In a previous post I stated that the EWL implementation of RealWorld contains 60-80% less code than its React + ASP.NET Core counterpart. Now I’ll show you why.

As developers, let us imagine implementing a new feature in RealWorld. On the article page, we’ll add a Flag as Spam button for readers. We’ll show the button to everyone except the author. And we’ll back this feature in the database with an IsSpam boolean column in the Articles table.

Step 1: Add the database column

In ASP.NET Core

We first add a new property to our Article entity class:

public bool IsSpam { get; set; }

(View full diff)

Entity Framework Core (our data-access layer) will see this property when creating the database and include it as a column in the Articles table.

Missing piece: The project lacks database-migration infrastructure, meaning that we cannot add the IsSpam column to an existing database or specify a value (i.e. true or false) for existing article rows. Entity Framework Core does support migrations but they are not configured in the project.

We also add a line in the create-article request handler to set the column value for new articles:

IsSpam = false

(View full diff)

In EWL

First, we append these lines to Database Updates.sql:

alter table Articles add IsSpam bit null /* add nullable column */
update Articles set IsSpam = 0 /* set value for existing articles */
alter table Articles alter column IsSpam bit not null /* make column non-nullable */

(View full diff)

We then run Update-DependentLogic in the Package Manager Console, which will detect these new lines in the script and execute them. Finally we add a line to the Editor page to set the value for every new article:

mod.IsSpam = false;

(View full diff)

This procedure isn’t much different from its ASP.NET Core counterpart above, aside from being more complete in terms of database migration. But keep reading to see some real divergence.

Step 2: Modify the web API

In ASP.NET Core

Our main task here is to add a new request handler that flags an article as spam:

public class MarkSpam {
    public class Command : IRequest {
        public Command(string slug) {
            Slug = slug;
        }

        public string Slug { get; set; }
    }

    public class CommandValidator : AbstractValidator<Command> {
        public CommandValidator() {
            RuleFor(x => x.Slug).NotNull().NotEmpty();
        }
    }

    public class QueryHandler : IRequestHandler<Command> {
        private readonly ConduitContext _context;

        public QueryHandler(ConduitContext context) {
            _context = context;
        }

        public async Task<Unit> Handle(Command message, CancellationToken cancellationToken) {
            var article = await _context.Articles.FirstOrDefaultAsync(x => x.Slug == message.Slug, cancellationToken);

            if (article == null) {
                throw new RestException(HttpStatusCode.NotFound, new { Article = Constants.NOT_FOUND });
            }

            article.IsSpam = true;
            await _context.SaveChangesAsync(cancellationToken);
            return Unit.Value;
        }
    }
}

(View full diff)

We also need to hook into this handler from a new method in ArticlesController:

[HttpPatch("{slug}")]
[Authorize(AuthenticationSchemes = JwtIssuerOptions.Schemes)]
public async Task MarkSpam(string slug) {
    await _mediator.Send(new MarkSpam.Command(slug));
}

(View full diff)

This causes HTTP PATCH requests on an article to flag it as spam.

Security issue: This web API lacks any kind of user authorization (!), so I won’t include that piece of the feature. This type of mistake is not possible with EWL since the authorization is coupled to the visibility of the button in the UI (see step 3).

In EWL

Grab a coffee and relax: there is no Web API! See my essay about this.

Step 3: Create the button

In React

Before working on the button, we need to make the current user available to the component that will contain the button. This is important because we aren’t going to make the button available to the author of the article. In the article-index component, we forward the user object down to ArticleMeta:

<ArticleMeta currentUser={this.props.currentUser} />

(View full diff)

And in ArticleMeta, we forward it again, down to ArticleActions:

<ArticleActions currentUser={props.currentUser} />

(View full diff)

Also, the button will need to trigger the HTTP PATCH request that we implemented in the web API. We add it to the list of article requests:

spam: slug => requests.patch(`/articles/${slug}`)

(View full diff)

The button needs to update client-side state too. We add a new action type:

export const SPAM_ARTICLE = 'SPAM_ARTICLE';

(View full diff)

And then, in the article reducer, import the action type:

import { SPAM_ARTICLE } from '../constants/actionTypes';

And implement the action:

case SPAM_ARTICLE:
  return {
    ...state,
    article: { ...state.article, isSpam: true }
  };

(View full diff)

Now we’re finally ready to implement the button in the ArticleActions component by importing the action type:

import { SPAM_ARTICLE } from '../../constants/actionTypes';

And adding a dispatch function to props:

onClickSpam: payload => dispatch({ type: SPAM_ARTICLE, payload })

And adding a spam function within the component:

const spam = () => {
  props.onClickSpam(agent.Articles.spam(article.slug))
};

And adding the JSX for the button:

if (!article.isSpam && props.currentUser !== null) {
  return (
    <span>
      <button className="btn btn-outline-danger btn-sm" onClick={spam}>
        <i className="ion-trash-a"></i> Flag Spam
      </button>
    </span>
  );
}

(View full diff)

And now, after ten distinct changes, we have a working button in React.

