Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "no payment no service"
-
Dear nerds from all over the world,
We get it. 404 pics are funny.
But did you know there other status codes too?
Like...
204 - No Response
301 - Moved
302 - Found
400 - Bad request
401 - Unauthorized
402 - Payment Required
403 - Forbidden
501 - Not Implemented
502 - Service Temporarily Overloaded
I'm sure you'll also find funny situations with these.
Thanks. We're the best!26 -
I'm getting so pissed off by this client, here's the gist
We signed agreement defining the following deliverables:
- news page and news article page
- releases page and release info page
(it's a guy from a record label)
After the signature we (me and my colleagues) went to work and finished all that (+ a little more actually, yea I know never overstep your agreement right but we did) and we got paid (all good)
Now after payment he's asking us to do more (some kind of mail installation thing), so I obviously tell him, as I actually have many times before, that our agreement only stretched as far as those 4 deliverables and we wouldn't work without a new agreement defining a new set of requirements or an hourly rate.
Next he goes and tells me the following
==
We already have an agreement. I'm not paying you on an hourly rate as you are not next to me. Let me know
-- First off no we don't, the agreement only covered the 4 pages
== immediatly after
Also you really need to work on your costumer service. Your attitude is very rude. I don't know how many clients you have but all this distrust attitude is not in your favours. Let me know if you want to proceed?
-- Are you fucking kidding me? I am rude and distrustful? I JUST DO MY FUCKING JOB YOU PRICK
Sorry just need to let off some steam14 -
So, some time ago, I was working for a complete puckered anus of a cosmetics company on their ecommerce product. Won't name names, but they're shitty and known for MLM. If you're clever, go you ;)
Anyways, over the course of years they brought in a competent firm to implement their service layer. I'd even worked with them in the past and it was designed to handle a frankly ridiculous-scale load. After they got the 1.0 released, the manager was replaced with some absolutely talentless, chauvinist cuntrag from a phone company that is well known for having 99% indian devs and not being able to heard now. He of course brought in his number two, worked on making life miserable and running everyone on the team off; inside of a year the entire team was ex-said-phone-company.
Watching the decay of this product was a sheer joy. They cratered the database numerous times during peak-load periods, caused $20M in redis-cluster cost overrun, ended up submitting hundreds of erroneous and duplicate orders, and mailed almost $40K worth of product to a random guy in outer mongolia who is , we can only hope, now enjoying his new life as an instagram influencer. They even terminally broke the automatic metadata, and hired THIRTY PEOPLE to sit there and do nothing but edit swagger. And it was still both wrong and unusable.
Over the course of two years, I ended up rewriting large portions of their infra surrounding the centralized service cancer to do things like, "implement security," as well as cut memory usage and runtimes down by quite literally 100x in the worst cases.
It was during this time I discovered a rather critical flaw. This is the story of what, how and how can you fucking even be that stupid. The issue relates to users and their reports and their ability to order.
I first found this issue looking at some erroneous data for a low value order and went, "There's no fucking way, they're fucking stupid, but this is borderline criminal." It was easy to miss, but someone in a top down reporting chain had submitted an order for someone else in a different org. Shouldn't be possible, but here was that order staring me in the face.
So I set to work seeing if we'd pwned ourselves as an org. I spend a few hours poring over logs from the log service and dynatrace trying to recreate what happened. I first tested to see if I could get a user, not something that was usually done because auth identity was pervasive. I discover the users are INCREMENTAL int values they used for ids in the database when requesting from the API, so naturally I have a full list of users and their title and relative position, as well as reports and descendants in about 10 minutes.
I try the happy path of setting values for random, known payment methods and org structures similar to the impossible order, and submitting as a normal user, no dice. Several more tries and I'm confident this isn't the vector.
Exhausting that option, I look at the protocol for a type of order in the system that allowed higher level people to impersonate people below them and use their own payment info for descendant report orders. I see that all of the data for this transaction is stored in a cookie. Few tests later, I discover the UI has no forgery checks, hashing, etc, and just fucking trusts whatever is present in that cookie.
An hour of tweaking later, I'm impersonating a director as a bottom rung employee. Score. So I fill a cart with a bunch of test items and proceed to checkout. There, in all its glory are the director's payment options. I select one and am presented with:
"please reenter card number to validate."
