DPS907 programming assignment – specifications 2

DPS907 programming assignment specifications, document 2, for the November 15 due date.


Link to the assignment overview document.

Link to the specifications document 1.


Due date, November 15, 2013, at 1:30pm ET

The overview document asked you to complete the following by November 15, 2013, at 1:30pm ET:

Course entity support, includes:

  • view model classes
  • repository
  • controller (for get, post, put, delete)

Deployed on an Azure web site


Security infrastructure

Your web service will use the professor’s OAuth infrastructure web app to issue and validate access tokens.

Anonymous users will be able to send ‘get-all’ and ‘get-one’ requests for the Course entity.

Users in the “Faculty” role will be able to add (POST) and update (PUT) a Course object.

Users in the “Student” role will be able to update (PUT) their own Student object, most notably the ability to modify the Courses property/collection.

If you are using a “Student” access token, you must be able to update your own Student object. You must NOT be able to update someone else’s Student object. That’s what the check/match is for. It was in the ‘get-one’ method, but you must do that check in the ‘update-existing’ method (that responds to HTTP PUT).

So, in the situation where you are allowed to ‘update-existing’ to your own Student object, the check/match will ensure that you can. So, for example, you may want to add a specific “Course” to a Student object’s collection of Courses.

You should probably do that as a ‘command’. Remember these notes and task:

https://petermcintyre.com/dps907/notes/oct11/ – Handling ‘commands’ in a web service

https://petermcintyre.com/dps907/graded-work/lab3/ – more how-to info


Expectations for work quality

Follow best practices.

Your app’s design must conform to the System Design Guidance diagram, and the web service must be hypermedia-driven.










  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: