BTI420 Assignment 2 – Winter 2015

Assignment 2 specifications.

.

Assignment 2 due date

This is a small-size assignment, with a two-week lifetime.

For all BTI420 students the final due date is:
Tuesday, April 7, 2015, at 8:00am ET

.

Assignment 2 topic

Create a web app that enables employees to write and manage notes.

In many organizations, employees make notes about their daily activities. One or more notes per day can be created by the employee. The notes are private, such that one employee cannot view the notes made by another employee.

.

Topic coverage

Topic coverage in this assignment includes:

  • Full data management (for Note objects only), create, edit, delete
  • Association – to-one, self; and to-many, self (Employee object)
  • Working with security principles
  • Rich text editing
  • All UI is styled with Bootstrap

.

Getting started

Get the “Assignment 2 base project” from the course’s My.Seneca/Blackboard ‘assignments’ storage area.

Then, study the base project, to learn what’s been implemented already:

  • Security components, including identity management and authentication
  • User account creation (aka ‘register’), which ensures that
  • Initial data load for Employee (from CSV) and OU (programmatically done)
  • A selection of ‘administrator’ functions and features, including the ability for the administrator to configure a ‘Manager’ role claim for a user

.

Updated Register method in the Account controller, April 3, at 3:00pm

The Register method in the Account controller was fixed. It had two problems: 1) It would not tell you if your password was invalid, instead, it simply threw an error. 2) It would not tell you if the user account already existed, instead, it simply threw an error.

If you want to update your Account controller’s Register method, use this guidance:

.

OLD version, near the beginning of the method:

public async Task<ActionResult> Register(RegisterViewModel model)
{
    if (ModelState.IsValid)
    {
        // Verify that the user is an Employee...
        var m = new Manager();

        if (m.IsNewUserAnEmployee(model.Email))
        {
            // Attempt to register the user...

.

UPDATED version, near the beginning of the method:

public async Task<ActionResult> Register(RegisterViewModel model)
{
    // Get a reference to the manager object
    var m = new Manager();

    if (ModelState.IsValid)
    {
        // Verify that the user is an Employee...
        if (m.IsNewUserAnEmployee(model.Email))
        {
            // Attempt to register the user...

.

OLD version, near the end of the method:

// If we got this far, something failed, redisplay form

AutoMapper.Mapper.CreateMap<RegisterViewModel, RegisterViewModelForm>();

var registerForm = AutoMapper.Mapper.Map<RegisterViewModelForm>(model);

return View(registerForm);

.

UPDATED version, near the end of the method:

// If we got this far, something failed, so redisplay the form

AutoMapper.Mapper.CreateMap<RegisterViewModel, RegisterViewModelForm>();

// Create and configure a 'register' form
var registerForm = AutoMapper.Mapper.Map<RegisterViewModelForm>(model);
var ous = m.GetAllOUs();
// Notice the constructor uses the currently-selected OU from the model
registerForm.OUList = new SelectList(ous, "OUName", "OUName", model.OU);

return View(registerForm);

.

Your professor has created a sample solution. It is online, here:

http://bti420.azurewebsites.net/assign2

Admin-level credentials are as follows:

Email (user name, login name): notesadmin@example.com

Password: Password123!

You will not be able to change the password for this account.

.

Planning YOUR work

Add the ability for an Employee user to see details about their Employee object.

Add the ability for an Employee user to see a list of Notes they have created. Therefore:

  • An Employee can create (author) a new note
  • An Employee can view the details of a note on a separate view

.

Design model

Already done. Includes design model classes for Employee, Note, and OU (‘organizational unit’).

The Employee class describes an ’employee’ entity.

It has an optional to-one relationship with itself, for a property named Manager. It also has a to-many relationship with itself, for a property named DirectReports.

In addition, Employee is logically linked to the ApplicationUser class, with a string property named “IdentityUserId” that represents the unique identity of the ApplicationUser class.

Is this good enough? Yes.

Read the March 26 & March 30 notes to learn how ASP.NET Identity defines, configures, and uses identifiers.

.

The Note class describes a ‘note’ entity. An employee object can have zero or more note objects in a collection. An individual note object MUST be associated with an employee object.

The OU class (‘organizational unit’) describes an ‘organizational unit’ entity. In some organizations, these are named ‘departments’, or ‘divisions’. In our academic environment, these can be named ‘school’, ‘faculty’, or ‘department’. The terms vary.

The OU class will be used simply as a lookup table, to get the OU name. Therefore, it is NOT associated (using navigation properties) with the other classes.

The following is a class diagram that will guide your design. Click to open full-size in its own tab/window.

 

DesignModelClasses

.

