Challenge Overview
Basic requirements for this challenge:
- Update AngularJS to capture updated roles on some new endpoints explained more details below
- Improve the unit testing for the new additions
Project Background
The goal of this project is to create a web based tool for operators to share frac schedules and locations with other operators. Currently we have a consortium of 15 operators that share their schedules via email roughly once a week to monthly. The email list changes monthly with people being added or taken off, which makes it tough to manage if you are getting all the schedules you need. Not only does the email list change, but so does each individual company’s frac schedule. With so many moving parts, manually sharing emails and aggregating schedules is unsustainable. These emails contain API # (unique public well identifier), well name, Frac start, Frac end, Bottom Hole Lat/Long, Surf Hole Lat/Long, and sometimes the underground formation name.
In the current state, we go into our internal mapping tool or the State website and manually measure out the distances between our well locations and the offset operators locations to see if we need to prepare our wells. From this frac schedule, it us up to the individual companies to check in to see if offset fracs are on time or delayed and if the operator will impact any of their assets. This methodology is cumbersome and time consuming. A tool should be easily accessible, be able to quickly upload operator information and provide a visual and user adjustable display of areas and times where frac operations may cause operational hazards due to “frac hits” http://www.eagleford.training/2015/08/what-are-frac-hits/
For this challenge, we need improve existing AngularJS to capture client requirements on User Managements
Technology Stack
Deployment environment requirements
- localhost
- Heroku
- AWS
Database
- MS SQL Server
Email Service
- You need set up this to make sure email send correctly. You can use AWS SES or mailtrap.io
Code access
Storyboard Design: https://drive.google.com/open?id=18XHRqOJ1iSxH3TU1B1ciWoeo-0a95T5a
AngularApp Source Code
https://gitlab.com/quartz-energy/ops-frac-schedule/web-application
Application support 3 roles, make sure your updates affect all roles
operator/password
admin/password
user/password
Java REST API Source Code
https://gitlab.com/quartz-energy/ops-frac-schedule/java-services
FYI: For quick usage you can use this Dev REST API endpoints: https://ops-frac-api-java-user.herokuapp.com/api/v1
Postman Collection for API endpoints Testing
https://gitlab.com/quartz-energy/ops-frac-schedule/java-services/tree/dev/docs
General Submission Requirements
1). User Role Updates
Admin need updated to System Admin
- Add/Edit/Delete User from all Company
- Approve Self Registration from all Company
- Unlock the Locked Account from all Company
- Reset the auto-generated password from all Company
- Add/Edit/Delete Company from all Company
- Add/Edit/Delete Contact from all Company
- Add/Edit/Delete Schedule from all Company
- Approve Operator Admin from all Company
- View all operators Well Review from all company
- View all operators Well Review Comments from all company
Operator need updated to Operator Admin
- Add/Edit/Delete User from own Company
- Approve Self Registration from own Company
- Unlock the Locked Account from own Company
- Reset the auto-generated password from own Company
- Add/Edit/Delete Contact from own Company
- Add/Edit/Delete Schedule from own Company
- Approve Operator Admin from own Company
- View Well Review from own Operator Company
- View Well Review Comments from own Operator Company
User need updated to Operator
- NOT able to Add/Edit/Delete User from own Company
- NOT able to Edit own Company
- NOT able to Add/Edit/Delete Contact from own Company
- Add/Edit/Delete Schedule that this Operator created.
- View Well Review from own Operator Company
- View Well Review Comments from own Operator Company
Important: There are roles updates across the AngularJS app:
SYSTEM_ADMIN
OPERATOR_ADMIN
OPERATOR
2). Request Access
- This will be the new endpoint for Request access
- We need this register endpoint will available for user that not joined yet.
- Required fields are:
-- Username
-- Email Address
-- Role
-- Company
-- Secret questions
-- Secret questions answer
- Important: There will be email sending on request access
3). Forgot Password
- Create new endpoints for forgot password
- Required fields are:
-- Email Address
-- Secret questions
-- Secret questions answer
- Need able to create auto-generated generated password
3). Forgot Username
- Create new endpoints for forgot username
-- Email Address
-- Secret questions
-- Secret questions answer
4). Secret Questions
- As part of Add/Edit user, we need allow user to pick 1 secret question and fill the answer
- Create separated table to store all secret questions list
- System Admin need able to Add/Edit/Delete the secret questions list
5). User Management
- Only System Admin/Operator admin can access this.
