Spring 2018
.NET Web Application Development
Final Project
Rev 1.0
This document contains instructions for the final project. Deadlines:
• The Entity Framework data model and business logic are due Wednesday, April 18, 2018 at 11:55 PM.
Submission is mandatory and all parts must be submitted.
• Because there is no class on April 16, groups are welcome to use the classroom and the class period to
meet and work on this assignment. No interaction between groups is permitted.
• A group status report is due Wednesday, April 25, 2018. Details will be forthcoming.
• Each group will present their project to the class on May 7, 2018, as it exists at the time. The project is
expected to be functional and mostly complete by this date. The completed project is due for grading
on Friday, May 11, 2018.
• Should it become necessary to issue subsequent revisions of this document, revision numbers are identified
at the top of the document, beginning with revision 1.0. Should later revisions become necessary,
the main intent shall be to refine and clarify the initial requirements, but not to change or materially
expand the requirements. If additional revisions are released, they will be announced on the NYU
Classes course web site (and also via email).
1 Group Project
These requirements specify the absolute minimum functionality required to be present, functional, and well-designed, for the purposes of grading. However, the requirements are not exhaustive and not intended to be exhaustive. The group is expected to make reasonable choices within the scope of the requirements below, and use common sense and good judgment in determining what other features should be included over and above the minimum requirements.
Although the group will be working together as a single unit, each person is individually responsible
for contributing meaningfully to the project. Each student’s contribution will be ascertained for grading
purposes through feedback from other group members as well as through version control inspection.
With respect to grading of the final project submission, emphasis will be placed largely on web site
functionality, good design, and operational correctness, rather than appearance and performance. Groups
should be mindful of obvious security considerations, and should be taking measures to avoid at least the
XSS and CSFR attacks, discussed in class.
关于最终项目提交的重点将主要放在网站上功能性,良好的设计和操作的正确性,而不是外观和性能。
应该注意明显的安全考虑,并且应该采取措施来避免至少XSS和CSFR攻击。
2 Bitbucket
Your group’s first task is to create a Git repository in Bitbucket. This will serve as your group’s repository
for the remainder of the course.
To do this, each member of the group should first create an account at bitbucket.org. Although
not required, I strongly recommend that each member of the group practice creating a repository in their
Bitbucket accounts, and also practice creating projects in Visual Studio, linking them to the repository,
and using the repository to commit code. This practice exercise should be undertaken before making any
commits to the official group repository, described below.
The group leader should create a team consisting of the group members, then create a private repository
owned by the team. This will serve as the group’s “official” repository for the purposes of the course project
and grading. Only commits relating to official group work (including the later parts of this assignment)
should be made to this repository. This should not be used as a test or practice repository. All members
of the group are individually responsible for understanding how basic Git version control works prior to
collaborating with the official group repository.
Once the official group repository has been created, the group leader should add all members of the
group to the project with “Write” access. Additionally, “Read” access should be given to user praneethy91.
The group leader should then submit the URL of the group’s official repository as part of the final project
submission. This URL can be obtained from the repository’s home page in Bitbucket.
第一项任务是在Bitbucket中创建一个Git存储库。这将作为组的存储库。
在课程的其余部分。要做到这一点,小组的每个成员应该先在bitbucket.org上创建一个帐户。强烈建议该小组的每个成员在他们的实践中创建一个存储库, Bitbucket帐户,并在Visual Studio中练习创建项目,将它们链接到存储库,并使用存储库来提交代码。这个练习应该在做任何练习之前进行。提交official group repository。
official group repository 只有commits与官方小组工作有关的。这不应该用作测试或练习库。所有成员
分别负责理解基本Git版本控制在之前的工作原理与官方集团存储库合作。一旦创建官方组织存储库,组长应该添加该组的所有成员通过“写入”访问将其分配给项目。此外,应该给用户praneethy91“读取”权限。然后,小组负责人应提交该组官方存储库的URL作为最终项目的一部分
提交。该URL可以从Bitbucket中的存储库主页获得。
2.1 Project Requirements
Craigslist (www.craigslist.org) is a web site that allows users to post items and services for sale. It is
particularly notable for its simplistic user interface. The final project will be to create a web site in the same
spirit as Craigslist.
The system will be comprised of the following core components:
- There will be 3 main user roles: admin, user, and anonymous. The first two roles require an account
on the system. Anonymous users are those who use the web site without logging in. The user role
allows one to create, modify, and delete posts, read other people’s posts, and respond to posts. The
anonymous role can read posts, but cannot create or respond to them.