Bupkiss. Dead end.
OR SO YOU WOULD THINK.
One unimportant detail I noticed during my log investigations that the shit slinging GUI monkeys who butchered the system didn't was, on a failed attempt to submit payment in the DB, the logs were filled with messages like:
"Failed to submit order for [userid] with credit card id [id], number [FULL CREDIT CARD NUMBER]"
One submit click later and the user's credit card number drops into lnav like a gatcha prize. I dutifully rerun the checkout and got an email send notification in the logs for successful transfer to fulfillment. Order placed. Some continued experimentation later and the truth is evident:
With an authenticated user or any privilege, you could place any order, as anyone, using anyon's payment methods and have it sent anywhere.
So naturally, I pack the crucifixion-worthy body of evidence up and walk it into the IT director's office. I show him the defect, and he turns sheet fucking white. He knows there's no recovering from it, and there's no way his shitstick service team can handle fixing it. Somewhere in his tiny little grinchly manager's heart he knew they'd caused it, and he was to blame for being a shit captain to the SS Failboat. He replies quietly, "You will never speak of this to anyone, fix this discretely." Straight up hitler's bunker meme rage.13 -
The bossman asked if our signup service sends an automated email after we successfully process someone's payment or when we promote them to full customer.
That sounds like a simple query, yeah?
Well.
Here's some background:
We have four applications; one in React, three in Rails. I'll replace their names to retain some anonymity.
1) "IceSkate" is the React app, and it's a glorified signup form. (I wrote this one.)
2) "Bogan" is the main application, and is API-only; its frontend has been long since deprecated by the following two:
3) "Bum" is a fork of "Bogan" that has long since diverged. It now contains admin-only tools.
4) "Kulkuri" is also a fork of "Bogan" that has long since diverged. It now contains tools specifically for customers, which they can access.
All but IceSkate (obv) share a database.
Here's how signups happen:
Signups come in from IceSkate, which hits a backend API on Bogan. Bogan writes the data to the database, charges the card immediately, and leaves the signup for moderation.
And here's how promotion from signup to customer happens:
Bum has a view allowing admins to validate, modify, and "promote" a signup to a full customer. Upon successful promotion, Bum calls "ServerWrap", a module which calls actions on the other applications; in this case: Bogan.
Bogan routes execution through three separate models before calling "ServerWrap" again, this time calling KulKuri.
Finally, KulKuri actually creates the customer!
After KulKuri finishes creating the customer, execution resumes on Bogan, which then returns, causing execution to resume on Bum. Bum then runs through several other models, references the newly-created customer object (as all three share a database), and ... updates the customer with its current data, and then updates the signup object. After all of this, it finally shows the admin the "new customer" view.
It took me 25 minutes to follow the chain of calls, and I still don't know quite what's going on. I have no idea if any of it sends an email or not -- I didn't see any signs of this, but I very easily could have overlooked something.
So, to answer bossman's question... I asked the accounting people if they send the email manually. If they don't, it's automatic, which means I missed something and get to burrow through that mess all over again!
I really hope I missed something; otherwise I need to figure out how and where (and when!) to send the email...
just...
errrrgghh9 -
Story time:
Yesterday I wanted to go to the theater with my girlfriend. It was her idea because as a student you can get reduced tickets for the play, but only via the online store exactely two hours before the play starts. We had already tried two weeks before but with no success. So this time I said i want to be on my pc with a proper browser and not a mobile version like last time. So we are sitting at home me in front of their website on one screen and with a clock on the other screen. Two minutes realy i hit refresh and I get a selection for the reduced tickets, nice.
You would think.
After selecting the amount. ERROR: Can not get your tickets. I was like fuck they are already sold out because it's a popular play. But hey let's try again. I got one ticket but not the second one, okay strange lets try again, same ERROR again. WHAT the FUCK, no feedback what so ever. My girlfriend had then the idea that they maybe restricted the amount for reduced tickets to one (does not state this explicitly but hey lets give it a shot). Use second browser select one ticket. ERROR can not get you the amount of seats. Rage level near to a 1000 why did it work two minutes before but not anymore. Trying around for five more minutes finally got the second ticket.
Now the real fun begins.
