Perverse Incentives


It is well established that CEO pay has climbed astronomically in the last decades, and that over a similar period inequality has grown throughout the Western world. This period has also been dominated by laissez faire economics, and corporatism to the extent of corporate welfare.

There are some indications that we are swinging away from this setting, with even the IMF saying, “Empirical evidence suggests that it may be possible to increase [personal income tax] progressivity without adversely affecting economic growth” (IMF Fiscal Monitor, October 2017), but it will be some time, if ever, before the mind-set of actors in this economic dance changes.

Right now, you might be wondering whether this is a software blog or some economic philosophy one, but be assured, this relates back to management, and particularly how it impacts high-skill industries such as software development.


Our current economic setting has created a system of incentives that is at odds with the goals of good management.

Good management in knowledge industries emphasises an ‘upside-down-pyramid’ of management which supports, rather than directs, the activities of skilled front-line executors. Put another way, it genuinely recognizes that people are the most important asset in a business and the role of management is to create an environment where those people with the skills can excel.

It is also clear that managers can add value in ways that others can’t. They can use their outright authority to connect otherwise separate groups, resolve conflicts, and use their bird’s-eye-view of the business to sponsor change and ensure strategic alignment, a.k.a. ensuring the right work is being done (HBR, 1995).

In our society we equate value with money, and given the greater value managers can add, pay managers more. We also expect more return from more money, so we expect increased responsibility and accountability from said managers. But here we reach the crux of problem: to support skilled staff it is important to empower them with responsibility, so how can the manager be held accountable whilst giving away the responsibility? To readers who (like myself) have been managers this is the “no kidding” moment, so I would ask the question, how have you tried to change that? This is a systemic problem and as far as I can tell our approach has been grudging acceptance of the status-quo.

How strong is that responsibility?

Good managers empower people, and people make mistakes, and it is unfair to hold the manager responsible for those mistakes, otherwise everyone would be too afraid to make mistakes and we’d destroy effectiveness and any hope of innovation. We also read in the media stories of obfuscating CEOs who (quite reasonably) admit they couldn’t have known that X was happening in their organization and so (will make some knee-jerk changed to resolve it, and) can’t really be held responsible.

By highlighting that they’re ‘not really that responsible’ the premise that with increased value comes increased responsibility has been completely undermined. Now this isn’t the only reason managers are paid more: The other commonly held notion is that managers add more value because their decisions have greater (financial) consequences. This I dispute largely because those decisions are never made in a vacuum, and there are a lot of advisors and analysts that effectively determine the decisions in the first place, with the executive being closer to a rubber stamp than a judge. But that would be a digression from the point of this post, which is to focus on the consequences of ‘having responsibility’.


Responsibility encourages micromanagement. When your head is on the line then your instinct is to get as involved as possible to ensure the outcome you want. There are plenty of good managers out there who manage to overcome this instinct, but the system is very much setup to encourage micromanagement, and that destroys empowerment.

Under micromanagement, instead of having a team who are comfortable to pursue their own direction to achieve the goals, you’ve now got a sort-of team member (the manager) with a much more limited view of the details (after all, the higher up an organization you are the wider but shallower view you’re expected to have) who ironically requires more energy from the team-members to ‘manage’. This also makes the team feel less ownership for their work because accountability becomes blurred between the manager and the team. And instead of being measured by outcomes the team are judged on details; details that the manager is often not as qualified (as they think they are) to judge.

Micromanagers can also become the de-facto communication channel instead of the more effective approach of organizing teams to communicate with each other. This creates a knowledge and communication bottle-neck which is inefficient.

What does an effective manager do? They set a vision and goals, empower people to execute on them, provide cover so they can achieve their goals, resolve conflicts, and then put their feet up or have strategy off-sites or something like that. They should not be required to answer all the questions other people in the organization have – the team is the most capable to do that – but they can filter the questions to ensure the team can focus on the work.

