Application Security Testing: An Integral Part of DevOps
During the late 80s I sold mutual funds and insurance. By cold calling I stumbled upon a mother and son that were on the verge of bankruptcy. As it turns out the mother had purchased a whole life insurance product about 40 years prior with a $10,000 death benefit and had purchased several more over the ensuing years. She had been paying monthly premiums for so long—and still was—that the cash value exceeded the death benefit. Living on a fixed income of about $400 per month, the premium for the combined whole life products was in excess of $200 per month, leaving the mother and son a scanty $200 a month to live on. Had their home not been paid in full, I assume they would have been homeless (although to this day I don't know how the taxes on the property were being paid). I explained to the mother that the combined cash value of the policies—there were three of four—was about $30,000 to $50,000, meeting or exceeding the death benefit. By convincing this mother to cash out the policies she still had the same total death benefit, the cash, and could earn interest on the money in the mean time. (You might recall that in the mid-eighties there were securities yielding double digits.) To sum up, the mother no longer had to pay the premiums and had many thousands of dollars earning dividends, netting an additional $200 in available funds not paid to the insurance company and another $300 in interest. The result, a monthly income of $200 became $700 and there would still be the same considerable monies available for the son in the future.
Aside from being proud of that effort, the upshot is that the exact same total resources appropriately reallocated had a dramatic impact on this family's fortune. I believe it is possible to achieve an even more dramatic and positive impact on one's productivity simply by how one's available time is allocated. The key to hyper-productivity is in finding those levers and fulcrums that help orchestrate periods of optimal productivity. Some times this may mean using tools. Other times one may achieve optimal, or hyper-productivity, by knowing what tasks to skip or finding pre-existing solutions, and finally, one may achieve maximum productivity by automating error prone and tedious tasks. Accumulatively, gains made by reusing solutions, skipping unnecessary tasks, and automation will result in a very high rate of output.
Writing Macros to Generate Code
Because Visual Studio .NET is very complex, it is easy to use VS.NET for long periods of time and overlook the Macros IDE. However, the Macros IDE is a relatively easy tool to use and can be employed to aid in on area of productivity, writing code generators.
The Macros IDE can be started from the VS.NET Tools|Macros|Macros IDE menu, and it opens another IDE very similar to VS.NET. The Macro language in .NET is VB.NET (bonus for us) and permits one to tap into the Automation Model for VS.NET and use all of the resources of .NET. As a result, with a little practice one can interact with the most intimate and powerful aspects of VS.NET. Adding new features, automating existing features, and writing powerful yet easy-to-use and implement code generators is a first good step towards hyper-productivity.
Running Macros IDE
To run the Macro IDE select Tools|Macros|Macro IDE. For our example, we will be using Visual Studio .NET 2003 Enterprise Architect, but the Macros IDE and features exist in the first version of VS.NET. (You can read more about Macros and wizards in my book Sams Visual Basic .NET Unleashed.) The Macros IDE works very much like VS.NET. Figure 1 shows the Macros IDE with a new module MyMacros created from the Project Explorer.
Figure 1: The Macros IDE in VS.NET 2003 with a module I created.
To create the new module click on the MyMacros project in the Project Explorer (see the left side of figure 1). The project is a special file with a .vsmacros extension. For example, you can find and share the MyMacros.vsmacros project by searching your hard drive with Windows Explorer. If you want to add the module MyMacros.vb then click the MyMacros project and select Add|Add Module from the context menu. After this step you are writing VB.NET code. The real power comes from the Automation Model for VS.NET exposed as part of .NET in the EnvDTE namespace. As an introduction, we will create our first simple macro.
Creating a Macro
Let's create the canonical Hello World example macro. Implement Hello World example by modifying the macro module as shown in listing 1.
Listing 1: Implementing your first macro.
Imports EnvDTE Imports System.Diagnostics Public Module MyMacros Public Sub HelloWorld() MsgBox("Hello, World!") End Sub End Module
By comparing figure 1 and the code in listing 1 you can see that only the public subroutine HelloWorld was added. Subroutines make up the entry point for macros, but you can write any code you want to write inside of the macro modules or class files.
If you want to run the HelloWorld macro then place the cursor anywhere on the HelloWorld subroutine and select Start from the Macros IDE Debug menu. You may also run the macro from VS.NET by opening the Command Windows from the View|Other Windows menu and typing the full path name to the macro you want to run (see figure 2).
Figure 2: You can run macros from the VS.NET Command Window as shown.
The first half of this two-part article introduced you to the Macros IDE and Macros in VS.NET. By itself a macro might be little more than a novelty. Like every other aspect of .NET it is the framework that the Macro language sits on top of and the Automation Model for VS.NET that makes macros an exceptional tool for .NET.
In the second half of this article I will demonstrate how to employ .NET itself in writing powerful code generators that will help you leverage your time and productivity.
About the Author
Paul Kimmel is a freelance writer for Developer.com and CodeGuru.com. Look for his upcoming book, Visual Basic .NET Power Coding, from Addison-Wesley. Paul Kimmel is available to help design and build your .NET solutions and can be contacted at email@example.com.
# # #