The admin role is is for web site administrators to set up and configure the web site, but can also
access all of the same functions as the user role.- A post is a single listing for an item or service. From the standpoint of data modeling, a post must have at least a unique identifier,timestamp, expiration, owner, title, body, location, type, and picture(4-person groups only).
该系统将由以下核心组件组成:
- 3个主要用户角色:管理员,用户和匿名。 admin, user, and anonymous
- 前两个角色需要一个帐户在系统上
- 匿名用户是那些没有登录就使用该网站的用户。
- 用户角色允许创建,修改和删除帖子,阅读其他人的帖子并回复帖子。
- 匿名角色可以阅读帖子,但无法创建或回复他们。
- 管理员角色是为网站管理员设置和配置网站,但也可以访问所有与用户角色相同的功能。
- 帖子是一个项目或服务的单一列表。
- 从数据建模的角度来看,一个职位必须至少有一个唯一的标识符,时间戳,到期时间,所有者,标题,正文,位置,类型和图片(仅限4人组)。
Post Table | Definition | 属性 |
---|---|---|
timestamp | date and time: should we save two? modified and create? | Datetime |
expiration | date and time on post will expire | Datetime(过期时间) |
owner | owner who created the post | string (这个是PK 和 FK吗) |
title | a short description | string |
body | a longer detailed description | 有什么长文本的数据结构? |
location | multivalue | area and locale, state and city, 多值的数据 |
– A timestamp is the date and time that the post was created or last modified.
– An expiration is the date and time on which the post will expire. Your site can decide when this
is (e.g. 5 days from the creation of the post).
– An owner is the user who created the post.
– A title is a short description of the thing being advertised.
– A body is a longer detailed description of the thing being advertised.
– A location is broken into area and locale. Area describes a large geographical region (e.g., state),
whereas locale describes a specific location within the area (e.g., city or county)1.
On the real Craiglist, the area is determined from the subdomain. For example, newyork.craigslist.org refers to the New York area. Only locales are shown on the screen. In this solution, both area and locale will be shown on the screen, since we have not discussed subdomains.
在真正的Craiglist中,该区域由子域确定。例如,newyork.craigslist.org引用NY地区。屏幕上仅显示语言环境。在这个解决方案中,区域和区域设置将显示在屏幕上,因为我们 没有讨论过子域名。
Since RESTful designs will likely show locations as part of the URL, it is advisable for locations
to have a shorter URL-friendly slug. For example, a hypothetical area “New York” might have
the slug “new-york.” The slug can be entered manually when the location is created, or generated
automatically. Be mindful of the legal characters for URLs when validating or generating URLs.
由于REST风格的设计可能会将位置显示为网址的一部分,因此建议您选择位置
有一个更短的URL友好的slug。 当创建位置或生成位置时,可以手动输入段塞 自动。在验证或生成URL时请注意URL的合法字符。
– A type is broken down into category and subcategory. Categories are named groupings of related
subcategories. Categories might include housing, jobs, or services. The “housing” category, for
example, might have the following subcategories: houses, apartments, offices, or vacation rentals.
See the real Craigslist site for further examples. The same advice above regarding slugs also apply
to post types.
- type 被分解成类别和子类别。类别被命名为相关的分组子类别。类别可能包括住房,工作或服务。 “住房”类别
- 有以下子类别:房屋,公寓,办公室或度假租赁。
- 查看真实的Craigslist网站以获取更多示例。以上关于slu same的建议也适用发布类型。
– Note: types should exist independently of locations. That is, in the object-oriented sense, types
don’t “have” locations and locations don’t “have” types.
– Groups of 4 only: the user should optionally be able to upload and store a single picture as part
of the post.
• The home page of the web site should be accessible to all user roles and have the following functionality:
– All categories and subcategories currently in the system must be shown on the page, unless hidden
(more on hiding later). For each category shown, the list of all non-hidden subcategories should
be grouped beneath it. All categories and subcategories must hyperlink to the categories screen,
discussed below. The posts themselves should not appear on the home page.
- 主页应该可供所有角色访问,并具有以下功能:
- 系统中的所有类别和子类别必须显示在页面上,除非隐藏(稍后更多)
- 对于显示的每个类别,都应该包含所有非隐藏子类别的列表在下面分组。
- 所有类别和子类别都必须超链接到类别屏幕,
- 帖子本身不应出现在主页上。
The user should be able to select a location (both area and locale) that corresponds to where
they want to search for posts. The site must prominently identify the currently selected location,
preferably near the top of the page. The selection mechanism should show the areas and locales
in alphabetical order. The user should be able to select either an entire area or one specific locale
within a specified area. Selecting a location will not directly effect what is shown on the home
page. However, if the user clicks any category or subcategory on the home page (to go to the
categories screen), the posts shown on these screens should be restricted to only those posts within
the location selected on the home page.
