Challenge Overview
Project Overview
BrivoLabs has a beta version of a node.js/coffeescript application that is called Social Access Management (SAM) API. It uses postgres database, runs on heroku, consists of both a web and a worker process, and uses a redis-based message queue to communicate between them.
We have a web dashboard that allows a user to manage their domains in SAM. In this challenge we want to make this Dashboard a fully functional maintenance dashboard for domains in SAM.
Missing Key Objects in Current Dashboard
- Ability to Manage the Site Object
- Ability to Manage Access Targets
Competition Task Overview
Page Updates
1.0 /dashboard
Description: Welcome, View User-Associated Domains
Actions:
-
Remove the Welcome Message
-
Consolidate the Generate Domain to just a button that takes the user to an “Add Domain” page (or possibly pop in a modal window). Button name : “Generate Domain”. Place it at top right corner above the table.
-
Clean up the table:
-
Remove the ID column (but show the ID on hover of the “name” column)
-
Link “name” column to maintain that domain’s sites page [2.0 - /domain]
-
Change action buttons:
-
If current Domain, no actions should be present (manage users and download activity log will be moved to the domain management page [2.0 - /domain] )
-
If not current domain, a button should be there that says “switch to” instead of “manage”- Clicking on button should display an alert/warning that you will switch out of managing the current domain with Ok/Cancel. If OK is selected, the current "Manage" action should be taken.
-
-
2.0 /domain/:id
Description: Maintain Current Domain, View Associated Sites
Actions:
-
Add a div panel that shows the data related to the domain
-
Add Download Activity Log button here.
-
Click to Edit domain information (edit button).
-
Make sure to surface editing for the domain’ credentials. This is currently a BLOB object in the database domains table. Add ability for user to add/remove key/value pairs.
-
- SAM API Endpoints - following endpoints is used to manipulate the domains
- POST /domains - used to create domain
- /domain/:id - it supports GET, PUT, and DELETE http methods to retrieve, update and remove domain, respectively.
-
-
Add a table list of sites under a domain. Columns:
-
Site Name (on hover show ID, and link the column to site management page [3.0 /site])
-
Number of Access Targets
-
Number of Users - Show this column only if user is admin or global_admin
-
SAM API Endpoints - following endpoints is used here
-
GET /sites - used to retrieve sites of the authenticated domain, it also retrieves associated access targets
-
You can retrieve users of a domain by calling GET /domainAccounts but this only allowed for 'admin' role
-
-
3.0 /site/:id
Description: Maintain current Site, View Site Access Targets and Access Reservations
Actions:
-
Add a paginated table of Access Targets
-
Columns are : Name, External ID
-
Clicking the name takes you to edit that Access Target [4.0 - Access Target]
-
Add button at top right above the table to ‘Add Target’
-
SAM API Endpoints - following endpoints is used here
-
GET /site/:siteId/accessTargets - used to retrieve access targets associated with the site
-
POST /site/:siteId/accessTargets - used to associate access target to the site
-
-
-
Add a paginated table of Access Reservations
-
Table will show Name, Access Targets, Schedules, and Users.
-
Clicking the Name/Date takes you to [5.0 Access Reservation] page
-
Add action button to remove Access Reservation.
-
Add button at top right corner above of table to add new Access Reservation. It will take user to [5.0 Access Reservation] page.
-
Note that this button can only work with users who has role superUser or higher
-
-
SAM API Endpoints - following endpoints is used here :
-
Use GET /accessReservations and pass domainAccount parameter to retrieve the access reservations
-
POST /accessReservations to create access reservation
-
GET /accessReservation/:id to retrieve specific access reservation info
-
DELETE /accessReservation/:id to delete access reservation
-
-
-
Add a paginated table of users (much like /users now)
-
Unlike current /users it will not have ‘manage access’ button, it will have ‘edit roles’ button.
-
This table can only be rendered if user is 'admin' role. The API endpoint will not work with user role or superUser role.
-
SAM API Endpoints - following endpoints is used here :
-
GET /domainAccounts to retrieve users
-
-
4.0 /access-target/:id
Description: A page to manage properties of an Access Target.
-
This page should be used for either editing or adding Access Target
-
SAM API Endpoints - following endpoints is used here :
-
PUT /site/:siteId/accessTarget/:id used to update the access target associated with the site
-
GET /site/:siteId/accessTarget/:id to retrieve the details of the access target
-
POST /site/:siteId/accessTargets to create access target
-
5.0 /access-reservation/:id
Description: Used to create or edit an access reservation for multiple people. Currently, to create an access reservation, you have to pick a person, then create an access reservation for them.
Actions:
-
The new page would allow you when creating an Access Reservation to set name, add schedules, and pick the people you can provide access, and pick the access targets you would like to allow them to open.
-
Adding invitees should support both forms we currently supporting for adding invitee to access reservation.
-
Use GET /domainAccounts to retrieve users associated with the authenticated domain so user can pick from.
-
-
When editing an Access Reservation it would allow you to add/remove invitees, add/remove schedules, add/remove access targets associated with the Access Reservation.
-
It will use same SAM API endpoints used in the current web dashboard.
6.0 /user/:id/roles
This is same as current page where you can manage roles associated with selected user. It will use same endpoints currently used in the web dashboard.
Existing Pages
The following existing pages will be replaced by the new flow above :
-
/users page
-
/users/:id/access page to view access reservations associated with a user
- /user/:id/access/add
General Notes
- Application should run on Heroku.
- Update readme file for details about deploying the application, configuring it, and testing locally or in Heroku.
- Use Angular.js Framework to build the pages, you also need to update "Domain Management" landinag page to be based on Angular.js.
- You will keep using Boostrap. The pages MUST be reponsive, it should work in the 4 grid systems supported by boostrap 3.2.0 http://getbootstrap.com/css/#grid
- Use date picker for date fields (i.e. schedule start/end date, or event report dates) http://www.eyecon.ro/bootstrap-datepicker/?utm_source=twitterfeed&utm_medium=twitter
- Some API orchestration may be done server-side (such as creating an Access Reservation which requires multiple SAM API calls).
- You should follow styling and navigation of existing dashboard, we should deliver best UX for user.
Development Environment
You are provided with Brivo Labs SAM API source code, you can set it up locally following the readme file included in the source code folder. If you don't want to set up SAM API you can use the following Heroku setup :
- The API deployed to : http://brivolabs-sam-cs.herokuapp.com
- The domain id, client id and client secret will be provided in challenge forums. You will use them to login using the provided domain id.
- You must use the dashboard app itself to generate your own domain in -cs, for testing (which will give you 'admin' role)
- You can access iodocs-cs heroku app to see the latest API docs, and do test calls : http://brivolabs-iodocs-cs.herokuapp.com/
Documentation Provided
Brivo Labs API Code Base and Brivo Labs Web Dashboad are provided in forums.
You can also refer to Brivo Labs Mashery portal at the "getting started" guide developer.brivolabs.com/docs
Final Submission Guidelines
Submission Deliverables
Below is an overview of the deliverables:
- Git patch file with changes.
- A complete and detailed deployment documented explaining how to deploy the application including configuration information.
Final Submission
For each member, the final submission should be uploaded to the Online Review Tool.