- You need improve current users endpoints
- Create new endpoints to see all “Active users”, “Self Registration” and “Locked accounts”
- System Admin can access all company
- Operator Admin can only access his own company
- Improve current Users endpoints to support account type and need able to filter by company parameters
- System admin can approve self registrations
- Operator admin can approve self registrations from his own company.
- Need create auto-generated password after account approved
- When create user shouldn't display password box. System need auto-generated the password.
- User password need auto-generated after System Admin/Operator Admin approved the registration. This rule can be the starting point for the format.
-- Password Length: 8
-- Include Symbols: ( e.g. @#$% )
-- Include Numbers: ( e.g. 123456 )
-- Include Lowercase Characters: ( e.g. abcdefgh )
-- Include Uppercase Characters: ( e.g. ABCDEFGH )
- When stored on database, password need hashed.
- Any other suggestion for best practice security solution for auto-generated password?
- Edit user should not reset the auto-generated password
- Need separated way on table to reset the auto-generated password
- Need set temporary lock the account for 24hrs before user can logged in.
- System Admin/Operator Admin need able to unlocked the accounts
- System Admin need able to set Operator Admin flag on each company
- Operator Admin need able to set Operator Admin flag on own company
6). Login update
- Need lock the accounts if user guess wrong password or secret numbers more than 5 times.
- System Admin/Operator Admin need able to unlocked the accounts
- Update the endpoints title for the new addition
7). Map Limit View
- We need set map view limit for all User roles
- Map view need auto zoom-in after user logged in
- Need calculate all schedules latitude & longitude info related to company.
- Add extra padding so all schedules clearly visible on map
- Need capture all schedule/wells from all companies
- Add extra padding so all schedules clearly visible on map
- All updated source code that implement the challenge requirements.
- README in markup language
- Updated insert data scripts
- Updated Postman collections to match with new additions
- Challenge winner need send Merge Request to our repo
- Update AngularJS to capture updated roles on some new endpoints explained more details below
- Improve the unit testing for the new additions
Project Background
The goal of this project is to create a web based tool for operators to share frac schedules and locations with other operators. Currently we have a consortium of 15 operators that share their schedules via email roughly once a week to monthly. The email list changes monthly with people being added or taken off, which makes it tough to manage if you are getting all the schedules you need. Not only does the email list change, but so does each individual company’s frac schedule. With so many moving parts, manually sharing emails and aggregating schedules is unsustainable. These emails contain API # (unique public well identifier), well name, Frac start, Frac end, Bottom Hole Lat/Long, Surf Hole Lat/Long, and sometimes the underground formation name.
In the current state, we go into our internal mapping tool or the State website and manually measure out the distances between our well locations and the offset operators locations to see if we need to prepare our wells. From this frac schedule, it us up to the individual companies to check in to see if offset fracs are on time or delayed and if the operator will impact any of their assets. This methodology is cumbersome and time consuming. A tool should be easily accessible, be able to quickly upload operator information and provide a visual and user adjustable display of areas and times where frac operations may cause operational hazards due to “frac hits” http://www.eagleford.training/2015/08/what-are-frac-hits/
For this challenge, we need improve existing AngularJS to capture client requirements on User Managements
Technology Stack
Deployment environment requirements
- localhost
- Heroku
- AWS
Database
- MS SQL Server
Email Service
- You need set up this to make sure email send correctly. You can use AWS SES or mailtrap.io
Code access
Storyboard Design: https://drive.google.com/open?id=18XHRqOJ1iSxH3TU1B1ciWoeo-0a95T5a
AngularApp Source Code
https://gitlab.com/quartz-energy/ops-frac-schedule/web-application
Application support 3 roles, make sure your updates affect all roles
operator/password
admin/password
user/password
Java REST API Source Code
https://gitlab.com/quartz-energy/ops-frac-schedule/java-services
FYI: For quick usage you can use this Dev REST API endpoints: https://ops-frac-api-java-user.herokuapp.com/api/v1
Postman Collection for API endpoints Testing
https://gitlab.com/quartz-energy/ops-frac-schedule/java-services/tree/dev/docs
General Submission Requirements
1). User Role Updates
Admin need updated to System Admin
- Add/Edit/Delete User from all Company
- Approve Self Registration from all Company
- Unlock the Locked Account from all Company
- Reset the auto-generated password from all Company
- Add/Edit/Delete Company from all Company
- Add/Edit/Delete Contact from all Company
- Add/Edit/Delete Schedule from all Company
- Approve Operator Admin from all Company
- View all operators Well Review from all company
- View all operators Well Review Comments from all company
Operator need updated to Operator Admin
- Add/Edit/Delete User from own Company
- Approve Self Registration from own Company
- Unlock the Locked Account from own Company
- Reset the auto-generated password from own Company
- Add/Edit/Delete Contact from own Company
- Add/Edit/Delete Schedule from own Company
- Approve Operator Admin from own Company
- View Well Review from own Operator Company
- View Well Review Comments from own Operator Company
User need updated to Operator
- NOT able to Add/Edit/Delete User from own Company
- NOT able to Edit own Company
- NOT able to Add/Edit/Delete Contact from own Company
- Add/Edit/Delete Schedule that this Operator created.
