Difference between revisions of "Execution engine"

From AMTech WikiDocs
Jump to: navigation, search
(Security context)
(Security context)
 
(14 intermediate revisions by the same user not shown)
Line 26: Line 26:
  
 
== Security context ==
 
== Security context ==
When you create a reasoner, a dialog appears where you should select a name and an execution behavior. In the case where the execution behavior is to visit all the things returned by the observer, you should also select the security context under which the reasoner will run. Two different options are available:
+
Reasoners are executed with the security info (user and tenant) of the user that sent the observation that triggered the reasoner
[[File:Execengine-security.png|650px|thumbnail|center|Security from observation or service]]
+
* The observer is executed with these credentials so the things returned will be the ones accessible to it (things that belong to the user/tenant or that are shared with it)
* Observation's security context.
+
* Actions are executed with these credentials
*: It means that the observer will return only those things readable by the tenant of the observation. Also, all actions that create objects (things, observations, notifications, etc) will initialize the security context of the object being created with the security context of the observation being consumed.
+
** Access to types is checked using the user's actors
* Service's security context.
+
** Access to instances is checked using the user's tenant
*: It means that the observer will return all the things readable by the service. Also, all actions that create objects (things, observations, notifications, etc) will ask you to select between the security context of the observation being consumed and the security context of the thing being visited as the security context of the object being created.
+
* Actions that create resources (things, observations, notifications, etc) will initialize the security properties of the resource being created with the security info of the observation (ex. guest tenants, guest users)
[[File:action_security.png|650px|thumbnail|center|Security for objects being created]]
+
 
+
Check [[Access_control#Access_while_executing_observers_in_the_reasoner.27s_engine|this section]] fur further details.
+
  
 
== Extension module ==
 
== Extension module ==

Latest revision as of 11:08, 30 July 2018

CEP (Complex Event Processing — now called Event Stream Processing)

AMTech execution engine is an implementation of a CEP; it encapsulates CEP's complexity in the DAP design.

Execution feedback and/or errors

When an activity is being executed by the execution engine an observationlifecycle type is sent to the activity_lifecycle topic. Some events are reported through the property event, among this events:

  • Start of a reasoner (BEGIN)
  • End of a reasoner (END)
  • Execution errors (ERROR)

The following example illustrates activity "producer": "thingsInBoardroom" reporting action "resourceuri": "/amtech/activities/thingsInBoardroom/reasoners/createThingInBoardroomFromEddystoneBeacon/actions/ReportThingInBoardroom" started "event": "BEGIN"

    {
        "topic": "/activity_lifecycle/thingsInBoardroom",
        "guesttenants": [
            "_ALL"
        ],
        "event": "BEGIN",
        "@type": "/amtech/linkeddata/types/composite/observation/observationlifecycle",
        "producer": "thingsInBoardroom",
        "resourceuri": "/amtech/activities/thingsInBoardroom/reasoners/createThingInBoardroomFromEddystoneBeacon/actions/ReportThingInBoardroom",
        "detectiontime": "Tue Apr 26 21:41:09 UTC 2016",
        "@id": "/amtech/things/observations/983c488f-c3d4-44ec-85f2-795428d12d83",
        "occurrencetime": "Tue Apr 26 21:41:08 UTC 2016"
    }
This is a strong mechanism you can use to trace the execution of your activities if, at a given moment, you think they are not working as expected.

Security context

Reasoners are executed with the security info (user and tenant) of the user that sent the observation that triggered the reasoner

  • The observer is executed with these credentials so the things returned will be the ones accessible to it (things that belong to the user/tenant or that are shared with it)
  • Actions are executed with these credentials
    • Access to types is checked using the user's actors
    • Access to instances is checked using the user's tenant
  • Actions that create resources (things, observations, notifications, etc) will initialize the security properties of the resource being created with the security info of the observation (ex. guest tenants, guest users)

Extension module

EPC

Electronic product code Tag Data Translation implemented according to the GS1 EPC Tag Data Translation 1.6 specification (http://www.gs1.org/epc/tag-data-translation-standard) Exposed as 2 JavaScript functions available for reasoner's JavaScript binding:

* epcEncode
* epcDecode

They support the following codings:

  • SGTIN-96, SGTIN-198, SSCC-96, SGLN-96, SGLN-195, GRAI-96, GRAI-170, GSRN-96, GSRNP-96, GDTI-96, GDTI-174, GID-96.

Debug

(See check reasoner)

Geospatial libraries

A couple of libraries are available in JavaScript bindings:

You can make use of these libraries using the variables geolib and terraformer that are initialized as follows:

 var geolib = require('geolib');
 var terraformer = require('terraformer');

Example binding location property to a new created geofence thing, using the location from observation and calculating a circle with 300 radius

function(observation)
{
    var location;
    //get wkt json
    var loc = JSON.parse(observation.location);
    //parse longitude and latitude from wkt text
    var point = terraformer.WKT.parse(loc.wkt);
    //create a circle with 100 metres radius
    var circle = new terraformer.Circle([point.coordinates[0], point.coordinates[1]], 100, 64);
    //create location wkt 
    location = terraformer.WKT.convert(circle.geometry);
    //wkt poligon location bind to created geofence thing
    return location;
}