Challenge Overview
Project Overview
The Access Request Module will allow people to request access to secured spaces through an easy to use interactive web application. It will allow security personnel to review access requests and grant, deny, or perform other actions with them. This application will rely heavily on the Lenel OnGuard Access Control system and utilize our API to make business decisions.
Competition Task Overview
Previously, we have implemented the UI Prototype, for this challenge, we want to implement the first pieces of working functionality for requester role. This will include implement the backend services and integration the UI Protoype which is implemented by using AngularJS.
Note: Please read the whole Application Design Specification first. All the details not mentioned in this specification are provided in that document.
Note: Extensive implementation notes are provided at method documentation on UML Class Diagrams. Please follow them for implementation.
The high level use cases specified in ARM UI Prototype Challenge Specifications.pdf section 8 (Requester) should be covered in the challenge.
Scope
Following stuff should be in scope, if any other is required for functionality implementation, please include also.
- all entities in Model Class Diagram.
- AccessRequestService, MiscService, AccessRequestController, MiscController in Back End Services and Controllers Diagram.
- AccessRequestService, MiscService in Front End AngularJS Services Class Diagram
- MasterCtrl, RequesterCtrl in Front End AngularJS Controllers Class Diagram
Some Changes from the Original Architecture
Besides the original architecture, we needs some changes, please follow ARM Architectural details.pdf like
- Please use meaningful name for MiscService instead. See Suggestion as following
Old name: Security Service
New name: LS ARM Security Service
Old name: Configuration Service
New name: LS ARM Configuration Service
Old name: AccessRequestService
New name: LS ARM Request Service
Old name: EmailNotificationService
New name: LS ARM Notification Service
Old name: MiscService
New name: LS ARM Information Service
- all service names need to have "LS" in front of them as we outlined in the Architecture document.
Authentication and Authorization
The implementation of Login Screen is not in scope, Use the following credentials for the backend API service authentication (OpenAccess).
Username: sa
Password: sas
Use the following credentials for the database user:
Username: lenel
Password: Secur1ty#
Other information will be posted in forum for competitors' usage only.
Reference
Calling OpenAccess API
The OpenAccess API is documented in client’s OpenAccess.pdf. And we will use Node.js request 2.55 (https://www.npmjs.com/package/request) to call the APIs.
The code to call an OpenAccess API is like below:
var request = require('request');
var options = {
// the url can be looked up from OpenAccess.pdf chapter 4
// the filter is "type=system"
url: config.OPEN_ACCESS_API_BASE_URL +
config.OPEN_ACCESS_API_GET_INSTANCES_PATH +
'?page_number=1&page_size=10&order_by=Time&' +
'sort_descending=true&type_name=Lnl_LoggedEvent&filter=type%3Dsystem',
headers: {
'Session-Token': token,
'Application-Id': config.APPLICATION_ID
}
};
function callback(error, response, body) {
if (!error && response.statusCode == 200) {
var result = JSON.parse(body);
...
}
}
request(options, callback);
Note that for the “get instances” API, it uses pagination, if we need to get all entities of some type, we may set page_number = 1 and page_size = a very large value.
We will use the following OpenAccess API:
(1)“get authentication” API: specified in OpenAccess.pdf page 18.
(2)“add authentication” API: specified in OpenAccess.pdf page 18.
(3)“delete authentication” API: specified in OpenAccess.pdf page 19.
(4)“get instances” API: specified in OpenAccess.pdf page 22.
(5)“add instances” API: specified in OpenAccess.pdf page 25.
Database
Assemblers should make SQL initialization scripts for both Oracle 10g and MSSQL 2012 from the given ERD.
For Oracle 10g, we need a sequence for the access request id:
CREATE SEQUENCE ACCESS_REQUEST_SEQ INCREMENT BY 1 START WITH 1 NOMAXvalue NOCYCLE NOCACHE;
For MSSQL 2014, the access request id uses “IDENTITY” so that it is auto generated.
General AngularJS Service Implementation
The services are AngularJS services, they use $http service to communicate with the back end REST API.
Some services require authorization, they expect an encryptedCredential set in sessionStorage.encryptedCredential field, if not, they will call callback with error message.
Below we take the AccessRequestService.create as example, other services are implemented similarly.
angular.module('services').factory('accessRequestService',
['$http', '$log',
function ($http, $log) {
var service = {};
service.create = function(request, callback) {
$http({
// it may be 'GET', 'PUT' etc. for other REST services
method:'POST',
// replace this url for other REST services
url: config.REST_SERVICE_BASE_URL + '/accessrequests',
// request body may be different for other REST services
data: JSON.stringify(request),
// authorization header depends on REST service,
// some needn't it,
headers: {
'Authorization': 'Bearer' + sessionStorage.encryptedCredential
}
}).success(function(data){
callback(null, data);
}).error(function(data, status, headers, config) {
callback(data);
});
}
... // other functions
return service;
}]);
Pages
partials/requester.html
Wireframe: Requester
Controller: RequesterCtrl
This page handles requester page.
Final Submission Guidelines
- Complete Source Code for Frontend and Backend.
- Deployment Guide for application setup.
- Verfication Steps for verifying Requstor related functionality.