用户应该能够选择与哪个位置相对应的位置(区域和区域设置),想要搜索帖子。
搜索结果必须显著识别当前选定的位置,最好在页面的顶部显示。
选择机制应该显示区域和区域设置按字母顺序排列。用户应该能够选择整个区域或一个特定的区域
在指定的区域内。选择一个位置不会直接影响家中显示的内容
页。但是,如果用户单击主页上的任何类别或子类别(要转到 类别屏幕)中,这些屏幕上显示的帖子应该仅限于其中的帖子 在主页上选择的位置。
The web site can set the **“default” location to an arbitrary area and/or locale (e.g. first one in
each list.) For extra credit: your site should attempt to infer the user’s location based on the IP
address of the HTTP request and auto-select the area or locale, to the extent it is possible. See
this site for ideas about geolocation services. If the location reported by the geolocation service
does not correspond to any area or locale, then the site may fall back to the default functionality
described above. If you implement this feature, you must ensure that it works on at least some of
the locations in your database. Your project submission should document these tests by indicating
the IP address(es) and corresponding locations you tested. It is okay to put this information in
source code comments near any calls to the geolocation service.
网站可以将“默认”位置设置为任意区域和/或区域设置(例如,每个列表)。
加分:您的站点应尝试根据IP推断用户的位置HTTP请求的地址,并尽可能自动选择区域或区域设置。看到本网站提供关于地理定位服务的想法。如果地理位置服务报告的位置
不对应任何区域或区域设置,则网站可能会回退到默认功能
如上所述。如果您实施此功能,则必须确保它至少可以在某些情况下运行
数据库中的位置。您的项目提交应通过指示来记录这些测试
您测试的IP地址和相应位置。把这些信息放进去是可以的
任何对地理位置服务的调用附近的源代码注释。
– There should exist a search bar that allows the user to search posts for the presence of all keywords,
in any order. The title and description properties of each post should be considered for the
purposes of searching. A button to the right of the search bar should execute the search and take the user to the search results page, discussed below. The selected location on the home page must
be transmitted to the search results page.
应该存在一个搜索栏,允许用户搜索帖子中是否存在所有关键字,以任何顺序。每个帖子的标题和描述属性应该被考虑搜索的目的。
搜索栏右侧的按钮应该执行搜索,并将用户带到搜索结果页面。
主页上的选定位置必须被传送到搜索结果页面。
– If the user is logged in (admin, user), links or buttons must exist for the following:
∗ Creating a new post. The selected location information from the home page must be transmitted
to the create post page (discussed below) so that the location input fields are pre-populated
with the selected location. The user should be able to change the selections. If the user comes
directly to the page or the location is not transmitted to the page for any reason, the user
needs to select the location manually.
∗ Viewing existing posts. This should take the user to the list posts screen, discussed below.
∗ Viewing the inbox. See the inbox screen below for more details.
If the user is not logged in, there should exist some kind of messaging indicating that the user
can log in to create posts.
如果用户已登录(管理员,用户),则以下链接或按钮必须存在:
- 创建一个新帖子
1.1 必须传输来自homepage 的选定位置参数 到创建帖子页面(在下面讨论),
1.2 位置输入field 被预先填充,选定的位置。
1.3 用户应该能够改变选择。如果用户直接到达这个页面或位置传输不成功,需要手动选择位置。 - *查看现有的帖子。这应该将用户带到列表文章屏幕,下面讨论。
- *查看收件箱。查看下面的收件箱屏幕了解更多详情。
- 如果用户未登录,则应该存在某种指示用户的消息可以登录,以便创建帖子。
The list posts screen allows a logged in user to see a list of their own unexpired and expired posts,
either separately or in one list. This screen requires authorization. From this screen, a user should
be able to create, modify, or delete active posts. Expired posts can only be viewed, but not modified
or deleted. Posts should not be shown as expired if they were deleted before they expired. Creating
posts should lead to the create post screen, discussed below. Modification is discussed below. Deleting
a post should lead to a delete confirmation screen (not discussed here). The posts on the screen must
be paginated.
post列表 屏幕允许登录用户查看他们自己的未过期和过期post
1.1无论是单独还是在一个总列表中。
1.2 此页需要授权。
1.3 在这个屏幕上,用户应该能够创建,修改或删除 还存在的帖子。
1.4 过期的帖子只能被查看,但不能修改或删除。
1.5 如果帖子在过期前被删除,帖子不应该显示为过期。创建帖子应该引导到创建帖子屏幕,下面讨论。
下面讨论修改。
删除一个帖子应该导致一个删除确认屏幕(这里不讨论)。
屏幕上的帖子必须 分页。
• The create post screen allows admin or user to create a new post. This screen requires authorization.