Proceeding to checkout should not be that hard you would think, but you need to be registered for that. Okay so let's do that. The salutation is not required neither is the address for the tickets but you need to have a company name??!!!!! The fuck?? I am not self employed and neither are a most other people around here so why is this field mandatory? Beeing a little under stress I decided to found the "asdf" company with my girlfriend.
Now one would think checking out is easy. Not so fast.
After accepting the terms of service another ERROR, unable to accept your data. What data? I did not input anything new? Where does this come from? Ok never mind I am going to pay with credid card that must work!
ERROR: Internal paymentservice initialization failure! Sorry what? I thought maybe I was to long idle in this browser and they do not reserve the tickets for so long (which would be no surprise to me at this point). Let's try again. Nope same error.
Now my rage level was really over 9000 but we really wanted to go so I decided to call the customer SUPPORT. Or better to say I had a answering maching telling me for ten minutes how sorry they are that this takes so long, yeah you bet. Then and this is now really great: the support guy asks me: "What error do you see? Internal paymentservice initialization failure?" I was like, okay he knows this so they need to know how to handle it. FUCK NO. "Sorry I can't help you. This is our payment system maybe they (IT) are doing some maintenance I can't halp you. Call the theater directly good day." Sorry what just happened, you fuckers are the vendors for the tickets for nearly all big events around here and the theater explicitly states to call you for tickets but you can not help me? Like hell.
This process took 25 very frustrating minutes and I was really angry and wanted to quit, then I saw that there is also a paypal option which I had not tried. With very little hope i selected everything for the payment, registered with paypal and they told me I already had an account. So reactivated this five year old account payed with all the mobile passwords and tans to finally, after 30 fucking minutes, get a pdf file for a ticket. Repeated the last step for the second ticket and with some time left to get there we were off.2 -
I would like to invite you all to test the project that a friend and me has been working on for a few months.
We aim to offer a fair, cheap and trusty alternative to proprietary services that perform data mining and sells information about you to other companies/entities.
Our goal is that users can (if they want) remain anonymous against us - because we are not interested in knowing who you are and what you do, like or want.
We also aim to offer a unique payment system that is fair, good and guarantees your intergrity by offer the ability to pay for the previous month not for the next month, by doing that you do not have to pay for a service that you does not really like.
Please note that this is still Free Beta, and we need your valuable experience about the service and how we can improve it. We have no ETA when we will launch the full service, but with your help we can make that process faster.
With this service, we do want to offer the following for now:
Nextcloud with 50 GB storage, yes you can mount it as a drive in Linux :)
Calendar
Email Client that you can connect to your email service (
SearX Instance
Talk ( voice and video chat )
Mirror for various linux distros
We are using free software for our environment - KVM + CEPH on our own hardware in our own facility. That means that we have complete control over the hosting and combined with one of the best ISP in the world - Bahnhof - we believe that we can offer something unique and/or be a compliment to your current services if you want to have more control over your data.
Register at:
https://operationtulip.com
Feel free to user our mirror:
https://mirror.operationtulip.com
Please send your feedback to:
feedback@operationtulip.com38 -
I was on vacation when my employer’s new fiscal year started. My manager let me take vacation because it’s not like anything critical was going to happen. Well, joke was on us because we didn’t foresee the stupidity of others…
I had to update a few product codes in the website’s web config and deploy those changes. I was only going to be logged in for 30 minutes to complete that.
I get messaged by one of our database admins. He was doing testing and was unable to complete a payment on the website. That was strange. There was a change pushed by our offsite dev agency, but that was all frontend changes (just updating text) and wouldn’t affect payments.
We don’t want to enlist the dev agency for debugging work, especially when it’s not likely that it’s a code issue. But I was on vacation and I couldn’t stay online past the time I had budgeted for. So my employer enlists the dev agency for help. It’s going to be costly because the agency is in Lithuania, it was past their business hours, and it was emergency support.
Dev agency looks at error logs. There are Apple Pay errors, but that doesn’t explain why non Apple Pay transactions aren’t going through. They roll back my deployment and theirs, but no change. They tell my employer to contact our payment processor.
