Sunday, October 20, 2013

Visual Studio Code Review

I have finally been able to work with Visual Studio and TFS code reviews. There were a couple thing that threw me off I wanted to write about. If you want a good quick overview of what this is check out the Channel9 video “Using Code Review to Improve Quality.” There are a few things to note about this feature no one calls out easily:

1- You must have TFS to enable this

2- You must have at least Visual Studio 2012 premium

If you have those two things you can start doing code reviews this way. It is a great feature I think. Sadly it will be under utilized by a lot of development shops for a few reason. First, I think few will understand this feature is there and even if they do fewer will spend the time to defined their processes for it. Second I think a lot of development shops have only a professional license, don’t use TFS as their back, or if they do, they don’t work to use its full capability and just use it as source control.

With all that said if you are using it or thinking of using here are some things I have found out.

Inline code comments

Inline code comment

You can provide comments for the entire change set, document or highlight a line of code and provide comments for just that. However, you can only do inline code comments on code. This means no CSS files, no CSHTML files, etc. Not a huge deal but a bit of a disappointment.

Closing and Sending Comments

Send Comments or Close Reivew options

Once you have provided comments you can send those comments. It is important to note though that is is not the same as closing out your code review (approve or reject). In the above picture you will notice that the “Send Comments” button is grayed out because I have sent my comments. However, the “close review” item is still active. This should allow you to provide feedback on the code without closing out the review. This allows you to have some back and forth with the developer to fine tune the code before you approve the code.

To Check-In or leave outstanding

With code reviews you can request a code review and then either leave your code checked out until code reviews are done or you can check your code in. I am sure everyone has different thoughts here on what they like. I prefer to have developers check-in their code. I prefer this for a few reason. The main reason is code reviews normally don’t happen in a timely manner. I don’t want additional coding or testing slowed down waiting for this. Plus as long as the developer goes back and checks the status of his code review any requested changes can be made then. This is a good reason to have TFS send emails when code review task item status change. It helps make sure developers know comments have been added or a review is completed either because it was declined or it was approved.

You can request a review in a couple ways.

1- Go to “My Work” and under in progress you can select “Request Review”. This is not bad but it means the develop has to remember to go there and request review before checking in.

My work screen for request review

2- Request review while checking in. This can be done by selecting the “Actions” link.

pending changes screen for request review

Code reviews are only good if they happen. I am sure there are lots of opinions out there on how to make code reviews happen. I don’t think there is one answer for this problem. TFS does not support (out of the box) a check-in policy that says you have to have had or requested a code review. Personally I am not a big fan of that approach anyway but I don’t think every check-in needs a code review. This is where the SDLC process creation and management comes into play. If your team is not active in creating, managing, enforcing and refining their SDLC rules this will not be as beneficial as it could be to you.

Wednesday, October 16, 2013

Web API – Pass multiple simple parameters on a POST/PUT

I have been working a lot lately on Web API (v1). For the most part I really like but there is one thing I found out that I really hate. Web API (v1) does not let you POST multiple simple type parameters.

Here are the links I found that let me get through this.

WebAPI Multiple Put/Post parameters

Passing multiple simple POST Values to ASP.NET Web API

This was a little tricky to find and most people think Web API cannot do this. Which I by default it cannot be this extension has worked great for me. So I wanted to make sure I could find it again and make it a little easier for others to maybe find it.

Tuesday, October 15, 2013

Calculate Screen Size in Inches based on height and width in millimeters

This will be short and simple but some math that hopefully will be helpful. I have been doing a lot of mobile device detection work as of late. Recently I was about to get the physical width and height of a device in millimeters. This was great but what I really needed was the diagonal screen size in inches. Here is the math for it.

- Get the width in inches : width in millimeters times 0.0393700787

- Get the height in inches :  height in millimeters times 0.0393700787

- Combined value of both to the power of 2 : width in inches ^2 + height in inches^2

- Get the square root which should be the diagonal screen size : Combined value square root

That is it.

You can see it working on my test site

Monday, October 14, 2013

Web API, JSON, AJAX, CORS, Chrome 500 error and Authentication–Oh My!

I have been working on a project that is using .Net 4.0 and MVC 4 with Web API. Web API is great and provides a lot of great functionality easily. We have needed to call our Web API from another domain though which introduces Cross Origin Resource Sharing (CORS) issues. Web API in 4.0 does not really support this so it has been causes us issues, you can configure IIS to work with it pretty easily.. In later version it will support it better. See the following links:

Web API VS 2013 (.Net 4.5 and later)

http://aspnetwebstack.codeplex.com/

Enabling Cross-Origin Requests in ASP.NET Web API

ASP.NET Web API: CORS support and Attribute Based Routing Improvements

However, if you are using 4.0 that is not much help to you. We have had to push through a few issues on this front. If you are testing with IE8 you will not see them as it does not care about CORS issues. If it is working in IE but not working in Chrome or FireFox here are some issues we have been working through:

 

Some calls return data others do not

Be default Web returns both XML and JSON formatted objects. If you are doing a browser based request (especially in Chrome) the default request asks for XML back. Look at what type of objects you are returning. If you are returning an complex type that holds a complex type this can cause an issue. The embedded complex types may need serialization defined for them. Or you can just remove the XML serializor which forces the response to be JSON instead of XML.

In the WebAPIConfig.cs Register method:

//Remove XML formatting 
config.Formatters.Remove(config.Formatters.XmlFormatter);
 

Some calls never get to the API

If you are seeing your calls in a cancelled state (Chrome inspector or fiddler) this means you are having CORS issues. This means the browser sees that you are trying to request data from the client side from a different domain. Keep in mind here that domain means different website. So just because you have test1.mysite.com  and test2.mysite.com (same domain different sub domain) it does not mean you are good. If those two sites are hosted in different webservers or different sites in IIS. Here are some sites with solutions on what you need to setup to make this work.

Web API, JavaScript, Chrome & Cross-Origin Resource Sharing

jQuery, CORS, JSON (without padding) and authentication issues

Using CORS to access ASP.NET services across domains

http://www.w3.org/TR/access-control/#origin-request-header

HTTP Cookies and Ajax requests over HTTPS

Here is an example AJAX call I setup that works.

var xhr = new XMLHttpRequest();
 
$.ajax( {
  method: "POST",
  url: form.attr( 'action' ),
  data: form.serialize(),
  xhrFields: {withCredentials: true},      
    cache: false,
    async:true,
  dataType: "application/x-www-form-urlencoded",
  success: function( response ) 
{
    console.log( response );
},
error: function (XMLHttpResponse, textStatus, errorThrown) {
            console.log(XMLHttpResponse);console.log(textStatus); console.log(errorThrown);
        }
 });

 

Passing Credentials and Cookies

Notice that I have xhrFields: {withCredentials: true}, this is a must have if you are doing an AJAX call that requires authentication. This will make sure any cookies created stay attached to the request.

We had to do authentication with Novell Access Manager (NetIQ Access Manager) and it was a serious pain. NetIQ really struggles to allow CORS calls. In fact I would say that it does not. Now I am no NAM expert and we were working with another firm who managed that, so if you know how to make it support CORS let me know. We ended up having to make it so CORS did not come into play.

There seems to be some confusion on the origin request header. You will even see this in some posts. Some people say to if you need to allow multiple headers just add it in one header separated by a comma. Others will say add multiple headers. Here is the key. If your request includes credentials you can only have one origin and no wildcards.

Per the w3 specs:

“If the resource supports credentials add a single Access-Control-Allow-Origin header, with the value of the Origin header as value, and add a single Access-Control-Allow-Credentials header with the case-sensitive string "true" as value.”