Data for the app

Employee data was generated using Mockaroo.com, and saved as a comma-separated values file. The data is at the bottom of this document (scroll down to view the data).

Study the Configure class in the base project. You will see that it loads the data into your app, using the technique you recently learned.

The Configure class also creates eight (8) organizational unit values. If you do not like these values, you can use any kind of organization as a model, including academic (e.g. School of ICT, School of Business, Finance, IT Services, etc.), business (Sales, Manufacturing, Human Resources, etc.), or anything else that interests you in business, entertainment, or anywhere else in human society.

.

Security considerations

The app’s home page will be open to anonymous users. Obviously, the ‘register’ and ‘login’ pages will also be open.

However, other features of the app require authentication.

Your app supports a number of ‘roles’ (implemented as ‘role claims’):

  • Administrator
  • Manager
  • Employee

.

An employee must register as a user

The ‘create an account’ (aka ‘register’) functionality will be successful ONLY for employees. Study the code to learn how this happens.

Passwords must be at least 6 characters long, and must have one or more characters from these categories:

  • upper-case letter (A-Z)
  • lower-case letter (a-z)
  • number (0-9)
  • non-alphanumeric (e.g. !@#$%& etc.)

Notice that the admin user’s password is Password123!, which satisfies the rules.

.

Tasks for Administrator

The app should have only one administrator. This user is programmatically created when the app loads for the first time. Study the Configuration class.

The following functionality has already been coded:

The administrator will be able to view a list of employees.

An administrator can NOT view notes made by other managers or employees.

An administrator will be able to configure an employee as a ‘manager’.

Note: You will have to fix something in the Admin controller…

The ConfigureUserAsManager POST method needs a Route attribute added. It should look like this:

[HttpPost]
[ValidateAntiForgeryToken]
[Route("admin/configure/{username}/asmanager")]
public ActionResult ConfigureUserAsManager(string username, ApplicationUserEdit newItem)
{
    if (ModelState.IsValid & username == newItem.UserName)
    {

.

Tasks for Manager

A manager is an employee with one or more items in its DirectReports collection.

A manager will be able to select employees as DirectReports. Also, a manager can view a list of their employees. Your ‘manager’ class will need methods that ensure that the right employees are selected and returned.

A manager can NOT view notes made by other managers or employees.

.

Tasks for Employee

An employee can view their Employee object details.

An employee will be able to view a list of their notes.

An employee can create, edit, and delete a note.

The note’s body text – the NoteText property – must be rich text.

As you would expect, an employee will not be able to view notes made by other employees.

.

Other tasks

As noted above, all user interface elements must be styled with Bootstrap.

Your app must use a theme that’s different from the default project template theme.

.

Publish your web app to Microsoft Azure

Your web app should be regularly published to Microsoft Azure. Its website name should be in the following format, where “username” is your Seneca user name:

username-bti420-assign2.azurewebsites.net

.

Submit your work on My.Seneca/Blackboard

The instructions are similar to those from Lab 1. Here’s a brief version:

1. Make a copy of your work, and remove the packages, bin, and obj folders.

2. Create a compressed (zip) version of your solution’s folder.

3. Login to My.Seneca/Blackboard

4. Navigate to the BTI420 Assignments area, and use the link to upload/submit your work

.

.

.

.

.

Design model classes, pay attention to the default constructor

DbSet properties

Manager – add support for UserManager tasks

  • property for UserManager; call out null coalescing operator
  • IsNewUserAnEmployee
  • IsAdministrator
  • IsManager
  • IsUserAManager
  • ConfigureUserAsManager
  • GetAllUsers
  • GetUserByUserName

Manager methods…

  • load OUs
  • return collection of OU objects
  • load Employees
  • employee lookup, returns bool

Decide what to seed in a new data store…

  • create initial admin user
  • load OUs (programmatically created)
  • load Employees (from CSV)

Customize security for this app… a new user account must be an employee, and must select their OU

  • AccountController > Register (GET) method… do not need to config and send a list of roles, however, you DO need to config and send a list of OU strings
  • AccountViewModels… continuing from above, remove the RolesList property, add the OUList property
  • Views > Account > replace the multi-select Roles element with a single-select OUs element
  • AccountController > Register (POST) method… employee lookup, if yes, proceed; if no, create error msg

Admin controller (only for admin)

  • user account list;
  • Also, admin can add a ‘manager’ role claim to a user account

OUs controller and view models – display a list, only to the admin (authorize)

Employees controller and view models…

  • List of all employees, only for admin user (authorize attribute)
  • Details, showing manager (if configured), and ‘direct reports’
  • Edit, for manager only, who can add ‘direct reports’ employees
  • An employee can view a list of their notes, and create a new note
  • Optional – edit a note

.

