tags:

views:

162

answers:

10
+3  Q: 

What's the benefit of using a lot of complex stored procedures

For typical 3-tiered application, I have seen that in many cases they use a lot of complex stored procedures in the database. I cannot quite get the benefit of this approach. In my personal understanding, there are following disadvantages on this approach:

  1. Transactions become coarse.
  2. Business logic goes into database.
  3. Lots of computation is done in the database server, rather than in the application server. Meanwhile, the database still needs to do its original work: maintain data. The database server may become a bottleneck.

I can guess there may be 2 benefits of it:

  1. Change the business logic without compile. But the SPs are much more harder to maintain and test than Java/C# code.
  2. Reduce the number of DB connection. However, in the common case, the bottleneck of database is hard disk io rather than network io.

Could anyone please tell me the benefits of using a lot of stored procedures rather than letting the work be done in business logic layer?

A: 

You listed one of the main ones putting business logic in the Db often gives the impression of making it easier to maintain.

Generally complex SP logic in the db allows for cheaper implementation of the actual implementation code, which may be beneficial if its a transitional application (say being ported from legacy code), its code which needs to be implemented in several languages (for instance to market on different platforms or devices) or because the problem is simpler to solve in the db.

One other reason for this is often there is a general "best practice" to encapsulate all access to the db in sps for security or performance reasons. Depending on your platform and what you are doing with it this may or may not be marginally true.

GrayWizardx  2009-12-16 06:38:38
A: 

I don't think there are any. You are very correct that moving the BL to the database is bad, but not for everything. Try taking a look at Domain Driven Design. This is the antidote to massive numbers of SPROCs. I think you should be using your database as somewhere to store you business objects, nothing more.

However, SPROCs can be much more efficient on certain, simple functions. For instance, you might want to increase the salary to every employee in your database by a fixed percentage. This is quicker to do via a SPROC than getting all the employees from the db, updating them and then saving them back.

Chris Arnold  2009-12-16 06:39:14
A: 

I worked in a project where every thing is literally done in database level. We wrote lot of stored procedures and did lot of business validation / logic in the database. Most of the times it became a big overhead for us to debug.

The advantages I felt may be

  • Take advantage of full DB features.
  • Database intense activities like lot of insertion/updation can be better done in DB level. Call an SP and let it do all the work instead of hitting DB several times.
  • New DB servers can accommodate complex operations so they no longer see this as a bottleneck. Oh yeah, we used Oracle.

Looking at it now, I think few things could have been better done at application level and lesser at DB level.

Guru  2009-12-16 06:39:16
+1  A: 

Network between appServer and sqlServer is the bottle neck very often. Stored procedures are needed when you need to do complex query. For example you want collect some data about employee by his surname. Especially imagine, that data in DB looks like some kind of tree - you have 3 records about this employee in table A. You have 10 records in table B for each record in table A. You have 100 records in table C for each record in table B. And you want to get only special 5 records from table C about that employee. Without stored procedures you will get a lot of queries traffic between appServer and sqlServer, and a lot of code in appServer. With stored procedure which accepts employee surname, fetches those 5 records and returns them to appServer you 1) decrease traffic by hundreds times, 2) greatly simplify appServer code.

 2009-12-16 06:40:05
That's ture. Now I would like to put some logic which are too complex for business layer and have low probability to be changed to the database as SPs. For the rest, I still would put the rest in business layer, because of the ease of maintain and test. Also, the change will affect less components if not use SP.
Ryan  2009-12-16 07:01:31
+6  A: 

Basically, the benefit is #2 of your problem list - if you do a lot of processing in your database backend, then it's handled there and doesn't depend on the application accessing the database.

Sure - if your application does all the right things in its business logic layer, things will be fine. But as soon as a second and a third application need to connect to your database, suddenly they too have to make sure to respect all the business rules etc. - or they might not.

Putting your business rules and business logic in the database ensures that no matter how an app, a script, a manager with Excel accesses your database, your business rules will be enforced and your data integrity will be protected.

That's the main reason to have stored procs instead of code-based BLL.

Also, using Views for read and Stored Procs for update/insert, the DBA can remove any direct permissions on the underlying tables. Your users do no longer need to have all the rights on the tables, and thus, your data in your tables is better protected from unadvertent or malicious changes.

Using a stored proc approach also gives you the ability to monitor and audit database access through the stored procs - no one will be able to claim they didn't alter that data - you can easily prove it.

So all in all: the more business critical your data, the more protection layer you want to build around it. That's what using stored procs is for - and they don't need to be complex, either - and most of those stored procs can be generated based on table structure using code generation, so it's not a big typing effort, either.

marc_s  2009-12-16 06:42:59
I agree that put BL in DB makes it easier for different applications' development. In my experience, however, the most common case is we develop only one application there for one database. I think a customer does not like to let 2 different teams to develop different applications on the same database. If so, why not just let one team to develop one application?
Ryan  2009-12-16 06:53:32
@Ryan - why does it have to be two teams? And if it has to be one team, then put *everything* in the database - layout, page flows, the lot. It is perfectly simple to generate web pages out of a database.
APC  2009-12-16 07:04:31
@Marc. Transactional APIs are good, table APIs in most cases are not. So that's a thumbs down for code generation.
APC  2009-12-16 07:06:15
@Raan: yes, if your app is small and limited enough to be sure no one else is ever going to want to directly access your database - fine, then you can basically do whatever feels right for you. I'm working in an enterprise environment where most databases are shared amongst a multitude of teams and applications.
marc_s  2009-12-16 07:29:12
Another advantage might be that the code that interacts with the database tables is more likely to be written and maintained by developers who are interested/motivated/skilled at the task. In my experience Java programmers (for example) are not interested in databases, database design, or in RDBMS technology.
David Aldridge  2009-12-17 08:54:11
+4  A: 

Don't fear the DB.

