Who are you?
My name is Aaron Zalewski and I am a software professional specializing in ASP.Net, working in the greater Nashville area. I have been a software developer for more than 7 years, during which time I have cultivated a particularly strong and encompassing skill set for the planning, development, implementation and maintenance of Web Applications leveraging the .Net framework. While I have narrowed my technical focus to ASP.Net/C#/SQL, I have maintained broad competency when it comes to the business side of taking a software initiative from concept to implementation. I am as comfortable in front of non-technical business professionals, distilling the goals and challenges of their own business process into a software solution as I am behind the keyboard implementing it. I am not a jack of all trades. I do one thing, and I do it exceedingly well. I make web delivered business solutions work.
What do you provide as a consultant?
Besides my expertise , I provide my own professional
insurance, software and equipment. I strive to be a turnkey solution for both clients and the consulting
companies who represent them. I maintain an MSDN subscription for the legacy to latest operating
systems, business and development software.
Furthermore I bring a state of the art development machine with me
(Intel Quad-core 2.4ghz with 4GB RAM) which I will format to the client’s environment so as to
maintain both productivity in my work and performance during presentations.
What is your personal demeanor?
First and foremost, I am professional and straight forward. I prefer
slacks and a dress shirt unless the environment is so casual that this would be a distraction. I am friendly,
level headed and personable; on the job however I tend to all business. I am very good at what I do,
however I also respect other’s opinions as I am not always right. I strive to be accessible and
I enjoy helping & learning from others.
I respect the chain of command and am conscious of the necessity to be
discrete. In that respect, if someone is flat out wrong, I will pull them aside behind closed doors
and tell them. That is my responsibility as a professional. If after explaining the problem,
I am told to do something the wrong* way, I respect the needs of the business and will do it whatever way
they require.
* I will do something “wrong”, as in “incorrect”.
Don’t ask me to do something unethical. I will cheerfully walk away from any amount of compensation
so long as I maintain my integrity and I mean that.
Why ASP.Net and the web, is this the only environment you can work in?
Software development is such a broad discipline. Early on in my
career I realized that to try and know it all was to resolve to know nothing of any value. I believe
your programming language of choice is less important than your ability to distill complex problems into
solutions. So the decision to specialize in a Microsoft technology has been mainly a product of my
environment. Nashville is a Microsoft town and I serve its clients.
As far as targeting Web versus Desktop Applications, I believe in internet
delivered solutions as the future. There are several challenges to working over the web (disconnected
layer, DHTML and bandwidth to name a few) however its ability to deliver scalable, updateable and maintainable
solutions outweigh its limitations. That in mind I am very enthusiastic about Silverlight’s
potential as a hybrid delivery mechanism.
Finally, no, ASP.Net is not the only environment I will work in. In
fact when it comes to business analysis and a good deal of architectural planning and entity design, I find
these tasks quite language independent. Likewise when it comes to coding the lower levels of business
rules, data access and other back end “heavy lifting”, the fact that it is destined for a web
front end is usually immaterial. However, when it comes to non-Microsoft solutions, I will probably
decline. I do not want to be everything to everybody; I want to be one of the best .Net resources in
Nashville.
Are there any examples of your work that help to demonstrate your ability?
I will list a few highpoints here in reverse chronological order. Keep in
mind much of my work is centered on business applications delivered over the web that sit behind authentication
so direct linking is not possible.
- Role based Page and Field Level permissions.
ASP.Net has a mechanism for
assigning users to roles and via a directory based methodology, to grant or restrict view access to them.
This was deemed insufficient to the client. What they desired was the same role based delineation, but
to have control over the ability to Add/View/Update/Delete on a page and individual controls (such as a
DropDownList or a group of varied controls including UserControls already written). The solution was to
use the existing .Net roles but to extend them. Relying on a directory structure was completely
impractical and transforming a page from a set of interactive DropDowns, TextBoxes, RadioButtonLists,
etc to a ReadOnly version is totally out of the scope of the native .Net role based security.
