Thursday, August 13, 2015

Simplest way to implement a state machine approach for SharePoint list items


As you can read in WikipediaA finite-state machine (FSM) or finite-state automaton (plural: automata), or simply a state machine, is a mathematical model of computation used to design both computer programs and sequential logic circuits. It is conceived as an abstract machine that can be in one of a finite number of states. The machine is in only one state at a time; the state it is in at any given time is called the current state. It can change from one state to another when initiated by a triggering event or condition; this is called a transition. A particular FSM is defined by a list of its states, and the triggering condition for each transition.

SharePoint developers frequently face to state machine problems and the typical solution includes a workflow implementation. Actually, SharePoint includes default workflows for common scenarios, for instance Approval (route a document or item for approval or rejection), Collect Feedback (route a document or item for feedback), Collect Signatures (route a document, workbook, or form for digital signatures), Three-State (track an issue, project, or task through three states or phases) and Publishing Approval (automate content routing for review and approval) workflows.

But sometimes such workflows doesn’t fit exactly to your scenario or worse, the workflow usage is just an overkill.

Next, I’ll introduce you a clean state machine (also personal) approach to handling state transitions of SharePoint list items without workflows.

Event receivers as workflows alternative

As you should suppose the only way implement this is by using event receivers (a.k.a. event handlers) instead workflows. But how make a clean solution event handler based to implement a state machine. 

Allow me show you how the final code looks like for a customized publication process based on this approach:

[StateMachine("State", typeof(PublicationRequestStateMachineValidator))]
public sealed class PublicationRequestStateMachineItemEventReceiver : StateMachineItemEventReceiverBase
 private void OnApproved(SPItemEventProperties properties)

 private void OnRejected(SPItemEventProperties properties)

 private void OnReadyToBePublished(SPItemEventProperties properties)

 private void OnReadyToBeUnpublished(SPItemEventProperties properties)

Notice the introduction of a few new classes:
  • StateMachineAttribute: To indicate the column to be monitored and its validator class. The example above indicates that the column name is "State" and the validator class  is typeof(PublicationRequestStateMachineValidator). 
  • StateAttribute: To indicate the event method that will be called when the state change to the specified value. For instance, the usage of [State("Approved")] means that the method OnApproved will be called when the item change to  the "Approved" state.
  • StateMachineItemEventReceiverBase: Implements the base behavior of the state machine (invokes the validation to avoid not allowed transitions also call the event methods).
To make this work properly you must register you state machine item event receiver on the list that you want to monitor for state change. This must be done via RegisterEventReceiverIfRequired extension method for SPList. This method not only registers the event receiver the list, it also adds a custom column to the list to implement the change detection approach whether the event receiver inherits from StateMachineItemEventReceiverBase. 

This could be done with the follow code in a feature activation for instance.

publicationRequestList.RegisterEventReceiverIfRequired(SPEventReceiverType.ItemUpdating, typeof(PublicationRequestStateMachineItemEventReceiver).Assembly.FullName, typeof(PublicationRequestStateMachineItemEventReceiver).FullName);
publicationRequestList.RegisterEventReceiverIfRequired(SPEventReceiverType.ItemUpdated, typeof(PublicationRequestStateMachineItemEventReceiver).Assembly.FullName, typeof(PublicationRequestStateMachineItemEventReceiver).FullName);

How validate state transitions?

Support transition validation is also a cool feature of this library. In order to validate the transition, you can inherit from StateMachineValidator class and type your own. Our custom publication request example the state machine validator looks like this:

public sealed class PublicationRequestStateMachineValidator : StateMachineValidator<string>
        public PublicationRequestStateMachineValidator()
            this.AddAllowedTransition("WaitingForApproval", "Approved");
            this.AddAllowedTransition("WaitingForApproval", "Rejected");
            this.AddAllowedTransition("Approved", "ReadyToBePublished");
            this.AddAllowedTransition("ReadyToBePublished", "Published");
            this.AddAllowedTransition("Published", "ReadyToBeUnpublished");
            this.AddAllowedTransition("ReadyToBeUnpublished", "Unpublished");

Now if someone tries to change the state from WaitingForApproval to Published - for instance - the change will be reverted automatically.

This is also useful to enable or disable some actions. Here are couple of pictures that depicts the enable state of the ribbon button depends on an allowed transition validation implemented in javascript in combination with a REST service.

Example A: Enabled because transitions are allowed
Example B: Disabled because transitions are not allowed


This post is an introduction to the new StateMachine.SharePoint library. This library allows you simplify the implementation of a state machine based approach to monitor and validate the states of SharePoint list items.

For now, you can build this library from its sources and deploy directly into your SharePoint farm or wait for the "top secret" weapon and forthcoming project PackageManager.SharePoint  ;)

Wednesday, July 8, 2015

Can NDepend 6 and SONAR work together?


As I wrote in this post, one of the greatest feature of NDepend were its “great Visual Studio integration in order to display your technical debt directly inside the IDE”.