.

.

.

.

Employees data

Copy-paste the following data to a plain text file in your project’s App_Data folder.

Then, import the data using the CsvHelper library.

.

BirthDate,FamilyName,GivenNames,HireDate,IdentityUserId
1987-08-06,Holmes,Rebecca,2009-12-29,rholmes0@elegantthemes.com
1991-09-04,Tucker,Harold,2014-02-05,htucker1@dailymail.co.uk
1979-10-21,Barnes,Lois,2009-11-27,lbarnes2@smh.com.au
1987-04-17,Perry,Cynthia,2011-05-02,cperry3@jigsy.com
1980-08-23,Hawkins,Kathleen,2011-02-28,khawkins4@google.com.au
1978-01-06,Duncan,Kelly,2012-05-21,kduncan5@geocities.com
1994-01-07,Meyer,Dorothy,2010-11-27,dmeyer6@harvard.edu
1986-12-23,Foster,Howard,2009-06-14,hfoster7@so-net.ne.jp
1980-06-15,Bradley,Anthony,2012-05-06,abradley8@so-net.ne.jp
1987-05-12,Gutierrez,Dennis,2010-06-01,dgutierrez9@apache.org
1981-09-05,Chavez,Nicholas,2011-03-14,nchaveza@seesaa.net
1994-10-23,Price,Marie,2010-12-19,mpriceb@yale.edu
1980-12-12,Baker,Stephanie,2012-11-27,sbakerc@free.fr
1985-03-05,Diaz,Douglas,2013-04-01,ddiazd@wufoo.com
1978-07-21,Lane,Irene,2010-07-10,ilanee@goo.gl
1991-02-25,Burke,Robert,2009-09-08,rburkef@symantec.com
1989-09-03,Fuller,Frances,2011-09-07,ffullerg@paypal.com
1985-09-10,Garcia,Eugene,2009-08-10,egarciah@trellian.com
1993-04-19,Ellis,Ernest,2010-05-28,eellisi@dmoz.org
1976-10-05,Cruz,Christina,2010-02-14,ccruzj@google.es
1977-09-02,Mason,Sarah,2011-11-27,smasonk@bluehost.com
1991-07-14,Hanson,Randy,2010-03-10,rhansonl@a8.net
1991-11-04,Reynolds,Rebecca,2013-06-03,rreynoldsm@buzzfeed.com
1976-09-03,Hansen,Lawrence,2011-05-30,lhansenn@ebay.com
1994-06-26,Nguyen,Amanda,2013-02-09,anguyeno@sina.com.cn
1986-11-29,Matthews,Linda,2011-01-06,lmatthewsp@pcworld.com
1985-10-11,Gardner,Ruby,2010-04-01,rgardnerq@cbslocal.com
1983-12-09,Fisher,Janet,2009-08-30,jfisherr@paypal.com
1990-08-04,Stewart,Michael,2011-03-28,mstewarts@facebook.com
1987-06-20,Hunt,Lois,2012-02-04,lhuntt@deviantart.com
1985-09-03,Palmer,Janet,2013-06-21,jpalmeru@privacy.gov.au
1986-12-16,Mccoy,Jacqueline,2011-02-17,jmccoyv@lulu.com
1992-06-06,Simmons,Paul,2010-06-23,psimmonsw@instagram.com
1979-11-19,Ellis,Ruth,2010-09-07,rellisx@indiatimes.com
1980-09-19,Williams,Christine,2014-01-19,cwilliamsy@google.fr
1990-12-21,Hayes,Charles,2011-03-18,chayesz@usatoday.com
1987-04-14,Harper,Andrea,2011-04-07,aharper10@spiegel.de
1983-09-08,Willis,Harold,2009-10-05,hwillis11@google.nl
1992-07-05,Morgan,Diane,2009-04-08,dmorgan12@example.com
1994-12-12,Young,Debra,2009-07-04,dyoung13@merriam-webster.com
1994-05-16,Bennett,Ruby,2009-04-03,rbennett14@hc360.com
1994-02-21,Rivera,Eugene,2010-11-01,erivera15@mac.com
1979-04-24,Oliver,Jason,2011-03-03,joliver16@comcast.net
1987-10-20,Green,Antonio,2012-08-17,agreen17@nymag.com
1983-12-09,Willis,Norma,2010-10-22,nwillis18@digg.com
1982-02-25,Ross,Nancy,2011-07-17,nross19@omniture.com
1991-07-25,Adams,Stephanie,2009-10-23,sadams1a@newyorker.com
1976-08-26,Ramos,Wayne,2013-11-26,wramos1b@clickbank.net
1987-06-17,James,Margaret,2013-12-04,mjames1c@usgs.gov
