V2 High Level Design Notes

Contents

Introduction

This section contains notes for the design and implementation of V2, in particular notes about how to use the technology stack.

Ruby On Rails

Resources

Books

Ruby on Rails 3 Tutorial, by Michael Hartl - A beginning book with an emphasis on automated unit and integration testing with RSpec
The Rails 3 Way, by David H. Hansson - An advanced book with in-depth descriptions of most Rails related topics
1. Section 11.20 - Internationalization using the I18n Ruby GEM
2. Chapter 14 - Authentication
3. Chapter 18 - RSpec

On-Line Reference Material

Logging

Application Configuration

Authorization and Authentication

We should probably use the most popular user authorization Ruby GEM
Fallback is to use the method described in the example application described in the Hartl book

Internationalization

Use the I18n Ruby GEM. See section 11.20 in Hansson book

User Access Modeling

Definitions

Library - an entity that contains multiple Projects
1. A Library is the repository that manages user login, e.g. it authenticates users, typically via user login name and password (or LDAP, etc.)
  1. Contains a catalog of user names, login names and authorization information, e.g. encrypted passwords or links to LDAP or other authentication external authentication systems
2. A Library does not contain user role information for individual projects
  1. Except that it is able to provide a list of links that jump to the home pages of the projects (in the library) that the user has access to
  2. If a user doesn't have any roles for a particular project, then they do not even see that the project exists
    1. This might be managed by a configuration variable, to allow implementation of a compeny-based systems which let all users see the names of all projects
Project - an entity that contains user data, e.g. documents, revisions, tasks, etc.
1. Each project must belong to exactly one library
2. A project contains:
  1. Project metadata, stored in the project's database
    1. Including user access rights for all the project's users
  2. A set of files (revision files, correspondence files, ZIP files, etc.) stored in a directory tree
  3. The metadata database and files of a project are never mixed between projects. This is to:
    1. Ensure customer data privacy
    2. Make it possible to make individual project backups

Requirements

A user has the same login credentials for all projects, he has access to, within a single library
A library dictates the user authentication policy, e.g. how user logins are validated, for all the projects that belong to it
A library has a landing page
1. The landing page is the user login page for the all projects that belong to it
A library has administrative transactions for defining and managing users
1. There are library users that have library administrator roles
2. The library configuration sets the login security policy, e.g. password length, frequency of password changes, etc.
  1. Initially this will be via configuration variables
  2. Later this might be managed by online transactions available to the library administrators
Integrity of project metadata:
1. All metadata for a project is stored in a single database
2. Databases never contain metadata from multiple projects
Projects can be migrated between libraries
1. This will initially be done using a manual procedure, e.g. shell and SQL scripts
2. Later this could be automated
User roles for individual projects are managed within the projects
There are users that have project administrator roles within projects
1. A project administrator manages user roles for a project
2. The project administrator role is limited the project it is associated with
3. A user might have project administrator rights in multiple projects
User roles for library and project administration do not include the ability to grant the roles to others, which are controlled by seperate grant library administrator and grant project administrator roles