NDepend can also be integrated as part of your continuous integration pipeline in order to make the analysis of technical debt results public for the whole team (or just break the build under certain conditions). There are a lot of official documentation about how integrate NDepend 6 with Team City (as a build server) or SONAR (as a quality metric tool).

But let’s start with my own experience setting up NDepend 6 and SONAR and checks the benefits of integrates both tools.

Integrating NDepend with SONAR

NDepend 6 comes with support for SONAR integration. The process is pretty forward and is well described on the documentation. After follow such steps you will get all NDepend’s rules imported into SONAR and you can activate them into a Quality Profile for instance the Full Analysis for C#

NDepend rules imported in SONAR

The issues could start when you run an analysis for large projects with several violations. If you run (the runner) with –X the stack trace will show you the java.lang.OutOfMemoryError as the exception. But nothing that can’t be solved following this recommendations: 
  1. Run sonar-runner with x64 JRE. 
  2. Increase the heap size by turn this line:

%JAVA_EXEC% %SONAR_RUNNER_OPTS% -cp "%SONAR_RUNNER_HOME%\lib\sonar-runner-dist-2.4.jar" "-Drunner.home=%SONAR_RUNNER_HOME%" "-Dproject.home=%PROJECT_HOME%" org.sonar.runner.Main %*

             into this one

%JAVA_EXEC% -Xmx3062m -XX:MaxPermSize=512m -XX:ReservedCodeCacheSize=128m %SONAR_RUNNER_OPTS% -cp "%SONAR_RUNNER_HOME%\lib\sonar-runner-dist-2.4.jar" "-Drunner.home=%SONAR_RUNNER_HOME%" "-Dproject.home=%PROJECT_HOME%" org.sonar.runner.Main %*

            in the sonnar-runner.bat file.

The results

SONAR is an isolated server that receive the results from “inspection agents”. Actually the inspection results are committed directly into SONAR database and the SONAR web application or dashboard displays the results in a centralized way. 

So, as you expected (and so do I), after run an inspection via sonar-runner, the NDepend's rules violations are displayed as SONAR's issues, just like this.

NDepend's violations as SONAR's issues

So, now you can manage (assign, resolve, or comment) such issues trougth SONAR interface. 


As you should know at this point, the answers is yes. NDepend 6 can work together with SONAR. But as you can also see I have a lot of work to do. So, I’m not sure what I’m doing writing this blog post ;).

SONAR dashboard
PS: This is not a "Do as I say, not as I do" post. As I also said, the "important thing is, not to accumulate technical debt and fix it as soon as it is detected". The sample reports shown on this post intentionally includes source with a tons of defects. Most of them comes from tests / PoC assemblies and auto-generated code.

Monday, February 16, 2015

Self-disciplined Agile Monitoring

Note for readers: I wrote this post over a year ago (even more), but for some reason I forgot to post it, so here it is.


Now days, we are improving our development process laying-out our organization strategies, development process and methodologies. 

Our experiences point to a mixed approach, with the self-organization from Scrum and self-discipline from eXtreme Programming (XP). But about this kind of “mixed martial arts” for software development approach I will talk in forthcoming blog post. 

As you can read in one of my previous blog post, we use Team Foundation Server (TFS) as issue tracker and thanks to Scrum for Team System v3 (STSv3) process template, we have an “excellent” implemented guidance to execute Scrum “as is”.

But the existing day by day sprint monitoring’s tools around this process template hides the real behavior of the team in the iteration. 

On the other hand, we also have some needs about monitoring. Indeed against the theoretical practice of monitor the whole team we have to track individuals.

Some projects leads (me included) want to track theirs developers work against the importance of monitor the whole team behavior. Sam Guckenheimer (with Juan J. Perez), in his book “Software Engineering with Microsoft Visual Studio Team System”, aims us to use descriptive metrics rather than prescriptive. But here such measurement method “doesn’t work”, we need more control and also need a single view. 

Tracking the daily work in STSv3

Scrum for Team System (v3) is a great process template. Its major advantage of this implementation for TFS is about the usage of the server side event notification API. This allows updating all of computable fields for instance: start and end time for sprints (summarized from team start and end sprint dates), remaining hours for sprints and team sprints, and so on.

Scrum for Team System also comes with a lot of reports, but about daily work sprint monitoring comes with only one (maybe two).  This report is known as Sprint Burn Down

The burn down metric

The Sprint Burn Down is good metric but it’s incomplete. Such single line indeed hides the real behavior of iteration. 

Please, try to answer these questions:
  • How can you notice if some tasks where moved out of the current sprint?
  • How can you notice if some user stories where moved out of the current sprint?
  • How can you notice if some tasks where added to the current sprint?
  • How can you notice if some user stories where added to the current sprint?
The fact is that as this chart doesn’t display the planned work so it hides these behaviors. 

  1. If you see an ideal chart, an straight down line from an amount of hours as remaining work (at some point of the sprint) to zero (at the end of the sprint), doesn’t mean that everything is fine. May some tasks were moved of the sprint.
  2. If you see a horizontal line doesn’t mean that everything is wrong. May some tasks were added at the same time that others were actually done. 
The burn down metric

The fact is that you are not able to answer this question: What had really happened here?