1985-08-01,Peters,Larry,2011-02-25,lpeters1d@last.fm
1987-04-19,Elliott,Juan,2011-12-05,jelliott1e@dion.ne.jp
1977-03-10,Mendoza,Terry,2011-10-10,tmendoza1f@examiner.com
1980-10-08,Alvarez,Louise,2009-09-27,lalvarez1g@marriott.com
1993-05-12,Bailey,Karen,2012-06-13,kbailey1h@baidu.com
1979-01-15,Payne,Alan,2013-12-21,apayne1i@posterous.com
1986-10-20,Murray,Donald,2009-05-14,dmurray1j@prnewswire.com
1988-09-18,Henderson,Jessica,2009-04-05,jhenderson1k@mapy.cz
1983-03-19,Martinez,Ruth,2009-07-19,rmartinez1l@4shared.com
1977-07-11,Thompson,Anna,2010-03-17,athompson1m@rambler.ru
1978-08-28,Kelley,Steve,2011-09-12,skelley1n@infoseek.co.jp
1986-07-29,Reid,Keith,2012-03-06,kreid1o@psu.edu
1977-04-09,Hunter,Irene,2012-04-27,ihunter1p@ocn.ne.jp
1988-07-12,Scott,Marie,2010-06-15,mscott1q@hc360.com
1982-04-06,Mendoza,Karen,2011-08-29,kmendoza1r@tumblr.com
1979-02-14,Rice,Nicholas,2012-08-17,nrice1s@diigo.com
1989-10-12,Rose,Alice,2009-09-08,arose1t@craigslist.org
1978-01-29,Bishop,Paula,2011-04-11,pbishop1u@howstuffworks.com
1979-11-26,White,George,2009-04-25,gwhite1v@mayoclinic.com
1993-04-05,Walker,Tammy,2009-06-03,twalker1w@bloglovin.com
1982-07-19,Garza,Anne,2009-08-01,agarza1x@ameblo.jp
1982-02-09,Powell,Timothy,2012-12-23,tpowell1y@bandcamp.com
1994-11-14,Myers,Beverly,2014-03-21,bmyers1z@chicagotribune.com
1986-05-09,Fernandez,Philip,2011-01-28,pfernandez20@unblog.fr
1985-07-03,Hicks,Todd,2011-01-03,thicks21@miibeian.gov.cn
1992-05-30,Peterson,George,2011-06-16,gpeterson22@weebly.com
1982-05-29,Garcia,David,2010-07-22,dgarcia23@bigcartel.com
1978-11-20,Jones,Roger,2011-06-13,rjones24@cnn.com
1979-04-04,Woods,Charles,2009-06-16,cwoods25@whitehouse.gov
1985-07-21,Riley,Helen,2012-08-17,hriley26@topsy.com
1981-06-27,Richards,Sara,2011-09-30,srichards27@jigsy.com
1985-05-03,Scott,Lois,2013-10-26,lscott28@github.io
1983-10-29,Cruz,Christopher,2011-03-02,ccruz29@dion.ne.jp
1994-05-05,Sims,Louis,2010-04-18,lsims2a@taobao.com
1978-05-13,Porter,Linda,2013-04-21,lporter2b@hubpages.com
1978-09-25,Burton,Joe,2011-05-04,jburton2c@tinypic.com
1989-06-12,Fowler,Frances,2009-09-11,ffowler2d@cdc.gov
1990-01-17,Long,Lois,2013-10-15,llong2e@fda.gov
1993-01-07,Stephens,Thomas,2010-02-25,tstephens2f@patch.com
1978-01-01,Spencer,Lori,2013-06-02,lspencer2g@statcounter.com
1987-03-18,Pierce,Wayne,2009-04-23,wpierce2h@mayoclinic.com
1988-01-15,Flores,Stephanie,2010-04-11,sflores2i@netlog.com
1978-05-21,Henry,Raymond,2010-04-06,rhenry2j@dailymotion.com
1986-04-16,Simpson,Robert,2011-04-14,rsimpson2k@nationalgeographic.com
1989-06-20,Marshall,Heather,2012-03-19,hmarshall2l@aol.com
1982-06-04,Morrison,Susan,2011-05-31,smorrison2m@shareasale.com
1995-03-07,Richards,Russell,2013-07-01,rrichards2n@msn.com
1988-09-28,Cox,Patrick,2009-11-26,pcox2o@wikia.com
1994-06-03,Lee,Fred,2010-12-20,flee2p@comsenz.com
1991-04-19,Medina,Stephanie,2012-09-16,smedina2q@stumbleupon.com
1987-06-30,Little,John,2014-03-05,jlittle2r@google.nl

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

.

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: