why does the facade pattern + revealing modular pattern "add security"?

824 views Asked by At

REFERENCE

According to reference: Below is a more advanced version of the facade pattern that adds security to internal methods.

Question: Honestly what do they mean add security? Furthermore, what would be insecure example? Lastly, What would be a simple but real use case for security and this facade + revealing module pattern?

var MyModule = ( function( window, undefined ) {

  // revealing module pattern ftw
  function MyModule() {

    function someMethod() {
      alert( 'some method' );
    }

    function someOtherMethod() {
      alert( 'some other method' );
    }

    // expose publicly available methods
    return {

      // in our normal revealing module pattern, we'd do the following:
      someMethod : someMethod,

      // in the facade pattern, we mask the internals so no one has direct access by doing this:
      // HOW DOES THIS MASK THE INTERNALS?  WHAT DO THEY MEAN BY ADDS SECURITY?
      someMethod : function() {
        someMethod();
      }

    };

  }

} )( window );

1

There are 1 answers

4
Bergi On BEST ANSWER

This just makes no sense. Really none.

  • There is no added "security". Security is a completely different field when developing web applications.
  • "Works well in combination with other patterns", "Easy to implement" is not really an advantage. The normal design is even simpler.
  • "Makes it easy to patch internals". Sure. But YAGNI. You still can introduce it when you really patch internals, or shim externals.
  • "Provides a simpler public interface". Well, it can be used to reduce the complexity of the interface, especially if the internal methods have additional parameters that are not documented and are expected not to be exposed. But the someMethod in the example does not have any parameters, so it's just useless here.

Actually, the revealing module pattern already is a facade by itself. It defines some internal functions, and then exports them on the module object, whose property names are the external interface. There's no need for an additional layer of indirection.