The solution implemented required no recoding by the developers, rather the inheritance of a custom
BasePage class. Individual controls were placed under the Permissions Controller via a code infront
assignment that could not be spoofed by the user. Page access did not require any intervention by the
developers. A page for which a role lacked View access was accomplished by adding an identifier to any
link in the app which would take the user there, thus accomplishing Menu Based security, and backed up by
a check on Page.Request which if the user somehow hit a page they lacked permission to, a message would
appear, a log entry would be recorded and they would be sent back from whence they came. The administration
of this solution was available to the Admin role and consisted of an interface much like a product’s
feature matrix with columns, rows and checkboxes. When a user had View but not Add/Update access, all
controls on the page were transformed prior to be served to the client in a fashion that prevented editing.
- User Interface performance enhancements via AJAX.
I have modified several “heavy” feature sets to take advantage of Asynchronous JavaScript And XML
(AJAX). When a page serves all the needs of the end user, but is rendered unresponsive by its size
and complexity, it risks becoming an expensive paperweight. I have rescued many well developed solutions
from such barriers to adoption by the intelligent use of AJAX. Whether it’s a maintainable, out of the
box, block level enhancement using UpdatePanels or custom processing via MSXML2.XMLHttp to WebServices
and JSON response processing, I have implemented it. In fact, because of its asymmetric nature, the User
Interface is sometimes the most difficult layer to master.
- Active Directory based .Net Security Wrapper.
I was asked by a company doing a SharePoint initiative to expand upon the native security structure
available through SP. This was an example of where I believed they were going about solving a business
problem the wrong way*, but after communicating this opinion I helped them to implement the solution anyway.
SharePoint’s security model is a pretty standard page and role based mechanism. However the company
wanted to give developers the ability to add a WebPart (or resource) to a page, using the standard
drag and drop mechanism and assign an owner to it. Then another instance of the same WebPart could
then be assigned to a different person on the same or another page and maintain its own personal
ownership by an employee in Active Directory. Once an owner was assigned (a task support should be
able to do) that owner would go to the page their secured resource resided on and open up a tree control
to delegate View/Edit permissions. This tree walked Active Directory from the owner’s position up each
Manager level until it reached the CEO, and down their Direct Reports recursively. Thus the owner could
delegate to anyone they had influence over, or had influence over them, the ability to interact with
their secured resource.
The resulting object was serialized in the database and upon request, inspected for changes in staff.
Such changes would result in a rebuilding of the object and thus intervention-less self maintenance.
The wrapper was implemented by developers inheriting a ‘SecureWebPart’ class rather than the standard
Microsoft.Web.UI.WebPart class and was entirely OO. I delivered the solution in a little over 4 months,
before which I knew no more than the basics about Active Directory.
*The solution was wrong in my opinion not because it wouldn’t work, but because the company was trying to extend SharePoint in a direction for which it was not designed, not well equipped to handle and which required a skill set to maintain that was outside of available local resources.
- digiChart is an Electronic Medical Record (EMR) for OBGYN practitioners and
their office staff. This is the company I cut my teeth at. During the 5 years I spent in their employ
I rose from front end developer to a foundational member of the senior development team. I wrote the
‘vaporware’ demo to convince both clients and investors to keep us open as well as the ACOG Report which
helped to cement a strategic alliance between digiChart and the American College of Obstetricians and
Gynecologists. This alliance was seen by the company as essential to digiChart’s adoption in the
marketplace.
One of my final and proudest achievements was getting the company out of ‘al a carte reporting hell’.
The company found itself with 88 SQL queries written by different developers, each based on an
individual request and an individual practice. Many of these reports asked for very similar data.
I first distilled these 88 queries into 28 multifunctional Stored Procedures which took optional as
well as required parameters. Then I created a three table data architecture, business and rendering
logic that transformed these 28 procedures and their various parameters into a data driven User
Interface.
The end product was to deliver a reporting mechanism, accessible to every client in a
manner that freed up database developers to innovate rather than fulfill client requests. It was
also architected in such a way that new reports and changes to existing reports, even changes that
added new parameters, could be deployed on the fly without a redeployment of the codebase.