My manager and the Product Manager contact Payroll, who is the stakeholder for our payment gateways. Payroll contacts our payment gateway and finds out a service called Decision Manager was recently configured for our account. Decision Manager was declining all payments. Payroll was not the person who had Decision Manager installed and our account using this service was news to her.
Payroll works with our payment processor to get payments working again. The damage is pretty severe. Online payments were down for at least 12 hours. Our call center had logged reports from customers the night before.
At our post mortem, we had to find out who ok’d Decision Manager without telling anyone. Luckily, it was quick work. The first stakeholder up was for the Fundraising Dept. She said it wasn’t her or anyone on her team. Our VP of Analytics broke it to her that our payment processor gave us the name of the person who ok’d Decision Manager and it was someone on the Fundraising team. Fundraising then starts backtracking and says that oh yes she knew about it but transactions were still working after the Decision Manager had been configured. WTAF.
Everyone is dumbfounded by this. How could you make a big change to our payment processor and not tell anyone? How did our payment processor allow you to make this change when you’re not the account admin (you’re just a user)?
Our company head had to give an awkward speech about communication and how it’s important. The web team can’t figure out issues if you don’t tell us what you did. The company head was pissed because it was a shitty way to start off the new fiscal year. Our bill for the dev agency must have been over $1000 for debugging work that wasn’t helpful.
Amazingly, no one was fired.4 -
had an issue where our clients payment gateway would duplicate the charge (at the gateway...not at the application) before sending it to the bank officially - the bank would detect the duplication then void both charges.
the gateway service admitted this was a bug, the bank it was tied to admitted it was a bug - but they wouldnt fix it. so my solution was to send a special uid with the original transaction (put it in a special field) and had the bank track that one as the "known good"
the funny thing? next version of the gateway api included this as a feature, but i got no credit.1 -
Worst exp. on a collab/group project?
Had a few, here is one.
Worked with a dev team (of two devs) in Norway to begin collaboration on providing a portal into our system (placing orders, retrieving customer info, inventory control, etc)
They spoke very good English, but motivation was the problem. Start the day around 10:00AM...take a two hour lunch...ended the day at, if I was lucky, 4:00PM (relative to Norway time). Response time to questions took days, sometimes weeks. We used Skype, which helped, but everything was "Yea...I'll do that tomorrow...waiting on X....I have a wedding to go to, so I'll finish my part next week."
I didn't care so much, I had other projects to do, but the stakeholders pounded me almost everyday demanding a progress report (why aren't you done yet...etc..etc.)
The badgering got so bad I told the project owner (a VP) if he wanted this project done by the end of the year, the company would have to fly me to Norway so I personally push things along.
When real money was on the line, he decided patience was warranted.
A 3 month project turned into 9, and during a phone meeting with the CEO in December
O: "Thanks guys, this project is going great. We'll talk again in February. Bye."
PM: "Whoa...what! February!"
<sounding puzzled>
O: "Um..yes? It's Christmas time. Don't you Americans take off for Christmas?"
PM: "Yes, but not until Christmas. Its only December 12th. Your taking the whole month of December and January for Christmas?"
O:"Yes, of course. You Americans work too hard. You should come over here and see how we celebrate. Takes about a month so we can ease back into the flow of things."
<Jack is the VP>
PM: "Jack wanted this project completed by the end of the year, that is what everyone agreed to."
O:"Yes, I suppose, but my plane is waiting on me. Not to worry, everything will be fine."
<ceo hangs up>
PM: "Oh shit..oh shit..oh shit. What are you going to do!?"
Me: "Me!?..not a darn thing. Better go talk with Jeff."
<Jeff is the VP>
J: "This is unacceptable. You promised this project would only take a few months. I told you there would be consequences for not meeting the deadline."
PM:"But..but...its not our fault."
J: "I don't care about fault. I care about responsibility. I've never had to fire anyone for not meeting a deadline, but .."
Me: "Jeff, they are in Norway and no one is working this project for the next two months. You've known for months about them dragging their asses on this project. We're ready to go. Services have been tested and deployed. Accounting has all the payment routing ready. Only piece missing is theirs."
J: "Oh. OK. Great job guys. I guess we'll delay this project until February."
<leave the office>
PM: "Holy shit I'm glad you were there. I thought I was fired."
Me: "Yea, and that prick would have done it not giving a crap that it's Christmas."