It must solicit all of the fields described above except the unique identifier and date/time. The unique
identifier must be computed internally, the owner must be inferred from the current login, and date/time
field must be set to the date and time of the post. The expiration should be computed based on the
date and time of the post creation. All other fields are entered by the user and are required.
- 创建帖子页面允许管理员或用户创建新帖子。
1.1 此页需要授权。
1.2 除唯一标识符和日期/时间外,它必须请求上述所有fields。
1.3 独特的标识符必须在内部计算identifier must be computed internally
1.4 所有者必须从当前登录和日期/时间中推断出来 ??
1.5 字段必须设置为帖子的日期和时间。
1.6 到期时间应该根据创建后的日期和时间。所有其他字段由用户输入并且是必需的。
• The modify post screen is similar to create post, except that the user can edit an existing post. The
screen should not allow deleted or expired posts to be modified. The owner, and unique identifier must
remain the same, but the time stamp should be updated to reflect the time of the modification. Owner,
expiration, and unique identifier should be shown on the screen, but cannot be editable and must be
ignored when posted back to the server. The time stamp should not be shown on the screen and it
too must be ignored by the server. Not ignoring these fields could result in an over-posting attack. I
suggest familiarizing yourself with over-posting attacks, what they are, and how to prevent them. See
the [Bind] annotation for ideas.
- 修改帖子screen 与创建帖子类似,只不过用户可以编辑现有帖子。
- 该Screen不应允许对删除或过期的帖子进行修改。
- The owner, and unique identifier
- 但时间戳应更新以反映修改时间。
- 所有者,到期时间和唯一标识符应显示在屏幕上,但不能编辑且必须是
在回发到服务器时被忽略。时间戳不应该显示在屏幕上
也必须被服务器忽略。不忽略这些字段可能会导致过度发布攻击。一世
建议您熟悉过度发布的攻击,它们是什么,以及如何防止它们。看到
想法的[绑定]注释。
• The categories screen shows posts for the selected type and location. If a category is specified without
a subcategory, then it should show all posts in the category (spanning all subcategories). If a category
and subcategory are specified, only posts within the category and subcategory should be shown. Posts
should further be filtered by location in a similar way: if an area is specified without a locale, all posts
for the area (spanning all locales) should be shown. If both an area and locale are specified, then only
posts that were created within the area and locale should be shown. To be clear, posts must pass
through both the location and type filters above in order to be shown on this screen.
– This screen is viewable by all three roles.
– The screen must be paginated.
– The page must receive information concerning at least the category, subcategory (optional), area,
and locale (optional) as input. The location and post types must be shown on the screen and
must be selectable so that the user can change the location or post types they wish to see when
on the page. Any received information must be used to pre-select the location or post type.
- categories screen显示所选类型和位置的帖子。
- 如果category没有指定subcategory子类别,那么它应该显示类别中的所有帖子show all posts(跨越所有子类别)。
- 如果一个类别和子类别都是指定的category and subcategory are specified,只应显示类别和子类别内的帖子。
- 帖子应该按照类似的方式进一步按位置进行过滤:如果区域没有指定区域,则指定所有帖子应该显示该区域(跨越所有区域设置)。
- 如果指定了区域和区域设置,则仅限于区域和区域设置应显示在区域和区域设置内创建的帖子。要明确,帖子必须通过 通过上面的位置和类型过滤器来显示在屏幕上。
- 这个屏幕可以被所有三个角色查看。
- 屏幕必须paginated。
- 页面必须至少接收有关类别,子类别(可选),区域,和locale(可选)作为输入。位置和帖子类型必须显示在屏幕上必须是可选择的,以便用户可以改变他们想看什么时候的位置或发布类型
在页面上。任何收到的信息都必须用于预先选择地点或信息类型。
– For 3-person groups: must have a list view of posts. This is a text-based list (with hyperlinks)
of posts that, when clicked, take the user to the view post screen (discussed below). Pictures
are not shown in the list view. For 4-person groups, the user should be able to select between
the just-described list view or a second gallery view. The gallery view should show both the
picture and title of each post, organized 3 posts per row. Pictures should be shown at a uniform
size—consider implementing a filter for this purpose.
– For the admin and user roles only, this screen must hyperlink to a response screen where the user
can respond to a post.