But if your organization insists on you knowing everything because you are ‘responsible’ because you are expensive, then how can you be an effective manager?


So how do we fix this?

Essentially, be realistic with managers roles. If their roles are seen to be closer to text-book roles of planning, leadership, organization, and control rather than a know-it-all of everything in their fiefdom, then responsibility is going to fall closer to where it is held, with the executing team.

With this reduction in perceived responsibility and expectation there should be a reduction in compensation.

This will also improve empowerment among the teams which will give them a greater sense of ownership and satisfaction, meaning they’re less likely to turn-over.

Aurelia return to URL after login

When a user accesses a URL without being authenticated we want to take them to the authentication page and then automatically redirect them to their requested URL after successful login. This is particularly important for following URLs from emails or other notifications, and for browser bookmarking.

Aurelia has a navigation pipeline which includes an authorization step and is executed for any navigation action. As part of an authorize step we can check whether the route is configured to require authentication and redirect the user to a login page (” in my case) if they are not.

class AuthorizeStep {
    protected run(navigationInstruction, next) {

        // determine if the route requires authorization
        // i.e. { route: '...', module: '...', setting: { auth: ... }}
        let authConfig = navigationInstruction.getAllInstructions().find(i => i.config.settings.auth);
        if (!authConfig)
            return next();

        let isLoggedIn = checkIfLoggedIn();
        if (!isLoggedIn)
            return next.cancel(new Redirect("")); // redirect to login page
        return next();

To redirect after login we need to save the navigation instruction from the failed login and use it following the next successful login. To save it I introduced a NotAuthorizedRedirect class.

import { autoinject } from "aurelia-framework";
import { Router, Redirect, NavigationInstruction } from "aurelia-router";

// singleton by virtue of aurelia's default DI
export class NotAuthorizedRedirect {
    private navigationInstruction: NavigationInstruction;

    constructor(private router: Router) { }

    public notAuthorized(from: NavigationInstruction) {
        this.navigationInstruction = from;
        return new Redirect("");

    public get redirecting() {
        return !!this.navigationInstruction;

    public tryReturnTo(): string {
        if (!this.navigationInstruction)
            return "";

        let uri = this.navigationInstruction.router.generate(
            Object.assign(this.navigationInstruction.params, this.navigationInstruction.queryParams),
            { replace: true });

        this.navigationInstruction = null; // single use
        return uri;

We use this class by first calling the notAuthorized method which saves the navigation instruction and returns a redirect to use. Once the user is known to be authorized we call tryReturnTo to generate a new url.

One issue I had was that some parameters come in via the query string. Thankfully the router generate method has a feature that any parameters given which are not in the route definition (i.e. the id in a route-name/:id) are applied as query string parameters, so tryReturnTo is able to copy the query string parameters (.queryParams) onto the other parameters to re-generate the query string.

We can now use these methods from the AuthorizeStep as follows:

class AuthorizeStep {
    constructor(private redirect: NotAuthorizedRedirect) { }

    protected run(navigationInstruction, next) {

        let authConfig = navigationInstruction.getAllInstructions().find(i => i.config.settings.auth);
        if (!authConfig)
            return next();

        let isLoggedIn = checkIfLoggedIn();
        if (!isLoggedIn)
            return next.cancel(this.redirect.notAuthorized(navigationInstruction));

        let redirectUri = this.redirect.tryReturnTo(); 
        if (redirectUri)
            return next.cancel(new Redirect(redirectUri)); // return to url from before login attempt

        return next();

A minor limitation of this approach is that the original URL applied by the user disappears from the address bar when they are redirected to log in. To remedy this NotAuthorizedRedirect also has a little helper property, redirecting, which can be used to indicate to the user that they are being redirected, and could easily be extended to show the user the original url.

The workings of this were originally posted in an aurelia discourse thread.

Repeating tr in Aurelia

I stumbled into one of those subtle little gotchas today with Aurelia.