Let's also not confuse business logic with data logic which has its rightful place at the DB.

Good systems designers will encompass flexible business logic through data logic, i.e. abstract business rule definitions which can be driven by the (non)existence or in attributes of data rows.

Just FYI, the most successful and scalable "enterprise/commercial" software implementations with which I have worked put all projection queries into views and all data management either into DB procedures or triggers on staged tables.

Xepoch  2009-12-16 06:45:38
interesting concept, could you please expand on the differences between business logic and data logic???
opensas  2009-12-17 17:32:01
@opensas, hard to explain in a comment, but the logic of "what" to do should (in that model) be data dependent. I.e. (canonical example) application would query a single view to determine steps to take or things to display, vs. going after all necessary data and then determining itself what is applicable. The same applies to other CRUD activities: allow the schema to handle said logic, the application should manage the UI around it.
Xepoch  2009-12-17 18:54:22
A: 

It depends almost entirely on the context.

Doing work on the server rather than on the clients is generally a bad idea as it makes your server less scalable. However, you have to balance this against the expected workload (if you know you will only have 100 users in a closed enironment, you may not need a scalable server) and network traffic costs (if you have to read a lot of data to apply calculations/processes to, then it can be cheaper/faster overall to run those calculations on the server and only send the results over the net).

Also, if you have custom client applications (as opposed to web browsers etc) it makes it very easy to push updates out to your clients, because you don't need to recompile and deploy the client code, you simply upgrade the database stored procedures.

Of course, using stored procedures rather than executing dynamically compiled SQL statements can be more efficient (it's precompiled, and the code doesn't need to be uploaded to the server) and aids encapsulation to give the database better integrity/security. But by the sound of it, you're talking about masses of busines logic, not simple efficiency and security measures.

As with most things, a sensible compromise/balance is needed. Stored Procedures should be used enough to enhance efficiency and security, but you don't want your server to become unscalable.

Jason Williams  2009-12-16 06:51:53
+1  A: 

It seems like your question is based on the notion that three-tier is "the way". Philip Greenspun wrote a fairly scathing critic of the benefit of the three-tier architecture. While some of his arguments are a bit dated, they still hold some truth, even today.

vkraemer  2009-12-16 06:57:03
Good read at your link. I'm a big consolidation proponent, so like to see those comments in the late 90s too.
Xepoch  2009-12-16 21:26:45
+1  A: 

The life time of our data exceeds that of our applications. Also data gets shared between applications. So many applications will insert data into the database, many applications will retrieve data from it. The database is responsible for the completeness, integrity and correctness of the data. Therefore it needs to have the authority to enforce the business rules relating to the data.

Taking you specific points:

  1. Transactions are Units Of Work. I fail to see why implementing transactions in stored procedures should change their granularity.
  2. Business logic which applies to the data belongs with the data: that maximises cohesion.
  3. It is hard to write good SQL and to learn to think in sets. Therefore it may appear that the database is the bottleneck. In fact, if we are undertaking lots of work which relates to the data the database is probably the most efficient place to do.

As for maintenance: if we are familiar with PL/SQL, T-SQL, etc maintenance is easier than it might appear from the outside. But I concede that tool support for things like refactoring lags behind that of other languages.

APC  2009-12-16 06:59:44
A: 

"there are following disadvantages on this approach: ... Business logic goes into database."

Insofar as by "busines logic" you mean "enforcement of business rules", the DBMS is EXACTLY where "business logic" belongs.

Erwin Smout  2009-12-17 17:28:34

related questions

What language do you use for Postgresql triggers and stored procedures?
Are Multiple DataContext classes ever appropriate?
Which tools do people use to create Data Dictionaries?
Any experiences with Protocol Buffers?
Mechanisms for tracking DB schema changes
How big can a MySQL database get before performance starts to degrade.
How do I index a database field
How does database indexing work?
How do I connect to a database and loop over a recordset in C#?
Editing database records by multiple users
Object Oriented vs Relational Databases
VFP .NET OLEdb provider does not work in Win 64-Bits. Help
Embedded Database for .net that can run off a network
Connect PHP to an AS/400
Swap unique indexed column values in database.
cx_Oracle - what is the best way to iterate over a result set?
cx_Oracle - How do I access Oracle from Python?
.NET Migrations Engine
Is there a version control system for database structure changes?
SQLite and XSD
How do I version my MS SQL database in SVN?
XSD DataSets and ignoring foreign keys
Flat File Databases in PHP
Throw Error In MySQL Trigger
Binary Data in MySQL