<fast forward to Feb>
O: "Our service provider fell through, so I'm hosting with another company. You guys know PHP? Perl? I don't know what they called it, but it sounded so cool I bought the company."
PM: "You bought what? Are we still working with Z and B?"
O:"Yea, sort of. How's your German? New guy only speaks German."
PM: "Um, uh... no one here speaks German"
O:"Not to worry, I speak German, French, and Italian. I'll be your translator."
PM: "What? French and Italian?"
O: "On my trip to France I connected with a importer who then got me in touch with international shipper in Italy. I flew over there and met a couple really smart guys than can help us out. My new guy only speaks German, J only speaks French, and R speaks Italian, Russian, and a little English. Not to worry, I'm full time on this project. You have my full attention."
We believe the CEO has/had some serious mental issues, including some ADD. He bailed within the first month (took another vacation to Sweden to do some fishing) and left me using Google Translate to coordinate the project. Luckily, by the end, the Norwegian company hired a contractor from England who spoke German and hobbled together the final integration.3 -
Security lifehacks 101
Why pay for password managers? Just use one secure password for every service you use! Password managers are really designed for fools who don’t know that you can just use one password for every service and who are ready to pay for that shit.
The best practice is to use your name starting with a capital letter + your main credit card number + CVC code from the back of that card as your go-to password. It’s long and hard to bruteforce and you can remember everything that way! You just need to remember that one password and you’ll always remember your payment info! No need for apple’s bad Apple Pay which is not so secure after all like everything else that Apple offers.19 -
I love getting a fucking email for every fucking change, instead of getting a list of desired changes.
You know what? Fuck this, I'm tired of being the nice guy, I'm not even getting paid for this, and you expect me to do it expediently on a Sunday. I'm done, you can find someone else to piss off for free.2 -
PayPal = GayPal
PHASE 1
1. I create my personal gaypal account
2. I use my real data
3. Try to link my debit card, denied
4. Call gaypal support via international phone number
5. Guy asks me for my full name email phone number debit card street address, all confirmed and verified
6. Finally i can add my card
PAHSE 2
7. Now the account is temporarily limited and in review, for absolutely no fucking reason, need 3 days for it to be done
8. Five (5) days later still limited i cant deposit or withdraw money
9. Call gaypal support again via phone number, burn my phone bill
10. Guy tells me to wait for 3 days and he'll resolve it
PHASE 3
11. One (1) day later (and not 3), i wake up from a yellow account to a red account where my account is now permanently limited WITHOUT ANY FUCKING REASON WHY
12. They blocked my card and forever blocked my name from using gaypal
13. I contact them on twitter to tell me what their fucking problem is and they tell me this:
"Hi there, thank you for being so patient while your conversation was being escalated to me. I understand from your messages that your PayPal account has been permanently limited, I appreciate this can be concerning. Sometimes PayPal makes the decision to end a relationship with a customer if we believe there has been a violation of our terms of service or if a customer's business or business practices pose a high risk to PayPal or the PayPal community. This type of decision isn’t something we do lightly, and I can assure you that we fully review all factors of an account before making this type of decision. While I appreciate that you don’t agree with the outcome, this is something that would have been fully reviewed and we would be unable to change it. If there are funds on your balance, they can be held for up to 180 days from when you received your most recent payment. This is to reduce the impact of any disputes or chargebacks being filed against you. After this point, you will then receive an email with more information on accessing your balance.
As you can appreciate, I would not be able to share the exact reason why the account was permanently limited as I cannot provide any account-specific information on Twitter for security reasons. Also, we may not be able to share additional information with you as our reviews are based on confidential criteria, and we have no obligation to disclose the details of our risk management or security procedures or our confidential information to you. As you can no longer use our services, I recommend researching payment processors you can use going forward. I aplogise for any inconvenience caused."
PHASE 4
14. I see they basically replied in context of "fuck you and suck my fucking dick". So I reply aggressively:
"That seems like you're a fraudulent company robbing people. The fact that you can't tell me what exactly have i broken for your terms of service, means you're hiding something, because i haven't broken anything. I have NOT violated your terms of service. Prove to me that i have. Your words and confidentially means nothing. CALL MY NUMBER and talk to me privately and explain to me what the problem is. Go 1 on 1 with the account owner and lets talk
You have no right to block my financial statements for 180 days WITHOUT A REASON. I am NOT going to wait 6 months to get my money out
Had i done something wrong or violated your terms of service, I would admit it and not bother trying to get my account back. But knowing i did nothing wrong AND STILL GOT BLOCKED, i will not back down without getting my money out or a reason what the problem is.