Browsers’ only allow tr tags inside a tbody, and td tags inside a tr. As such, if you want to repeat a table row in Aurelia then rather than add a custom tag, you need to indicate to Aurelia that your component element is replacing another element by setting the as-compose attribute.

<tr repeat.for="x of obj" as-element="my-element" x.bind="x"></tr>

Where I got caught was with the (my-)element template. I wanted table cells so I created the following:

  <require from="../../resources/elements/typeahead"></require>

However this didn’t work – it effectively removed any td.
The problem was that during rendering Aurelia directly combines the template and parent, creating an invalid HTML structure like this:

  <require from="../../resources/elements/typeahead"></require>

Fixing the problem then is very simple: just move the require inside the first td:

    <require from="../../resources/elements/typeahead"></require>


As part of my application I wanted to run a background service. In some fantasy future this might run as a separate process on another machine, scaling independently of the API server, so the service would naturally be isolated in its own class. For now I just needed something that would run scheduled jobs and be initialized during the Startup methods. The most popular solution for this problem seems to be a library called Hangfire which has had ASP.NET Core support since v1.6.0 (v1.6.16 at the time of writing).

Hangfire is backed by a database, so part of the setup involves selecting a database connector. There are two options for MySql, but the link for Hangfire.MySql goes 404, so I opted for Hangfire.MySqlStorage. I was able to get the basics of Hangfire working with this connector, although I did encounter some problems, notably that the Recurring Jobs dashboard page causes MySql exceptions and doesn’t load. One factor in this may be that, with Hangfire.Mysql as well as Pomelo.EntityFrameworkCore.MySql, I have references to different definitions of various MySql.Data.* classes in multiple assemblies. But as it currently works for my purposes, I haven’t pursued those errors further.

The other decision around the database is whether to share with the application database or use a separate schema. I opted for the latter to avoid any complications with my migration and test data code.

With that, we present the code. Firstly the .proj file:

<PackageReference Include="Hangfire" Version="1.6.*" />
<PackageReference Include="Hangfire.Autofac" Version="2.3.*" />
<PackageReference Include="Hangfire.MySqlStorage" Version="1.1.0-alpha" />

And then the startup functions. The first is called from ConfigureServices:

protected virtual void AddHangfireService(IServiceCollection services)
    services.AddHangfire(options =>
        options.UseStorage(new Hangfire.MySql.MySqlStorage(
            new Hangfire.MySql.MySqlStorageOptions
                TransactionIsolationLevel = System.Data.IsolationLevel.ReadCommitted,
                QueuePollInterval = TimeSpan.FromSeconds(60),
                JobExpirationCheckInterval = TimeSpan.FromHours(1),
                CountersAggregateInterval = TimeSpan.FromMinutes(5),
                PrepareSchemaIfNecessary = true,
                DashboardJobListLimit = 50000,
                TransactionTimeout = TimeSpan.FromMinutes(1),

and the second from Configure:

protected virtual void ConfigureHangfire(IApplicationBuilder app)

        notifier => notifier.Rollup(DateTime.UtcNow.AddDays(-1)),
        Cron.Daily(15) // 15:00 UTC - i.e. 3am NZST, 1am AEST

This runs my job daily at 1500 UTC, which is the middle of the night from my perspective.

One aspect that Hangfire does very well is integrate with dependency injection frameworks. I have used Autofac, and you can see in the code above that nowhere have I had to construct the class for the notifier variable, instead the interface parameter INotifier suffices. The integration with Autofac is established in options.UseAutofacActivator(this.IocContainer); in the first code block. At the time UseAutofacActivator is called this.IocContainer is still null, but it doesn’t appear to be used until after Autofac is setup, which happens very soon thereafter.

Mocking MySqlException

As pleased as I am about Entity Framework Core’s InMemoryDatabase for testing, some failures cannot be easily simulated because InMemory doesn’t enforce database integrity, like constraint validation.

