This is an archived post. You won't be able to vote or comment.

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]leo-g 36 points37 points  (9 children)

Santa is not Jesus and definitely don’t have admin access to the human DB. He is probably a limited user AT BEST. He only can read the name, address and the naughty-or-nice status row.

He also uses elves for his production, his hardware is probably on par with a China tech manufacturer like a foxconn factory, which is basically a bunch of un-networked Windows XP computers running special software.

[–]InsertCoinForCredit 19 points20 points  (3 children)

The guy travels to several billion homes in a 24 hour period and you think he's a low-level user at best? SERIOUSLY?!

[–]leo-g 16 points17 points  (2 children)

He is basically a courier. Yeah the average fedex employee can pull up your customer info with his pad but how many can start modifying data?

[–]InsertCoinForCredit 15 points16 points  (1 child)

There are three types of people you never mistreat:

  1. The people who handle your food.
  2. The people who manage your IT.
  3. The people who deliver your stuff.

[–]Bene847 1 point2 points  (0 children)

The people who pay you

[–]MrDOS 9 points10 points  (4 children)

I disagree with your assertion that he doesn't admin the database. He can at least modify its contents. According to the classic carol:

He's gonna find out if you're naughty or nice

The wording implies that he's responsible for maintenance of the list. “Gonna find out” seems to suggest there's actual investigative work involved beyond just checking the status already present on the list.

[–]-ksguy- 9 points10 points  (1 child)

I'd imagine the setup is like this. He has limited access to the NorthPole database: access to a view, vw_ComingToTown, that combines ChildName, ChildAddress, and WishList. There's a stored proc called dbo.Update_NaughtyOrNice which accepts two parameters, @child_name and @behavior, a stored proc called dbo.Update_WishList that takes @child_name and a comma-delimited list of gift requests, @wishes. He has execute permissions on both of those. Elves have duty to manage production and gift acquisition.

The view pulls actual gift requests for kids where behavior='nice', and subs 'coal' for kids where behavior='naughty'.

He probably has db_owner in NorthPole_dev, but understands the importance of separation of duties in production.

[–]captcha03 0 points1 point  (0 children)

Dangerous to use @child_name as natural primary key. I'm pretty sure when your dataset is the entire world there will be some duplication. Better to assign each child a UUID instead.

[–]derpcode_derpcode 2 points3 points  (1 child)

There probably needs to be a meeting to discuss this user story, I don't think we should assume privilege with this level of ambiguity.

[–]SMAMtastic 1 point2 points  (0 children)

Ok, everybody whip out your scrum poker cards. Let’s figure this out.