In EWL

We add the button to the article page, as a page action:

.Concat( !info.Article.IsSpam && AppTools.User != null
    ? new ButtonSetup( "Flag as Spam", behavior: new PostBackBehavior( postBack: PostBack.CreateFull(
        id: "spam" /* not a magic string; just needs to be unique on page */,
        firstModificationMethod: () => {
            var mod = info.Article.ToModification();
            mod.IsSpam = true;
            mod.Execute();
        } ) ) ).ToCollection()
    : Enumerable.Empty<ActionComponentSetup>() )

(View full diff)

And that’s it. The button’s action (flagging the article as spam) can only execute when the button is present on the page, so there is no need to have a separate authorization check on the action. Remember that this is server-side code and cannot be bypassed.

This is why abstraction matters

You can now see why we call EWL a “new level of abstraction for enterprise web applications.” If you’re developing a line-of-business application with front-end JavaScript, I hope you have a good reason.

If you like what you just read, subscribe to our mailing list!


Thanks to Don McNamara and Jonathan McKenzie for help with React.

Five years ago, I wrote an essay titled SPAs are Just Harder, and Always Will Be. I showed why traditional, server-side web apps are easier to build and maintain than Single-Page Applications (SPAs). The EWL team has applied this concept and, with the help of our built-in user interface, we’ve just completed the smallest RealWorld example implementation to date.

EWL RealWorld is available on GitHub. The following two charts show how it compares to the combination of the React front end with the ASP.NET Core back end.

What Makes the Difference?

The EWL implementation is not only smaller because of its traditional server-side architecture, but also because EWL includes a built-in user interface and automatic form layout much like what is provided by proprietary low-code platforms such as Salesforce and Mendix. There is no hand-coded HTML and very little CSS. As an EWL developer, you give up some control over your app’s look and feel in exchange for a big productivity boost.

Other Benefits

EWL RealWorld gets a lot for free:

• Semantic, accessible HTML that includes HTML5 input types
• Keyboard navigation and focus management
• Built-in email support with SendGrid

It also runs on an open, cloud-agnostic operations platform.

Short-Term Weaknesses

We began the EWL project with the birth of .NET in 2002. Its web framework started as an extension of ASP.NET Web Forms, which is why EWL systems still include .aspx files and ugly, query-string-parameter URLs. We’re in the midst of a multi-year project to move the web framework to ASP.NET Core, which will fix these issues while also enabling all EWL systems to run on Linux. The bulk of our changes are taking place under the hood, which means you can begin an EWL project today and expect no more than the usual number of breaking changes each month (the home page explains our continuous-adaptive-maintenance approach).

EWL’s web framework now includes some new, .NET-Core-compatible (i.e. without Web Forms dependencies) form controls: TextControl, EmailAddressControl, and TelephoneNumberControl. Similar to the new HTML editors and hidden-field component, these take most of their parameters via Setup objects to avoid duplicate parameters in (1) the form-item-getter methods that EWL generates for database columns and page query parameters, and (2) the new DataValue extension methods, which make it easier to create form controls for ephemeral data within a page, such as a search box. The new form controls follow accessibility best practices, for example by supporting proper labeling via the HTML label element and using correct input modes on mobile devices.

We’ve also reimplemented page “autofocus”, which lets you specify the location of keyboard focus when a page loads in the browser. The old implementation depended upon Web-Forms Control IDs, and had a couple of significant design problems that we observed over the years. First, to specify focus on a control, the page needed a reference to the control’s ID. This worked well for simple pages, but in complex pages with many nested components, it took a lot of ceremony to get a control reference all the way up the call stack to the page level. Second, the only way to override the focused control after a post back was to specify the control’s ID before the post back. This is impossible if the control doesn't exist yet! Our new design is based on wrapper components, called autofocus regions, and fixes these flaws. Read more in the release notes.

We've just published the reasons why we chose the MIT License for EWL. If you're involved in other open-source projects, these reasons may help frame your thinking and make your own licensing decisions.

We just wanted to thank Craig Thompson for his amazing and continuing work on the qTip2 jQuery plugin. EWL has used this component for several years already and we're very happy with it. And just today, qTip2 made it trivial for me to re-style our tooltips to match the upcoming new look and feel for EWL's built-in user interface.

I've just published a new package in the ReSharper Gallery that contains external annotations for some of the libraries used by EWL. Currently it only includes annotations for Humanizer but in the future we hope to add more.

If you're using EWL and ReSharper, please open up the ReSharper Extension Manager right now and install the Ewl.DependencyAnnotations package.

I just added a new Session State section to our "Deliberate Omissions" page in the wiki. It explains why we no longer support ASP.NET session state.