- 对于3人组:必须有帖子的列表视图。这是一个基于文本的列表(带有超链接)
的帖子,点击后,将用户带到查看帖子屏幕(如下所述)。图片
不会在列表视图中显示。对于4人组,用户应该能够在两者之间进行选择
刚刚描述的列表视图或第二个图库视图。画廊视图应该显示两者
图片和每篇文章的标题,每行组织3篇文章。图片应以统一显示
大小 - 考虑为此实现一个过滤器。 - 仅限管理员和用户角色,此屏幕必须超链接到用户所在的响应屏幕
可以回复帖子。 - 对于4人团体,管理员和用户必须允许任何人进入
管理员或用户角色来标记不适当的帖子。这可以像在某处单击链接一样简单
在发布。每次以这种方式标记帖子时,网站都应通过算法决定
如果帖子应该从网站中删除。 (例如,5个用户标记后)。如果算法
决定删除它,它不应该从这一点上显示,它也应该是
从发起者的帖子列表中删除。 - 帖子必须在上述两个视图中按照倒序时间顺序(最新的第一个)显示。
– For 4-person groups, the admin and user oles must allow for the ability for any person in the
admin or user role to flag inappropriate posts. This can be as simple as clicking a link somewhere
in the posting. Each time a post is flagged in this way, the web site should algorithmically decide
if the post should be removed from the site. (For example, after 5 users flag it). If the algorithm
decides to remove it, it should no longer be shown from that point on, and it should also be
removed from the originator’s list of posts.
– Posts must be shown in reverse chronological order (most recent first) in both views above.
• The response screen allows a person in the admin or user role to respond to a post. There should be a
separate This screen should include an ability to write a freeform message to the originator of the post
and send. There should be an ability to return back to the screen from which the user originated.
• The search results page can be reached from the home page. It should be the same as the categories
screen, except that it should also have a search bar at the top to execute additional searches, which
should direct the user back to the same screen. All of the same requirements of the categories screen
apply here too.
•响应屏幕允许管理员或用户角色的人员回复帖子。应该有一个
单独此屏幕应该包括向发布者的发起者写入自由形式消息的能力
并且寄出。应该有能力返回到用户始发的屏幕。
•可以从主页访问搜索结果页面。它应该与类别相同
屏幕上,除了它应该在顶部还有一个搜索栏来执行额外的搜索
应该引导用户回到同一个屏幕。类别屏幕的所有相同要求
也适用于此。
• The inbox screen allows a user to see responses to their posts. (Responses to posts are private communications
between the reader of the post and the originator of the post.) Responses to a post can
continue to exist, even if the post itself is removed. It is at each group’s discretion to decide if further
two-way communication should be allowed in an email-like manner. Extra credit will be rewarded if
the group decides to implement these expanded capabilities.
收件箱屏幕允许用户查看对帖子的回复。 (回复帖子是私人通信
在帖子的读者和帖子的发起者之间)。对帖子的回复可以
即使帖子本身已被删除,它仍然存在。每个小组都有权自行决定是否继续
应该以类似电子邮件的方式允许双向沟通。额外的信贷将被奖励
该小组决定实施这些扩展的功能。
• Users in the admin role must be able to perform the following activities in addition to everything
described above. We leave it to each group to decide what specific screens should be implemented, and
how:
– Change the role of any person in the user role to the admin role.
– List, add, modify, and hide categories and subcategories
– List, add, modify, and hide areas and locales
– List, add, modify, or delete posts for any user on the system
Hiding is similar to deleting, except that it isn’t removed from the database, but is rather hidden from
view so as to give users the impression that it were deleted from the database. It is okay to implement
“deleting” as hiding too if the group wishes.
The first user to be assigned an admin role can be done so using one of these two approaches:
– Use the convention that the very first user on the system is admin by default. Any other users in
the admin role must be set through the administration feature above.
– Manually set the role of the first admin directly in the database, rather than through the application.
Changes of additional users to the admin role must be possible through the web site,
however, and only by users in the admin role.
Your submission must document the username and password of at least one admin so that the admin
functionality can be tested. Please include a file CREDENTIALS.txt as part of your submission.
