The recording is so good I can see sharp :)

Good content. One of the big pitfalls is; this approach should separate representations of the "Catalog" for model, DB and http/json independently, which people tend to quickly abandon, as it is seen as triplicates in the beginning and by the time it is realized it should have been separated, it is often really difficult to break things apart. And this goes for CQRS and Event Sourcing styles as well... Making good system requires discipline.

Sir, It was great explanation, based on user role, we can return different Read Models of Catalog domain Entity or Aggregate, am I understand correctly?

Nice one, thanks Vaughn. Though a question here. What is exactly Catalog component? Is it a stateful domain object or something else like domain service? And if it is a domain object then why does it contain query methods?

Thanks for this! Just one question, would the CatalogService implemented in the inside and injected into the CatalogController in this example?

P&A is so simple and simple is good. There is an unnecessary complication which introduces more impurity to the model and I'll explain. The CatalogueService being an interface "because it has to support transactions and access control". Consider this: the user wants to accomplish a goal when he accesses the controller. The user doesn't care about partially done work, it's all or nothing. Eventual consistency aside, not the case for this scenario in an e-commerce application. So the transactional boundary can be in the controller, together with all other technology-centric concerns. The Service is just telling the controller if it's done his job successfully or not, and based on that the controller can do a commit or a rollback. Now, in reality you wouldn't have to do this in each controller, but instead you can have a Middleware further to the outside doing commit or rollback across any repository and controller operations. As for permissions, I like what you've done there with the Catalogue being an interface and the various implementations in the different (or not different) bounded contexts. It's a neat idea, but I wouldn't leverage it to do access control. Instead, I'd push this concern further out: the UI knows what roles the user has, and it can render calls to completely different endpoints to do the other operation. This greatly reduces the number of ifs on the inside. Polymorphic calls are also ifs. I mean, the UI most likely already has the if there in order to do some things differently based on the role. Yes, you still need a check for the role in the backend, but that can be unambiguously be applied to the (now two) endpoints in the controller. We're always going to have different views on these questions, but regardless of that, P&A leads to a clean and simple separation of an inside and an outside. So thank you for the material.

(y)

I'm sorry, but this explanation is totally unclear. Even though I'm familiar with P&O, this vague explanation feels like Microsoft presenting JScript while everyone else is speaking JavaScript.