oh, how do I shredder my odd monolith to sexy m-s?” just: “type. compile. deploy. (covering m-s, immutability, pure functions, actors, event sourcing, polyglot programming…) “, right?

To make it easy, let’s assume everything’s super-functional, immutable and trendy and looks somehow like Scala, e.g.

let v = if (a > //php// b) {a – //erlang// b} else { b + //c++// a}

What do we do with this? We create 4 microservices (one each for “>”, “-“, “+” and another for the if-statement itself). We need some api-gateway to call this somehow, but that’s a mundane detail. We can add annotations (/c++/) to tell the compiler which target language/environment should be used per service, so each software-fundamentalist calcification in your company will be happy.

Obviously an actor based approach will be hugely helpful, giving us lock-free message processing, that the “+” microservice can process any amount of incoming calls and the “if” any amounts of propagated results from “>”, “+” etc. Everything will be phatastically parallel, except for if-statements in the context of recursions.

By persisting all messages passed we should be able to replay the whole thing and manipulate it at every level, giving debugging a new meaning. Maybe also all this service-mesh stuff can be replaced digging in the message log.

I’m also tempted to give it Javascript-like no-datatype semantics, so no matter what you feed it, you’ll always get a result, right?

Thoughts appreciated!

Sharing a OneDrive and/or sharepoint folders using “Sharing Link” Vs adding user directly to the Folder permission

I am planning to move some folders from a user’s OneDrive site to a SharePoint document library. to move the files and folders from OneDrive to SharePoint online i will use the “Copy To” and/or “Move To” options. but for the permission i am planning to do the map manually. But on some OneDrive folders i found that they have been shared using sharing link + adding users directly to the folder, here is an example (where 7 users have been added to the folder permission, while one user is added using sharing link):-

enter image description here

and when i checked the permission for a file inside the above folder, i found the following permission settings, which mentioned that the file inherits the permission from its parent folder (the above permission), and the 7 users are showing inside the file permission settings, as follow:-

enter image description here

So the file got all the 7 users from the parent folder , but excluding the user who is granted access to the parent folder using sharing link. so my question will the user who has been granted access to the parent folder using sharing link, can access the file? because the child permission setting is confusing, as it is saying that it inherit the permission from the parent folder, but it does not include the user who can access the parent folder suing sharing link.. so not sure how i need to map this to the sharepoint folder? should i grant the user who can access the parent folder using sharing link, access to the file inside the folder?

Thanks

Why is it okay to run NGiNX or Apache Web Server as root on port 80/443 and not your app directly?

Just like the title says, I would like to understand:

  • what are the implications of running a custom app (like node or flask) on port 80/443.
  • Is running a reverse proxy like Nginx mandatory from a security point of view? * What if I run Nginx as root user and we discover a security vulnerability today? Wouldn’t that make the custom app and Nginx both great security risks?
  • What is the most secure (and standard) way to handle traffic on port 80 or 443, if its not Nginx?

Accessing document in shared guest access folder directly via link or others methods (sharepoint)

I need a way to access the access the following file via one-click.

https://websiteName.sharepoint.com/folder/subfolder/document.pdf

I have a link for guest access to the subfolder containing the file. It is in the following format:

https://websiteName.sharepoint.com/:f:/g/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA?e=BBBBBB

If trying to access the file directly without first accessing the shared folder, sharepoint will prompt for login credentials.


What I learned so far  Accessing:     https://WEBSITE_NAME.sharepoint.com/:f:/g/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA?e=BBBBBB     --> HTTP 301 moved permanently     --> redirects to the following  https://WEBSITE_NAME.sharepoint.com/_layouts/15/guestaccess.aspx?e=BBBBBB&share=AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA&cid=CCCCCCCC-CCCC-CCCC-CCCC-CCCCCCCCCCCC     --> HTTP 302 found     --> sets cookie FedAuth     --> redirects to the following  https://WEBSITE_NAME.sharepoint.com/FOLDER/SUBFOLDER?cid=CCCCCCCC-CCCC-CCCC-CCCC-CCCCCCCCCCCC     --> returns list of files in shared folder     --> file I want to access is present in the list but     --> accessing/downloading this file is not friendly/easy on mobile devices  https://WEBSITE_NAME.sharepoint.com/FOLDER/SUBFOLDER/DOCUMENT.PDF     --> accessing this link directly wont work without FedAuth cookie. 

