Homework 7
CS520, Spring 2012
Due: Friday, June 8
Package all the source files of your project into a zip file as you did in Homework
1, and
upload the zip file to CSNS.
Note that file
uploading will be disabled automatically after 11:59PM
of the due date, so please turn in your work on time.
[Class websites for CSNS2]
Continue to work on Class Websites
for CSNS2
and
implement the following functions. This assignment builds on
top of your work in the previous assignments, so make
sure that all the functions
from
the previous assignments work properly; otherwise you will not receive
any credit.
1. Security (40pt)
Use the tools provided by
Spring Security to implement the following security measures:
- Class websites (including all the items associated with them) can be
viewed by everyone.
- A class website can only be created/edited by an instructor of
the class. Note that editing a class website includes operations
such as posting announcements, adding blocks, and adding/editing items.
- The user interface should hide certain operations from the users
who do not have the privilege to perform those operations. In
particular,
- if a user tries to access a class website that does not exist,
the application should only prompt the user to create the website if
the user is an instructor of the class; for other users, simply display
a message that says the website does not exist.
- Links and/or buttons to add/edit announcements, blocks, and
items should be hidden from the users who are not an instructor of the
class.
For this exercise, please describe all the security
measures you have implemented and how you implemented them in a text file hw7.txt,
and submit the file together with the project zip file.
3. Extra Credit
- (+40pt) Reorder items in a block using Ajax Drag & Drop.
Note that "Ajax" means not only the display order is changed on the
client side, the new order must be saved on the server side as well.
- (Up to +30pt) Good UI for class website management overall (i.e. not
just for the features in this assignment).
[About Submission and Grading]
Before submitting your work, commit all the changes to your
Subversion repository and
create a tag.
To test your project, we will use the following SQL scripts in
your zip file to create, populate, and then clear the database:
- src/main/scripts/csns-create.sql
- src/main/scripts/csns-insert.sql
- src/main/scripts/csns-test-insert.sql
- src/main/scripts/csns-drop.sql
Please make sure that these scripts are up to date and can be
run
in their
entirety without any errors.