- View Well Review from own Operator Company
- View Well Review Comments from own Operator Company
Important: There are roles updates across the AngularJS app:
SYSTEM_ADMIN
OPERATOR_ADMIN
OPERATOR
2). Request Access
- This will be the new endpoint for Request access
- We need this register endpoint will available for user that not joined yet.
- Required fields are:
-- Username
-- Email Address
-- Role
-- Company
-- Secret questions
-- Secret questions answer
- Important: There will be email sending on request access
3). Forgot Password
- Create new endpoints for forgot password
- Required fields are:
-- Email Address
-- Secret questions
-- Secret questions answer
- Need able to create auto-generated generated password
3). Forgot Username
- Create new endpoints for forgot username
-- Email Address
-- Secret questions
-- Secret questions answer
4). Secret Questions
- As part of Add/Edit user, we need allow user to pick 1 secret question and fill the answer
- Create separated table to store all secret questions list
- System Admin need able to Add/Edit/Delete the secret questions list
5). User Management
- Only System Admin/Operator admin can access this.
- You need improve current users endpoints
- Create new endpoints to see all “Active users”, “Self Registration” and “Locked accounts”
- System Admin can access all company
- Operator Admin can only access his own company
- Improve current Users endpoints to support account type and need able to filter by company parameters
- System admin can approve self registrations
- Operator admin can approve self registrations from his own company.
- Need create auto-generated password after account approved
- When create user shouldn't display password box. System need auto-generated the password.
- User password need auto-generated after System Admin/Operator Admin approved the registration. This rule can be the starting point for the format.
-- Password Length: 8
-- Include Symbols: ( e.g. @#$% )
-- Include Numbers: ( e.g. 123456 )
-- Include Lowercase Characters: ( e.g. abcdefgh )
-- Include Uppercase Characters: ( e.g. ABCDEFGH )
- When stored on database, password need hashed.
- Any other suggestion for best practice security solution for auto-generated password?
- Edit user should not reset the auto-generated password
- Need separated way on table to reset the auto-generated password
- Need set temporary lock the account for 24hrs before user can logged in.
- System Admin/Operator Admin need able to unlocked the accounts
- System Admin need able to set Operator Admin flag on each company
- Operator Admin need able to set Operator Admin flag on own company
6). Login update
- Need lock the accounts if user guess wrong password or secret numbers more than 5 times.
- System Admin/Operator Admin need able to unlocked the accounts
- Update the endpoints title for the new addition
7). Map Limit View
- We need set map view limit for all User roles
- Map view need auto zoom-in after user logged in
- Need calculate all schedules latitude & longitude info related to company.
- Add extra padding so all schedules clearly visible on map
- Need capture all schedule/wells from all companies
- Add extra padding so all schedules clearly visible on map
Final Submission Guidelines
What To Submit?- All updated source code that implement the challenge requirements.
- README in markup language
- Updated insert data scripts
- Updated Postman collections to match with new additions
- Challenge winner need send Merge Request to our repo