I tried creating a website with a hidden iframe to load the required FedAuth cookie and redirect to the desired file but the iframe load failed due to issues with “Cross origin resources”

Any tips programatically access this file or perhaps even crafting a sharepoint link to set the cookie and redirect to lod the desired file instead of loading the shared folder directory??

I am doing this client side on an iPhone. I do not have any access to the sharepoint permissions.

How to add / include “screen shot” directly from clipboard to “Body” of post? [migrated]

I like to renew / re post my question about Bluetooth menu. Since single question / answer is norm on this forum, allow me to start with asking administrative question first.

I can get “gnome-screnshot” and copy it to clipboard.

How do I add such screenshot to this “body” of my post?

In other words – can I paste it here directly from clipboard? Yes or no?

And if “yes” how ?

I have been saving it in “LibreOffioce write ” file on “desktop” and then adding the file here as ” image “. Works , but little unnecessarily convoluted IMHO.

Should all my services connect directly to a DB or should I put an API in front of every DB?

I have a small system written in Go with aprox 10 services, and 3 DB (InfluxDB, Postgres, Blockchain) Each service use InfluxDB (some service read, other write), and postgres ( Readonly).

I see 2 options:

  1. In all my services, I use a client to connect directly to DB

    • Pros:
      • I already have it this way.
      • It is easier to write, and more flexible maybe
    • Cons:
      • All services are coupled to 2 or 3 databases,
      • Testing is being quite difficult
  2. I write a REST API in front of InfluxDB, that manage all queries, and systems just invoke those URLs to execute a query

    • Pros:
      • Unloose all my service from a Influx / Postgres dependency
      • Maybe mocking is going to be easier
      • Refactoring to ElasticSearch is easier
      • Centralized credentials
    • Cons:
      • more work
      • more tedious ?
      • Will it bring me something valuable ?

I am looking for advices to take this decision, or maybe, I am asking myself, Will it bring me something valuable ?

Boot directly into application without showing desktop

I am looking to use an old Dell Latitude laptop as a media extender. I am looking for the laptop to boot directly into the application without showing the dekstop at all. Currently i added the application to the startup list via lubuntu applications, but desktop flashes for good 15 seconds(yes its a slow hdd too) before opening the application. Is it somehow possible to maybe bypass loading the desktop but still be able to run the application?i have tried running it through the command line by booting into text mode but it cant load the GUI as expected. I think in order to achive that i need to load a window manager or similar. Sorry, my knowledge with linux is limited. Thank you.

Mount USB directly on virtualhost?

What I’m trying to achieve is basically mount a USB device such as an external drive (USB flash or HDD/SSD), perhaps even a smartphone (Android or iOS) in a contained environment before the operating system mounts it or directly on a virtualhost.

In given case scenarios:

  • Whenever I connect a USB stick, Mac OS automatically mounts, I’d eject it and eventually mount it on a host using VirtualBox (OS with no network access).

  • Same goes for a smartphone like say an iPhone. Whenever it’s connected via USB cable, iTunes will automatically pop up trying to connect the device with my computer.

So, I’ve had a look at this post, which talks about sandboxing and giving read-only priviledges to the USB device perhaps to the according port, plus even buying a WriteBlocker to which the device shall be connected.

My idea is to prevent the USB device connecting to my guest (or main OS) in this case Mac OS and mount it directly on my host OS, maybe by keeping the external volume isolated/unmounted on the guest and having the option of mounting it on VirtualBox though (just like mounting any of my USBs on my host). Visually put it’s a bridge from the external device to virtualhost hence bypassing/avoiding the guest.

Is this possible? Perhaps with a bash command?

Guest additions and extension packs are installed.

Is there a way to protect against fake messages by an SPA that consumes a webservice directly?

I develop a webservice currently and communication might be a bottleneck. It would be at least 100ms faster if I could access the webservice from the browser directly instead of sending the messages to the consumer’s server first and relaying them to the webservice along with the consumer identifier.

If I store that consumer identifier in the SPA, then everybody could fake a request in the name of the consumer, they just need to check what the SPA sends to the webservice as an user of it. Is there a way to protect the webservice against these kind of fake messages?

Query returns results on pgAdmin running on remote client but not directly through psql on db server

When I query my database using a role in pgAdmin on a remote client, I get the results of the query. However if I run the same query directly on the db server with the same role , I don’t see the query output. I see the table are present with the “\dt” command but I am not able to query the tables. Is there some configuration that is needed to enable querying the db from the same host ?