One of my operations uses foreign key constraints to validate data on insert and I wanted to mock this functionality to ensure a correct return value. This proved a little challenging because the type which triggers the failure, MySqlException, has no public constructors. Therefore a little reflection magic was required:

using System.Reflection;

public class MockSaveChangesAsyncSqlContext : SqlContext
    public MockSaveChangesAsyncSqlContext() { }
    public MockSaveChangesAsyncSqlContext(DbContextOptions<SqlContext> options) : base(options) { }

    public override Task<int> SaveChangesAsync(CancellationToken cancellationToken = default(CancellationToken))
        var mySqlExceptionType = typeof(MySql.Data.MySqlClient.MySqlException).GetTypeInfo();
        var internalConstructor = (from consInfo in mySqlExceptionType.DeclaredConstructors
                                    let paramInfos = consInfo.GetParameters()
                                    where paramInfos.Length == 1 && paramInfos[0].ParameterType == typeof(string)
                                    select consInfo).Single();

        var innerException = internalConstructor.Invoke(new[] { "foreign key constraint fails" }) as Exception;
        throw new Exception("", innerException);

It is important to note this is testing code. I would absolutely advise against using reflection to dig out hidden constructors in application code for many reasons, not the least of which is that a change to the library could suddenly break your application!


This is something of a digression from previous ‘how-to’ posts. Instead I’ve felt motivated to share my perspective on leadership, which is an issue in society that impacts organizations of all sizes and kinds, from parenting through to corporations and government.

What is Leadership

I’ve often been struck by the distance between leadership as it is defined in management texts and how it is executed. My trusty management textbook places leadership as the fourth pillar of management in the section “Leading – To Inspire Effort”, and defines leadership as “the process of inspiring others to work hard to accomplish important tasks” (Schermerhorn 2001, p262). This is a fairly open definition that could include anything from managing an empowered self-managing team through to slavery. To be fair to the author, it is followed by six chapters expanding on the subject.

The contents of that text are based on the outcome of decades of research and analysis. In general, research seeks to simplify the thing under study as much as possible – to be the crucible that burns away insignificance and leaves us with the key factors that impact something. I believe concise leadership contingency models like Hersey-Blanchard and it’s three-dimensional matrix of relationship and task behavior and follower readiness illustrate how complicated systems can be abstracted to their significant details, and that such models are critical for illuminating various facets of management and preparing managers to handle the many different people and situations they may encounter (and to be clear: leaders are managers. If you are inspiring people then you are managing them).

What scientific management seems to cover less (or at least less so in introductory textbooks) is that people are.. well.. people. They aren’t ‘rational agents’ conforming to the box neatly defined by research, and they have – insert-deity-here forbid – feelings! People are squishy and unpredictable, and frankly if you’re in a management position and don’t think that I’m stating the bleeding obvious, then you need to find another job. The literature on this side of management tends to be more anecdotal, but also easy to empathize with regardless of which side of the managing/managed fence you fall on.

Theory vs Practice

So now I will add my anecdotes through some hypothesizing. I’m told (by Wikipedia) that around 1% of the population suffers from the most extreme form of narcissism, and it is my contention that these people tend to cluster in leadership roles. The very nature of “knowing you’re right” and projecting that confidence (however un-examined it may be) creates the vision that management theory looks for. It also creates an environment that followers need to have a sense of fulfillment – after all in our comfortable post-Maslow worlds we need to make a difference to find satisfaction, and what better way than fulfilling a vision to ‘achieve great change/improvement/innovation/etc’. The people who espouse this confidence are also lauded by their superiors who naturally prefer supposed simplicity over the complex reality of the situation, and thus these people tend to elevate into positions of power. Unfortunately people who ‘know’ they’re right also tend to be extremely resistant to anything that challenges their perspective. Such a conflict can be very personal and highly destructive given that any challenge is perceived as a threat to that person’s self-image or core values.

In practice the leader’s vision tends to be skewed towards their own goals, and while organizational alignment is usually covered by at least lip service, the goals tend to be angled towards their individual needs, whether for career progression (who hires the manager who thought the status quo was working great and opted not to change anything?) or a psychological need (e.g. admiration, entitlement).