Do you understand?"
15. They reply:
"I regret that we're unable to provide you with the answer you're looking for with this. As no additional information can be provided on this topic, any additional questions pertaining to this issue would yield no further responses. Thank you for your time, and I wish you the best of luck in utilizing another payment processor."
16. ARE YOU FUCKING KIDDING ME? I AM BLOCKED FOR NO FUCKING REASON, THEY TOOK MY MONEY AND DONT GIVE A FUCK TO ANSWER WHY THEY DID THAT?
HOW CAN I FILE A LAWSUIT AGAINST THIS FRAUDULENT CORPORATION?12 -
I just watched https://youtube.com/watch/... - towards the (very) end he's talking about how software developers rule the world... and I just realized something.
A while back, I was working on an accounting sub system for a SaaS product. We managed some of the revenue of our customers and had the accounting for that part as well. Revenue + Payments (with all the VAT / sales tax / ... that you need to have). BUT no expenses.
One day, the head accountant of a customer, angrily demanded that we immediately implement a new payment method, called commission.
You don't need to be an accounting expert for knowing, that a commission is an expense you have because somebody else marketed / sold your product / service for you. Making it a payment method is probably wrong. With a bit more knowledge you'd know that the taxes which are around expenses are completely different to revenue or payments. (btw payments didn't even have any taxes in those countries that we covered at that time at least).
So there I was standing, a software developer, trying to explain the product manager and the head accountant of our customer, that the idea is beyond stupid, and the fact that it comes from an accountant is super scary to me. (he was usually extremely picky about everything we did.)
Luckily, it was easy to convince the manager. He tried to explain it to the accountant but that person just didn't get it.
as if designing resilient distributed systems, which have 99,99% up time weren't hard enough, we also need to be experts in every domain that we have to deal with? And if there is a tiny bug and one out of 10s of thousands of transactions is screwed up, people start panicking and "loose trust in the product"? - what the hell is wrong with them?
Luckily it's a minority of customers only, but each of them is such a pain. Do you also have customers like that? who should know better, but somehow you are the expert in their domain?2 -
SO MAD. Hands are shaking after dealing with this awful API for too long. I just sent this to a contact at JP Morgan Chase.
-------------------
Hello [X],
1. I'm having absolutely no luck logging in to this account to check the Order Abstraction service settings. I was able to log in once earlier this morning, but ever since I've received this frustratingly vague "We are currently unable to complete your request" error message (attached). I even switched IP's via a VPN, and was able to get as far as entering the below Identification Code until I got the same message. Has this account been blocked? Password incorrect? What's the issue?
2. I've been researching the Order Abstraction API for hours as well, attempting to defuddle this gem of an API call response:
error=1&message=Authentication+failure....processing+stopped
NOWHERE in the documentation (last updated 14 months ago) is there any reference to this^^ error or any sort of standardized error-handling description whatsoever - unless you count the detailed error codes outlined for the Hosted Payment responses, which this Order Abstraction service completely ignores. Finally, the HTTP response status code from the Abstraction API is "200 OK", signaling that everything is fine and dandy, which is incorrect. The error message indicates there should be a 400-level status code response, such as 401 Unauthorized, 403 Forbidden or at least 400 Bad Request.
Frankly, I am extremely frustrated and tired of working with poorly documented, poorly designed and poorly maintained developer services which fail to follow basic methodology standardized decades ago. Error messages should be clear and descriptive, including HTTP status codes and a parseable response - preferably JSON or XML.
-----
This whole piece of garbage is junk. If you're big enough to own a bank, you're big enough to provide useful error messages to the developers kind enough to attempt to work with you.2 -
Why do payment portals never work correctly?
I just wanted to pay for a service (monthly fee, but you can pay manually), and after the very last step, the fucking site just got stuck at a loading circle. 🤨 Now I have no idea if the payment got through or not.5 -
Allright, so now I have to extend a brand new application, released to LIVE just weeks ago by devs at out client's company. This application is advertised as very well structured, easy to work on, µservices-based masterpiece.