除了所有内容之外,管理角色中的用户还必须能够执行以下活动
如上所述。我们把它留给每个组来决定应该实现哪些特定的屏幕
怎么样:
- 将用户角色中任何人的角色更改为管理员角色。
- 列出,添加,修改和隐藏类别和子类别
- 列出,添加,修改和隐藏区域和区域设置
- 列出,添加,修改或删除系统上任何用户的帖子
隐藏与删除类似,只是它不会从数据库中删除,而是隐藏起来的
视图,以便给用户一个从数据库中删除的印象。可以实施
如果该组织希望,“删除”也隐藏起来。
可以使用以下两种方法之一完成要分配管理员角色的第一个用户: - 使用约定,默认情况下,系统上的第一个用户是admin。中的任何其他用户
管理员角色必须通过上面的管理功能进行设置。 - 直接在数据库中手动设置第一个管理员的角色,而不是通过应用程序。
通过网站必须可以更改管理员角色的其他用户,
但是,并且只能由管理员角色中的用户使用。
您的提交必须记录至少一个管理员的用户名和密码,以便管理员
功能可以被测试。请在您的提交中包含CREDENTIALS.txt文件。
2.2 Other Requirements
- The application must be an ASP.NET Web Forms application (not an ASP.NET website) or an
ASP.NET MVC application. MVC is strongly encouraged. All projects must use Entity Framework
for database operations. Use of the “code first” approach is required.
1.应用程序必须是ASP.NET Web Forms应用程序(不是ASP.NET网站)或ASP.NET MVC应用程序。强烈鼓励MVC。
所有项目都必须使用实体框架用于数据库操作。需要使用“代码优先”方法。
- Your group may use pre-compiled third-party libraries and NuGet packages at will. No citation of
sources is necessary in this case, since use of such libraries/packages can be easily determined. It is
common to read technical tutorials and use code from the tutorial as a basis for your own implementation.
This is fine as long as any code originating from others outside your group is properly cited
and the use of these tutorials is reasonable and limited to very small portions of the overall project.
All citations must be included in a file called CITATIONS.txt.
您的小组可以随意使用预编译的第三方库和NuGet包。没有引用
在这种情况下来源是必要的,因为使用这种库/包可以很容易地确定。它是
通常阅读技术教程并使用教程中的代码作为自己实现的基础。
只要源自组外的其他代码被正确引用,就没有问题
并且这些教程的使用是合理的,并且仅限于整个项目的很小部分。
所有引用必须包含在名为CITATIONS.txt的文件中。
- The final application submission must be published to Azure.
- There must be one solution containing separate distinct projects for the user interface, business logic,
and data model. The user interface layer is usually the ASP.NET Web Application. The requirement
of having the business logic and data model separate is relaxed for the first milestone.
3.最终的应用程序提交必须发布到Azure。
4.必须有一个解决方案包含单独的用于用户界面的不同项目,业务逻辑,
和数据模型。用户界面层通常是ASP.NET Web应用程序。要求
将业务逻辑和数据模型分开放在第一个里程碑。
- Business logic should not be performed in the user interface. Business logic methods should be called
from the controller or web form code-behind. Business logic is expected to be thoroughly tested by the
group before work on the MVC or Web Forms project begins. The use of unit test projects and unit
testing is strongly encouraged, but not required for the first milestone. This topic will be discussed in
the remaining weeks of the course.
5.业务逻辑不应在用户界面中执行。业务逻辑方法应该被调用
从控制器或Web表单代码隐藏。业务逻辑预计将被彻底测试
在MVC或Web Forms项目上工作之前开始。单元测试项目和单元的使用
强烈鼓励测试,但对于第一个里程碑不是必需的。这个话题将在讨论中
该课程的剩余几周。
- The solution should use database transactions when it makes sense to do so. That is, several logically
related operations should be grouped into a transaction. Totally unrelated operations should not.
Remember that Entity Framework can create implicit transactions, as discussed in class.
6.解决方案应该在数据库事务有意义时使用数据库事务。也就是说,几个逻辑上
相关的操作应该被分组到一个交易中。完全不相关的操作不应该。
请记住,实体框架可以创建隐式事务,正如在课堂上讨论的那样。
- The system must use a common layout/theme across all of the pages and look like a finished product—
not a work in progress. It should not look like several different web sites rolled into one solution.
The real Craigslist web site is not terribly beautiful to look at. Your site does not need to be either.
However limited in appearance, it must nevertheless still be properly styled and contain valid HTML.
The web site itself must have a name. Every page must have a title. Sloppily organized screens or
sites (e.g. overlapping elements, non-uniform spacing, etc.), sites that are completely unimaginative,
or sites in which nobody bothered to change the default navbar or the copyright message (for example)
are all unacceptable. The web site is the product of your group—make sure it appears that way. Be
sure to confirm the validity of your HTML using the HTML validator.