This is the point where I start to struggle with these people. I believe I’m experienced enough to be positive about people and work with them to foster the goals of the relevant organization, but my natural desire for analysis means that over time I tend to find concerning dissonance in their positions. Where I’m not experienced enough, or perhaps just disinclined to submit to this aspect of culture, is that I will point out that dissonance, and in doing so create the conflict.

The world of management theory tells us to be transparent with problems because organizations can’t fix problems they can’t see, and it tells us managers that a moderate level of conflict is good (too little means people have stopped caring and are probably looking for other jobs). What it doesn’t tell us is that some of the time the manager is going to see that as a personal threat, or they’re going to ignore it and place you in the ‘whiner’ box, because these managers aren’t entirely cut out for their jobs, but there is seldom any way to observe this problem and correct it in an organization. Studies strongly indicate that the most significant factor in employee retention is their immediate manager, and yet dysfunction in that relationship is often invisible to the organization until it is too late.

We know what’s good for us, but…

Perhaps the most scientific expression of this I’ve run into is in the book Good to Great by Jim Collins. Chapter 3 very clearly summarizes that the best leaders have the opposite traits to narcissists. They are modest and under-stated, are diligent and workman-like, and they give credit where it is due but shield others from failure (Collins 2001, p39). This doesn’t stop them having a firm vision and a strong will to achieve it, but they do so by getting the right people and getting them to buy into the vision and steer the organization toward it, and expecting they’ll do the same at the next level of the organization. It is a positive and virtuous cycle if achieved.

The literature also highlights how salary and performance of top leaders correlate negatively. And yet this need for ‘leadership’ for the self-fulfilment and simplicity reasons I highlighted earlier mean these leaders, who are by all accounts bad at their jobs, continue to be highly rewarded – and probably more so that than less confident peers given their heightened sense of self-worth likely translates into salary expectations.

I doubt any of this is new. Much has been written about how “ignorance more frequently begets confidence than does knowledge” (Darwin). What remains surprising or perhaps depressing, is that for all the things we’ve learned about scientific management and about people and behaviors, is that we still reward sub-optimal behavior. Put another way, society seems to revere leaders that overestimate and under-deliver, and who are comfortable treating us as disposable minions to be crushed on the path to their own glory. And that doesn’t seem like progress.

Profiling .NET Core

Some of my application requests are running slowly and I need an overview of what is taking so long, so I turned to the internet to find a profiler. With .NET Core still relatively new I expected that finding mature profilers would be challenging. In addition .NET (in general) has thrown a curve-ball in the direction of profilers in the last few years with the use of async.

Calling await in a method causes dotnet to generate a state-machine that splits the function up into many different parts, and fills stack traces with MoveNext() functions. To be useful, a profiler needs to link these pieces of state-machine – which I believe could be running on different threads – back-together so the developer can understand what it is waiting for.

The Field

The only profiler that seemed to handle async was ANTS Performance 9.6. I initially found it’s results quite counter-intuitive until I changed the timing options drop-down to wall-clock time. Then it became much clearer from the call tree where the delays were. However it didn’t seem to load the source code despite PDB files being and place, and it was also the most expensive tool I evaluated.

The best free tool, in my opinion, was CodeTrack which provides a reasonable timeline view to enable navigation of the calls, but doesn’t have any in-built async handling.

A similar function was provided by dotTrace 2017.2 (EAP3). dotTrace also seems to be able to handle a few async cases, combining calls from the same source with async or cont, but for most cases it didn’t link them together.

There are also light-profilers, intended more for monitoring. MiniProfiler seems tailored for full MVC apps, and I couldn’t get it to produce output in my view-less API project. Prefix didn’t seem to work at all, as noted by other commented on their website, which may be related to using Core 1.1.

Finally, I should not I do not have Visual Studio 2017 so I don’t know what its profiler is like.