Well either I lack a loooot of xp to understand the "µservices", "easy to work on" and "well structured" parts in this app or I'm really underpaid to deal with all of this...
- part of business logic is implemented in controllers. Good luck reusing it w/o bringing up all the mappings...
- magic numbers every-fucking-where... I tried adding some constants to make it at least a tiny bit more configurable... I was yelled at by the lead dev of the app for this later.
- crud-only subservices (wrapped by facade-like services, but still.. CRUD (sub)services? Then what's a repository for...?). As a result devs didn't have a place where they could write business logic. So business logic is now in: controllers (also responsible for mapping), helpers (also application layer; used by controllers; using services).
- no transactions wrapping several actions, like removing item from CURRENT table first and then recreating it in HISTORY table. No rollback/recovery mechanism in service layers if things go South.
- no clean-code. One can easily find lines (streams) 400+ cols long.
- no encapsulation. Object fields are accessed directly
- Controllers, once get result from Services (i.e. Facade), must have a tree of: if (result instanceof SomeService.SomeSubservice1.Item1) {...} else if (result instanceof SomeService.SomeSubservice2.Item4) {...} etc. to build a proper DTO. IMO this is not a way to make abstraction - application should NOT know services' internals.
- µservices use different tables (hats off for this one!) but their records must have the same IDs. E.g. if I order a burger and coke - there are 2 order items in my order #442. When I make a payment I create an invoice which must have an id #442. And I'm talking about data layer, not service or application (dto)! Shouldn't µservices be loosely coupled and be able to serve independently...? What happens if I reuse InvoiceµService in some other app?
What are your thoughts?1 -
Hey guys,
I need your advice about deciding wether to work as a freelancer for a startup or no.
So this French startup is couple years old and they decided to build a team in my country. I went to the interview few weeks ago and we discussed the projects, details, potential salary and everything seemed great.
Couple days ago I received a service contract from them and now I need to decide to work for them or no.
Plan is for them to come to my country, rent an office and I should go there and work for them.
The salary that they offered is medium level and they will not have any legal entity in my country. However it’s not a problem for me since I have my own LTD company so I would pay salary on my own.
However there are some cons:
My team members are being hired as freelancers, however salary is defined with a daily rate instead of hourly and we are allowed to work maximum 20 days a month. It is not clear how many hours a week/month they will expect us to work and at this point I’m afraid to rock the boat with my questions. I understand that I shouldn’t receive any health insurance, sick leave pays, vacation days, home office, pension contributions and so on. But it’s so weird that they pay per day instead of per hour. It screams with unpaid overtime.
Payment time is 30 days after invoice has been sent. So If I started working from September 01, I will send them invoice at September 30, then I will work all October and will receive my money only around end of October. Working 60 days to receive my first salary doesn’t seem nice.
Notice period is 30 days. Which is fine on my end since I can be completely free after initial notice. But in their case if they want to fire me I guess they will simply not give me any work to do and since I’m charged per day I won’t be able to send them any invoice. No employment safety, which means if after 2-3 months they don’t have anything to do I can get royally screwed. But it’s startup nature I guess?
They don’t provide a laptop to work with. I’m lucky since I have a laptop for developing mobile apps, and they said they will at least provide office to work in and a monitor.
All this situation is sending vibes of "we want to save money so we came to your country for cheap labour and now we gonna exploit you"
What complicates matters is that my sister will be working with me and It’s her first job. They agreed to pay her a decent salary and even be flexible with her studies. However this deal for me does not seem too great as I will be receiving mid level salary with no benefits that I would otherwise get.
On the other hand maybe I'm just overthinking this I can just try it out for few months and see where it goes.