7.系统必须在所有页面上使用通用布局/主题,并且看起来像成品 -
不是一项正在进行的工作。它不应该看起来像几个不同的网站一起解决方案。
真正的Craigslist网站看起来不是非常漂亮。您的网站并不需要。
然而,外观有限,但它仍然必须正确设计并包含有效的HTML。
该网站本身必须有一个名称。每个页面都必须有一个标题。 Sloppily有组织的屏幕或
(例如重叠元素,不均匀间距等),完全不具有想象力的部位,
或没有人打扰更改默认导航栏或版权信息的网站(例如)
都是不能接受的。该网站是你的小组的产品 - 确保它看起来那样。是
务必使用HTML验证器确认您的HTML的有效性。
- All views/pages must meet these requirements:
• Page is straightforward to understand and use by an ordinary lay person.
• Page should contain a reasonable amount of content. This means not too little and not too much
per page.
• Visual elements are reasonably spaced and laid out on the page in an intuitive manner.
• Page input is validated, HTML encoding is performed where necessary.
• Page is tested and works in all reasonably known cases. No broken links, exceptions, or any other
anomaly should be visibly present.
8.所有视图/页面必须符合以下要求:
•页面是一个普通的外行人理解和使用的简单方式。
•页面应包含合理数量的内容。这意味着不要太少,不要太多
每页。
•视觉元素以合理的间隔排列,并以直观的方式放置在页面上。
•页面输入已验证,HTML编码在必要时执行。
•Page已经过测试,可以在所有合理已知的情况下运行。没有断开的链接,例外或其他
异常应该明显存在。
2.3 Data Model and Business Logic Milestone
The Entity Framework data model and business logic are due Wednesday, April 18, 2018 at 11:55 PM.
Submission is mandatory and the entire data model and business logic for all parts of the requirements must be submitted. Only the group leader must submit the deliverable on behalf of the group.
Business logic refers to any calculations or computations, apart from data model validation, that your
project relies upon to perform non user interface related functions. You’ve been writing business logic the
entire course. With Web Forms, your business logic was coded directly in each of the page code-behind files.
实体框架数据模型和业务逻辑将于2018年4月18日晚上11:55到期。
提交是强制性的,必须提交所有部分要求的整个数据模型和业务逻辑。只有小组负责人必须代表小组提交可交付成果。
业务逻辑是指除了数据模型验证之外的任何计算或计算
项目依赖于执行非用户界面相关功能。你一直在写业务逻辑
整个过程。借助Web窗体,您的业务逻辑直接编码在每个页面代码隐藏文件中。
With Homework 4, your business logic was (most likely) coded directly into the controller.
This time, we are going one step further to divorce it from any particular framework or user interface
mechanism. When this portion of the project is completed, one should hypothetically be able to take your
data model and business logic, and move it into a mobile app, Windows application, console application, or
any other type of application, where the only remaining step is to work on the user interface. There should
be no assumptions regarding the use of MVC or any other particular design pattern.
通过作业4,您的业务逻辑(最有可能)直接编码到控制器中。
这一次,我们要进一步将它与任何特定的框架或用户界面分离
机制。当这部分项目完成时,应该假设能够接受你的
数据模型和业务逻辑,并将其转移到移动应用程序,Windows应用程序,控制台应用程序或
任何其他类型的应用程序,其余的唯一步骤是在用户界面上工作。应该
不要假设使用MVC或任何其他特定的设计模式。
As you are aware, the Entity Framework data model already includes functionality for performing basic
operations such as adding objects to containers and managing the relationship between objects in the
database. There is no need to artificially wrap any of that functionality inside your business logic. Your
business logic should mainly be focused on any other functionality not provided by Entity Framework that
is specific to the application. This might include:
• Routines for setting and applying location and type filters
• Routines for querying all posts matching specified filters
• Routines for searching for posts by keyword
• Routines for responding to posts
And so on. The data model and business logic should jointly be able to perform every single computational
function that the web site will need to be perform—all without a user interface.
如您所知,Entity Framework数据模型已包含用于执行基本功能的功能
诸如将对象添加到容器以及管理对象之间的关系等操作
数据库。没有必要在业务逻辑中人为地包装任何这些功能。你的
业务逻辑应该主要集中在Entity Framework没有提供的任何其他功能上
是特定于应用程序的。这可能包括:
•用于设置和应用位置和类型过滤器的例程
•用于查询与指定过滤器匹配的所有帖子的例程
•按关键字搜索帖子的例程
•用于回复帖子的例程
等等。数据模型和业务逻辑应共同能够执行每一个计算
功能,该网站将需要执行 - 全部没有用户界面。
We have not formally discussed testing to date, so unit test projects will not be a requirement at this time. However, your console application should test the business logic layer (i.e., the routines itemized above) in
a meaningful way by populating all of the entities with data and calling all of the major routines. Although
the business logic does not necessarily have to be 100% bug-free at this juncture, it should be devoid of
major issues and be usable (e.g. should not throw exceptions or exhibit any other unstable behavior).
