Understanding of 6 principles of contractual design
In the design by contract principles and practices, the author defines the 6 principles of contractual designs:
- Distinguish between commands and queries;
- Separate the base query from the derived sany;
- For each derived query, set a posteriori condition, using the results of one or more basic queries to define it;
- For each command, write a posteriori condition that specifies the value of each basic query;
- For each query and command, an appropriate priori condition is adopted;
- Write invariant to define the object's constant characteristics.
Front 5 for the operation level, whether it is object-oriented, process-oriented, functional or even, can be applied. The last 1 for the data plane, especially for the object-oriented, such as the composition of the model. Subdivision, the first 2 points is the change of the state of the object operation, and 3, 42 is the principle of posterior conditions, the 5th is the principle of transcendental conditions.
1. Differentiate Commands and queries
According to whether the operation change the state of the object, the operation is divided into two types of command and query, this should be directly reflected in the name, such as the query should use GETXXX, such as a glance to see that this is a query, do not change the state of the object, that is the command, will change the state of the object. In addition to allowing us to see the characteristics of operation at a glance, this classification is also the basis of the regularization of the entire DBC in the operation combination. If you divide the error, you might break the operation combination (for example, treat a command action as a query operation).
2, separate the basic query and derivation Sany
To subdivide the query, some queries can have other query combinations, some of which cannot be combined by other queries, the former is derived query, the latter is the basic query.
For a basic query, it is not necessary to have a posteriori condition, which is the default assert (postcondition) = = True, because it is the original, primitive query, and the derived query is composed of basic query, which involves the author's logic, need a posteriori condition, To make sure that the logic is correct.
Because the basic query is determined to satisfy the posterior condition, if all other operation except the basic query are ultimately made up of basic queries, then the correctness and legitimacy of the posterior conditions of these operation will be guaranteed for a long time. The extension is principle 3 and principle 4:
Postcondition (primitivequery) =
^ Assert (postcondition) = = True
Postcondition (composedquery) = PRIMITIVEQUERY{1..N}
Postcondition (Command) =PRIMITIVEQUERY{1..N}
This ensures that all operation are justified in the right post-mortem condition.
3, for each query and command, the use of a suitable prior condition
Every truth is set in a certain premise. If a query operation does not require a priori condition, then its prior condition is any precondition.
This is combined with the posterior condition mentioned above to ensure the operation of the combination. It also emphasizes the appropriate .
4, write invariant to define the object's constant characteristics
Some of the properties of an object need to meet certain conditions throughout. Carefully differentiating between the words, we should pay more attention to those attributes that will change in command operation, ensure that these properties always meet these conditions, so that data satisfies the invariant requirements and constant characteristics. In the case of C + +, this is the need to pay special attention to the general recommendation in the subclass do not directly manipulate the parent class member variables, otherwise, to ensure that the constant nature of the object member variables is very cumbersome, in C + + there are friend functions, friends, etc., it is recommended to try not to change the value of the class member variables in the It is recommended to extract a method for a member variable to be called, which is necessary to ensure the constant characteristics of data.
Contract design (DbC) Impressions (II.)