Using functional interface arguments in methods of services injected via Spring

Here is the working code for my Spring service:

@Service public class UploadService {      @Inject     @Qualifier("session")     Session session;      @Inject     AsyncImageConvertService asyncImageConvertService;      @Value("$  {aws.bucket-name}")     String awsBucketName;      @Inject     AmazonS3 amazonS3;      @Inject     ImageMapper imageMapper;      @Transactional(isolation = Isolation.READ_COMMITTED, propagation = Propagation.REQUIRED)     public void uploadImage(Image image, String url, Runnable fnSaveObject) {         File file = new File(System.getProperty("java.io.tmpdir"), image.getUrl());          image.setUrl(url);         image.setCreator(session.getUser());         PutObjectRequest request = new PutObjectRequest(awsBucketName, image.getUrl(), file);         request.setCannedAcl(CannedAccessControlList.PublicRead);         amazonS3.putObject(request);          TransactionSynchronizationManager.registerSynchronization(new TransactionSynchronizationAdapter() {             public void afterCommit() {                 asyncImageConvertService.processImage(image.getId(), file);             }         });          imageMapper.insert(image);         fnSaveObject.run();     } } 

It is called from the following code:

uploadService.uploadImage(                 profileImage,                 "/user/" + user.getId() + "/" + profileImage.getUrl(),                 () -> userMapper.insertImage(user, profileImage) ); 

The Runnable functional interface will run in transaction and invoke async service method after transaction committed.

*Mapper is injected instance also, via spring-mybatis.

This code looks like it’s working well, but I’m afraid it’s not safe.

Is it safe to use functional interface arguments in methods of services injected via Spring?

Force instance methods to use only public members

What do you think about code like this:

public class ThisClass {     // this method uses only public members     public void DoSomething()     {         AccessToPublicMembersOfThisClass.DoSomething(this);     } }  // EDIT: this class is not nested! internal class AccessToPublicMembersOfThisClass {     internal void static DoSomething (ThisClass x)     {        // we are sure were using only public members because        // private members are unaccessible from here          x.Action();     } } 

Is it good or not?

I could do some static methods, but I don’t want to pass any arguments to them.

How to display linked third party sign in methods

I am writing an app. Like Google suggests, the user should be to be able to link multiple sign in methods to their account. In order to do that, the ideas of “identities” and “accounts” are separated in the RESTful backend.

When signing up/in with a third party SDK, the access token (or ID token in the case of Google) gets sent to the backend, which then verifies and forgets about it. The app also forgets about this information, as it receives a separate bearer token from the server.

In the account settings, I now want to display a list of all linked accounts. The app receives an array containing the user IDs from the third party accounts. It should then populate the list with profile pictures and names.

The problem: Third party identity provider APIs only seem to hand out information like usernames and profile pictures if they are given the user’s access token. I looked everywhere for APIs without access tokens. I thought at least the username would be public information and could be retrieved with a simple HTTP GET request and the user ID.

Google seems to have had a Google Plus API that was useful, but that is being shut down. The Google People API gives access to names, but required OAuth2 authentication. Facebook has the Graph API, which also wants the user’s access token. Twitter has https://api.twitter.com/1.1/users/show.json, which requires authentication headers.

How does one go about this?

I could store the access token from the third party sign up on the client. Not only does this seem very sloppy, but it also comes with a problem: If the user buys a new phone, the access tokens are lost and the linked accounts list can’t be displayed correctly.

Another possibility would be to store the access/ID token on the server. The server could then either send all access tokens back to the client when it needs them, or populate usernames and profile pictures itself. But this seems like a huge security issue. Surely, access tokens are not meant to be kept around for a long time?

The backend could store the information like the username, the email address and the profile picture the moment the user signs up with a third party account. It would then not have to keep the access token. However, if the user changes their profile information in the third party account, these changes go unnoticed. In addition to that, storing a third party profile picture on the server seems absurd.

Why have private static methods?

I just wanted to clear up a question I have. What is the point of having a private static method as opposed to a normal method with private visibility?

I would have thought an advantage to having a static method is that it can be called without an instance of a class, but since its private is there even a point to it being static?

The only reason I can think of is that it helps conceptually understanding the method on the class level as opposed to object level.

Are REST Methods Which Return Dynamically Generated Random Data Safe

Is a REST method which returns dynamically generated random data each time that it is accessed considered safe?

According to RFC 2616 (emphasis mine):

In particular, the convention has been established that the GET and HEAD methods SHOULD NOT have the significance of taking an action other than retrieval. These methods ought to be considered “safe”. This allows user agents to represent other methods, such as POST, PUT and DELETE, in a special way, so that the user is made aware of the fact that a possibly unsafe action is being requested.

Naturally, it is not possible to ensure that the server does not generate side-effects as a result of performing a GET request; in fact, some dynamic resources consider that a feature. The important distinction here is that the user did not request the side-effects, so therefore cannot be held accountable for them.

My understanding from this is that the method should be considered safe as the only action is retrieval. The state of the server is not changing with multiple calls (though the result may be different) as any side effects generated would be the same (such as logging that the endpoint was accessed).

I’m not sure if this is the case though as there is no true resource being accessed since the data is generated dynamically. I also could be misunderstanding the concepts of safe methods, idempotence, and how these concepts relate to REST APIs. Any information is very much appreciated!

There are many of the right methods

There are many of the right methods that permit you to in getting best body and to get length 0 figures like a movie star. You need to attempt out these methods that can in reality assist you in getting exceptional movie star smile that you constantly dreams of.

Pram is a piece of writing author, marketer, freelancer and complete time blogger who write for numerous niches. Please evaluation his site and phone him in case you are interested by getting the item advertising and marketing…

There are many of the right methods

When I use “echo” in vendor methods – products not showing, but work fine without it

I got the next code:

public function getProductCollection() {     if (isset($  this->_productCollections[$  this->getCurrentCategory()->getId()])) {         $  collection = $  this->_productCollections[$  this->getCurrentCategory()->getId()];     } else {         $  collection = $  this->collectionProvider->getCollection($  this->getCurrentCategory());         $  this->prepareProductCollection($  collection);         $  this->_productCollections[$  this->getCurrentCategory()->getId()] = $  collection;     }     echo "Collection count".$  collection->count();     return $  collection; } 

When I tried to echo collection count – it always equals 0, but when I delete this string – everything is okay count equals 16. How?

python import fails for some methods

I’m seeing very strange error with my python module. It throws ImportError for one method. It imports other methods.

main.py

   from utils import func1, func2, func3    ... 

utils.py

   def func1():     ...    def func2():     ...    def func3():    ... 

The ImportError shows up for func3. Both main.py and utils.py are in same directory (it’s not a package).

I’m using func3 as decorator in main.py, but I guess that shouldn’t matter for this error.

I defined new methods (func4 etc) and imported them in main. ImportError is thrown on all new methods. Only func1 and func2 are successfully imported.

If anyone has ideas to debug, that’ll be helpful

imnplimenting object and retreiving list, filtering, invoking methods. low level system code, [on hold]

I’m thinking about system level code, and am wondering about how to implement objects whose fields can be accessed.

So if we have an object named task, with a members such as tid and kill. we could get at the tid by calling task->tid. No what if we had to deal with many task objects, such as we’d want to kill all tasks with a tid > 100.

How could this be implemented properly? A naive implementation might loop through each object and check the tid, but this already isn’t enough. The object can be changed or modified in any way, to make this robust and performant. As long as we identify where any new methods are, how the result is accessed, it would help me understand how this might be approached.