At this stage, you may place your using clauses and database operations inside the business logic. Since
the business logic depends on the model, this is generally not an issue. However, a well-designed site would further separate database operations from business logic. Later in the course, I will discuss strategies for accomplishing this. However, such separation is not a requirement for at least this first milestone.
Shortly after the deadline, feedback will be provided to the group in an informal manner. Although a
formal grade will not be issued, failure to submit the deliverables or failure to submit deliverables that are
not generally in the expected state as described above, may be subject to penalties. Groups should not wait for feedback before proceeding with the remaining portions of the project. Groups can make modifications to the data model or business layer at a later itme, in response to any feedback that is received.
迄今为止我们尚未正式讨论过测试,因此单元测试项目目前不是必需的。但是,您的控制台应用程序应测试业务逻辑层(即上面列出的例程)
一个有意义的方式,用数据填充所有实体并调用所有主要例程。虽然
在这个时候,业务逻辑不一定必须是100%无缺陷的,它应该没有
主要问题并且可用(例如,不应该抛出异常或者表现出任何其他不稳定的行为)。
在这个阶段,您可以将您的使用子句和数据库操作放入业务逻辑中。以来
业务逻辑取决于模型,这通常不是问题。但是,精心设计的网站将进一步将数据库操作与业务逻辑分开。在本课程的后面,我将讨论完成这个的策略。但是,至少在第一个里程碑中,这种分离并不是必需的。
在截止日期后不久,将以非正式的方式向小组提供反馈意见。尽管a
正式成绩不会发布,未能提交可交付成果或未能提交可交付成果
一般不处于上述预期状态,可能会受到处罚。在继续进行项目的其余部分之前,团队不应该等待反馈。为了响应收到的任何反馈,组可以在稍后的时间对数据模型或业务层进行修改。
The deliverables for this milestone are as follows:
• A ZIP file containing one solution with two or three projects:
- A Console Application project that demonstrates the data model and business logic. This must
call into all of the major routines and demonstrate—through the use of messages on the standard
output—the business logic and model layer working. If you already know what Unit Test Projects
are, you may use a Unit Test project in lieu of a Console Application. Whichever you choose,
this piece needs to initialize the first user in the admin role so that functionality for people in the
user and admin roles can be demonstrated. - A Class Library (.NET Framework) project consisting of the data model. This will yield a .DLL
file. - A Class Library (.NET Framework) project consisting of the business logic. You may combine the
data model and business logic into one project for this first pass, but your group will ultimately
be expected to separate them. This too will yield .DLL files.
这个里程碑的可交付成果如下:
•包含两个或三个项目的解决方案的ZIP文件:
1.一个控制台应用程序项目,演示数据模型和业务逻辑。这必须
调用所有主要例程并通过使用标准消息来演示
输出 - 业务逻辑和模型层的工作。如果你已经知道单元测试项目
是,您可以使用单元测试项目来代替控制台应用程序。无论你选择哪个,
这件作品需要初始化管理员角色中的第一个用户,以便为用户提供功能
用户和管理员角色可以被演示。
2.由数据模型组成的类库(.NET Framework)项目。这将产生一个.DLL
文件。
3.由业务逻辑组成的类库(.NET Framework)项目。你可以结合使用
数据模型和业务逻辑集成到一个项目中,但您的团队将最终实现这一目标
预计将它们分开。这也会产生.DLL文件。
• An inline submission indicating the Bitbucket repository for the group. All persons in the group are
expected to have Bitbucket accounts and be actively contributing to the project. Source control must
be used during development.
• You should let Entity Framework create the database for you and populate it as necessary using code.
Do not attach a pre-existing database with your submission. Your code is responsible for seeding the
database with initial data. You can do this inside the Seed routine that is created when you execute
Enable-Migrations from the package manager console, although you could do it elsewhere too.
• To the extent that your group needs to cite outside code, include CITATIONS.txt in your solution ZIP
file. I recommend checking it into your version control repository and maintaining it there.
In the case that you decide to split business logic and data model projects, the business logic can depend
on the model, but not vice versa. To create a dependency from one project to another, right-click on
References, select Add Reference... and select the dependency. If the data model and business logic are
in different namespaces, don’t forget to reference the data model namespace from within the business logic
code.
Any questions concerning the project requirements should be directed to the NYU Classes forum for
further clarification.