----

Proxy Design Pattern Example

Proxy Design Pattern: Proxy Design Pattern addresses a problem where access to real object needs to be controlled in a manner by which only authorized user can access the real object. Proxy pattern can also be applied to allow only limited access to real object.


Let’s take an example of banking system

Bank as a whole, is a very secure system, the access to which is restricted only to customers who holds an account with the bank. The access to the bank is controlled by bank personal such that if a bank customer wants to perform a transaction, then he will not be allowed to do so. The bank personal ensures that only customer who holds account with the bank is allowed to perform transaction.

The bank personal is in fact the proxy who controls access to the bank to the outside world. This proxy validates the authenticity of the customer before performing any transaction, on behalf of the bank.

If we have a class Bank which represents real Bank then we need to expose this Bank object to the client directly, so without proxy any non-bank client who has a valid account number can perform transaction with the Bank object which is not desirable.
Bank.java


public class Bank {
public void performTransaction(String transactionType, int accountNo) {
        //perform transaction, say transactionType is AccountBalance
}
}

Customer.java


public class Customer {    
public static void main(String args[]) {
Bank bank = new Bank();      
                   bank.performTransaction("AccountBalance", 12345);
}
}

Problem: This way any client even though the not a real bank customer, can give valid account number and get the balance details of the account.

To address this problem, one way we can think is to add a private method in the Bank class and validate the user account before doing any transaction.
But you can't do this, since it is a banking system, the transaction module should not contain any account validation logic as other services might also want to validate a customer for other banking services. So again you will not be allowed to change existing Banking system classes, but you are allowed to add new classes in the system. One more reason, what if you do not have the Bank class code, you can't make any change in Bank class.

Solution: To resolve this kind of problem the bank can hire a third party who will do account validation on behalf of bank before performing any transaction on Bank object. This third party is none other than your proxy. So we can introduce a Proxy which will allow only those customers who holds an account in the bank to perform a transaction.
BankProxy.java


public class BankProxy {
private Bank bank = new Bank();
private int userId;
private int accountNumber;

public BankProxy(int accountNumber, int userId) {
this.accountNumber = accountNumber;
this.userId = userId;
}

// let your proxy do the transactions
public void performTransaction(String transactionType) throws Exception {
if (checkAccountNumber() && validateUserId()) {
bank.performTransaction(transactionType, accountNumber);
} else {
throw new Exception("Invalid user account.");
}
}

// let your proxy to do account validation for bank
private boolean checkAccountNumber() {
// using validation module validate the account.
return true; // or return false depending on whether accountNumber is valid for given userId
}

// let your proxy to do user validation for bank
private boolean validateUserId() {
// using validation module validate the userId.
return false; // or return true if userId is valid
}
}


Now this proxy can be exposed to Customer to perform any transaction.

Modifying Customer.java to use bank proxy.


public class Customer {
           private static int customerId = 007;
           private static BankProxy bank;
public static void main(String args[]) {
bank = new BankProxy(123456,customerId);
try {
bank.performTransaction("AccountBalance");
} catch (Exception e) {
e.printStackTrace();
}
}
}


Proxy is widely used in our real world, while doing any funds transfer from one bank to other bank or any third party, the proxy is used to handle it.
Since no Bank will share their internal system directly with the customer or with any other bank due to security but will expose their proxies instead of actual system.

No comments :

Post a Comment