Complementary tools to track the daily work

One of my favorites tools to track iterations, and also share the iteration status with the whole team is ScrumSprintMonitor. Yes, the multi-process template screen saver. 

The effect of the usage of this tool in the team’s focus is incredible and of course, more over the “guys in red” ;-).
Demo screenshot of ScrumSprintMonitor from codeplex and ScrumSprintMonitor in action but in planning mode in a lab
I like the Scrum Sprint Monitor and have been using it for years, even when I had no longer available the TV in the picture above. But again, the main metric is the Burn Down.

This tool includes a lot of info so I get inspired and wrote my own, just like I thought that it should be written ;-).

Self disciplined agile monitoring

Well, the thing actually started some years ago when I found this chart in the book “The Art of Agile Programming” from James Shore and Shane Warden. Its name is Burn Up. 

Basically consist of a couple of lines. One to show the total of planned work and the second to display the progress.

The burn up metric

In the context of a project to help my own organization to get the right way in terms of software development practices, I bought some time in order to port this metric into this monitoring application.

My own ScrumSprintMonitor in action with the burn up metric
As I said before it was inspired in Scrum Sprint Monitor but it was re-written from scratch to focus in the Burn Up metric. The current version it’s only compatible with STSv3.


  1. Now we have a very cool monitoring application with a very meaningful metric. The Burn Up. 
  2. In order to distribute as fast as possible this tool and its updates across my organization, I also implemented a draft of NuGet based automatic update system. After done, someone told me about something called Shimmer. I have to review it ;-).
  3. I almost forget. This application is powered by Catel and Prism in combination (a.k.a. Catel.Extensions.Prism). 
Happy sprinting and monitoring ;-)

Monday, January 19, 2015

Why should you start using NDepend?


This weekend I finished painting my apartment. Then I laid on the floor, looking at the ceiling, started taking some shots and talking to myself:

A) Yes, it looks great and with this new lamp in the middle of the living room, everything looks perfect. B) But what is that I see at the corner? Let me get a closer shot. C) Oops!!! I made a mistake, I need to fix it ASAP ;)

Yes, I know, I’m not a professional painter. Therefore, I don't have the right tools to alert me about this technical debts while I’m painting. 

Such experience reminded me that I’m a software developer and recently acquired the right tool detect such “dark spots” – a.k.a technical debt – of the source code while I’m coding. Its name is NDepend.

What is NDepend?

SONAR Web Report
NDepend is a static analysis tool for .NET managed code. As you should know static analysis is about analyzing code without executing it and generally used to ensure conformance with the coding guidelines.

NDepend is not the only tool available for static analysis code for .NET, there are several tools including Code Violation Detection Tools like Fxcop, Clocksharp, Mono.Gendarme or CodeIt.Right,  Quality Metric Tools like Nitriq, SONAR or NDepend itself, or just Checking Style Tools like StyleCop, Agent Smith.

Actually, I currently use SONAR with its seamless integration with build process in order to continuously manage code quality in centralized reports of technical debts.

NDepend also has integration with the build process, but from my point of view, one of its key features is the great Visual Studio integration in order to display your technical debt directly inside the IDE.
NDepend Dashboard in Visual Studio
Let's take a look at a very quick start with NDepend.

A very quick start with NDepend

Quick access
to the violation results
After installing a plugin and setting up your  project, you should run a code analysis just by clicking the option from the menu NDEPEND => Analyze => Run Analysis or moving de mouse over a circle in the notification bar and click in Run a First Analysis on this NDepend Project.

If you move the mouse again - once the analysis finished - over the circle in the notification bar you should see the Code Queries and Rules Summary, with the fast access to the Critical and Rules Violated

Such results, categorized into Code Quality, Object Oriented Design, Design, ArchitectureLayering, Dead Code, and so on, are displayed on the Query and Rules Explorer panel and allow us to navigate from the violation directly to the source.
Categorized violation query results on the Query and Rules Explorer
For instance, let me check from Code Quality category, the rule Methods with too many parameters - critical.  

The rule description is the follow: Methods with more than 8 parameters might be painful to call and might degrade performance. You should prefer using additional properties/fields to the declaring type to handle numerous states. Another alternative is to provide a class or structure dedicated to handle arguments passing.

The analysis found 16 violations of this rule, by clicking it you can navigate to the method. In this case, I selected one with 9 parameters and found out that indeed, it must be refactored. Now, thanks to the integration of Visual Studio and Git,  you can also see who's the author of this violation. 

Navigating from rule 'Methods with too many parameters - critical' result to StartSiteCreationProcess method
Let me take a closer shoot to see who that is:

Oops!!! it's me, I need to fix this ASAP ;)


Important thing is, not to accumulate technical debt and fix it as soon as it is detected. For .NET developers, NDepend is the right tool to start with.

You can make mistakes (critical or not), but be aware of your code quality constantly makes the difference between the apparent and intrinsic quality of your sources and consequently your products; even when untrained eyes may only see the beautiful lamp.

Btw, It seems like I've got similar skills as painter than as software developer ;).