Any thoughts?6 -
Well fuck Amazon. I am trying to get into my account because for some fucking reason they say my payment method is faulty while they actually write off the subscription of prime of it. But to get into my account I need to login again with 2FA as I have that turned it on. So far so good. But since it's an old phone number I can't login. Well just change the phone number wouldn't you think? Well yes but to change the phone number I need to login in with the old phone number to which I have no longer access 🤦♂️. Eventually found a phone number I could call. I get a lovely lady on the phone which guides me to resetting my password but for that, you guessed it, I need to do the 2FA again. I get send through to the next person as she can't change it for me because of privacy reasons (oh well). That guy first askes the last 4 numbers of my creditcard like 5 times because he can't remember it (write it the fuck down then asshole) then he starts mistaking the 6 for 9 (like how the fuck do you do that) and then the text messages don't come in while I am on the phone with him which he tries to blame to my service provider because they would block Amazon (like why would they do that?). But since I got a text message of them 15 min before I shot that down quickly. Then he finally admitted that they might have a disruption going on. So I think we'll fine I'll just ask my question to him how it's possible that Prime stops working as I am watching it because my payment method is faulty according to them (but manage to write off the subscription) and he starts talking just shit. Just admit that you don't know and connect me to someone who does know how that can happen. In the the end I just hung up because I knew I wasn't getting anywhere with this guy and don't you know it, as I start writing this the text messages come in. Problem solved you would say just out that number in the website and you can change your phone number. Well no because I have to tell the number to the guy who I hung up with because the texts weren't coming in 😒. Now I should call them back but I think I'll wait till tomorrow hopefully the day shift will be a bit more knowledgeable on how shit works and can actually remember 4 digits.2
-
Update:
I've been trying to leave DoD for a couple of months now. Translating my 10 year's experience with complex Intelligence enterprise level systems to something relatable to the civilian IT world. Grabbed a few certs to help out A+, network+ and security+ with Linux+ as my next target. Photos of me working on unclassified systems, radios, cell towers and servers. I'm a teacher for military UAS so this shouldn't be to hard to get even a basic job in IT right.
No one will hire...
Linux admin: Nope
Network admin: Nope
Assistant Network admin: Nope
IT call service: Nope
Pool cleaner fucking nope
Many interviews and nothing
I'm broke and sold all of my personal valuables. I can't hold out much longer and really looking at becoming homeless. But I'm kinda ok with it, one last payment on my apartment and car is all I can do now. My parents think I'm in Afghanistan working a six figure job lol
DoD: we see you're trying to leave we'll pay you alot to teach A+, Network+ and Security+ traveling all across the country and staying at hotels with all expenses paid.
FU FU FU I want out please tell me someone has a job, I'll be a janitor of a server room Idc I just want out. Fuck the pay
I start Tuesday...4 -
I'm trying to improve my email setup once again and need your advice. My idea is as follows:
- 2-5 users
- 1 (sub)domain per user with a catchall
- users need to be able to also send from <any>@<subdomain>.<domain>
- costs up to 1€ per user (without domain)
- provider & server not hosted in five eyes and reasonably privacy friendly
- supports standard protocols (IMAP, SMTP)
- reliable
- does not depend on me to manage it daily/weekly
- Billing/Payment for all accounts/domains at once would be nice-to-have, but not necessary
I registered a domain with wint.global the other day and I actually managed to get this to work, but unfortunately their hosting has been very underwhelming.. the server was unreachable for a few minutes yesterday not only once, but roughly once an hour, and I'd really rather be able to actually receive (and retrieve) my mail. Also their Plesk is quite slow. To be fair for their price it's more like I pay for the domain and get the hosting for free, but I digress..
I am also considering self hosting, but realistically that means running it on a VPS and keeping at secure and patched, which I'd rather outsource to a company who can afford someone to regularly read CVEs and keep things running. I don't really want to worry about maintaining servers when I'm on holiday for example and while an unpatched game server is an acceptable risk, I'd rather keep my email server on good shape.
So in the end the question is: Which provider can fulfill my email dreams?
My research so far:
1. Tutanota doesn't offer standard protocols. I get their reasons but that also makes me depended on their service/software, which I wouldn't like. Multiple domains only on the business plans.
2.With Migadu I could easily hit their limits of incoming mails if someone signs up for too many newsletters and I can't (and don't want to) micromanage that.
3. Strato: Unclear whether I can create mails for subdomains. Also I don't like the company for multiple reasons. However I can access a domains hosted there and could try...
4. united-domains: Unclear whether I can create mails for subdomains.
5. posteo: No custom domains allowed.
I'm getting tired.. *sigh*21