Practicalassessment 2—ASP.NET 4.5

Due date: / 5:00pm AEST, Friday Week 10 / ASSESSMENT
Weighting: / 25% / 2
Length: / No set length

Objectives

This assessment item relates to the course learning outcome numbers 2 and 3.

More specifically, the objective of this assignment is for students to:

  • Develop, test and maintain a dynamic Internet application for business using an integrated suite of software tools.

Introduction

You are required to further develop the Brissie Coin Palace website using ASP.NET 4.5 and C#. You mustdevelop the web pages according to the specifications given in this document. This means that you must provide the functionality specified, produce the layout specified and use the data and images provided on the course website. You may change the colour scheme and general styling, but you may not change the layout or functionality described. This document is a specification that you are required to implement.

Overview of website to be developed

Your website must:

  • Use a master page and content pages throughout
  • Define and use a consistent theme throughout
  • Use a web.sitemap and related navigation controls
  • Use roles and authorization rules to implement site security
  • Use a database to retrievecoindetails; this database will be supplied to you
  • Simulate implementing a shopping cart so that coins can be bought from the catalog page.

You are also required to:

  • Submit a brief Word document describing what features did and did not work in your website.

You are required to develop the following content pages:

Web Page / Description
Default.aspx / The home page.
Pages/CoinCatalogue.aspx / Lists coins from different Country in a grid view format, includes drop-down list filter, thumbnails and hyperlinks.
Pages/CurrentSpecials.aspx / Lists coins that are available on sale at 10% off their sale price.
Pages/ChangePassword.aspx / This page allows authenticated users to change their password.
Pages/Register.aspx / This page allows users to register as a member.
Pages/ContactUs.aspx / This page provides contact details and also allows users to provide a feedback.
Admin/Default.aspx / The top-level page in the admin menu.
Admin/AddUser.aspx / This page allows admin users to add a new user.
Admin/AddUserToRole.aspx / This page allows admin users to add an existing user to an existing role.
Admin/ManageCatalogue.aspx / This page allows admin users to add, edit or delete coins from the coins catalogue.
Shopping/Checkout.aspx / This page implements the checking out stage of the E-commerce pipeline
Shopping/ShoppingCart.aspx / This page implements the displaying of the contents of the current shopping list
Shopping/ShoppingCartItem.aspx / This page contains details on a single item, and the link to add the item to the shopping cart

You must also create the Web.sitemap and Masterpage.master files, as well as make appropriate edits to the web.config file.

These requirements are discussed in more detail below.

Provided materials – starter kit

To get you started, an assignment 2 starter kit is available on the web site. This starter kit contains:

  • The Images directory containing all the images required for the assignment
  • CoinDB.mdf – the SQL database required for this assignment
  • The resources files required for the themes for this assignment

Web.sitemap

You must construct your web.sitemap to achieve the following menu hierarchy:

Home
Coin Catalogue
Register
Current Specials
Admin
Shopping Cart
Checkout
Contact Us
/ Manage Catalogue
Add new user
Add user to role

Website structure

The files in your website should be structured in the following way:

  • BrissieCoinPalace

The menu items above must map to the following content pages:

Menu item / Content page
Home / ~/Default.aspx
Coin Catalogue / ~/Pages/CoinCatalogue.aspx
Register / ~/Pages/Register.aspx
Current specials / ~/Pages/CurrentSpecials.aspx
Change password / ~/Pages/ChangePassword.aspx
Contact Us / ~/Pages/ContactUs.aspx
Administration(for admin user) / ~/Admin/Default.aspx
Administration > Manage catalogue / ~/Admin/ManageCatalogue.aspx
Administration > Add new user / ~/Admin/AddUser.apsx
Administration > Add user to role / ~/Admin/AddUserToRole.aspx
Shopping Cart / ~/Shopping/ShoppingCartPage.aspx
Checkout / ~/Shopping/Checkout.aspx

Master page

Your master page must achieve the following layout:

Header

The header must contain the logo. The actual logo displayed will depend on the theme. The Colour theme uses BCPLogoMonochrome.jpg. The Monochrome theme uses BCPLogoColour.jpg.

Breadcrumb

The breadcrumb division should contain a SiteMapPath control. Your breadcrumb should not be hardcoded.

Sidebar – menu

The menu division must contain a Navigation area. The navigation area will display a TreeView based on the Web.sitemap file.

Note:

  • The TreeView control must obtain its menu items from the Web.sitemap file; menu items should not be hard coded into the TreeView control.
  • Three styles have been provided to you in the CSS file: dynamicHoverStyle, dynamicMenuItem and staticMenuItem. You should apply these CSS styles to your TreeView control – this will help ensure the correct appearance of the control.
  • Your TreeView control should not show the top (Home) node.
Footer

The footer contains two other divisions – the copyright and lastupdate divisions. The copyright division should contain a copyright symbol, your name and the current year, along with the image copyright statement. The lastupdate division should contain the date that the website was last updated. You may hard code this date.This is unchanged from assignment 1.

The database file

A SQL database is provided to you in the Assignment 2 starter kit. It contains all the necessary data required for this assignment. The database is named CoinDB.mdf. You will need to place a copy of this database in the App_Data directory of your website.

This database contains a table named CoinsTable thatcontains the following fields:

Field / Data type / Required / Description
CoinId / Autonumber (int) / Yes / Unique number for each coin, automatically supplied by the database
Name / nvarchar(50) / Yes / The name for the coin, eg. 5 cents
Price / money / Yes / The cost of the coin
InStock / int / Yes / The number ofthis type of coinin stock
LastUpdate / datetime / Yes / When the data was last modified
Picture / nvarchar(50) / Yes / URL for link to image for this coin
Country / String / Yes / Country of origin; Indian, Singaporean, Australian or Hong Kong
OnSpecial / smallint / Yes / 0 if not on special, 1 if on special

If you wish to you can use the information from the above tables to re-create the database.

Home page

The home page should appear as follows for an unauthenticated user:

Coin Catalogue

The Coin Cataloguepage must appear as follows. Note that for brevity, only the main content area is shown.

After selecting the country, the coins from the country should be displayed as shown.

Note that:

  • A GridView control should be used to achieve the table layout.
  • The GridView control must be bound to the CoinsTable table in the database.
  • Price must be appropriately formatted to appear as currency and should be right aligned.
  • The image is the image whose hyperlinked is given in the Picture field in the CoinsTable table.
  • The GridView must have sorting enabled.
  • The drop-down list must show a list of coins from the Country given in the DropDownList.
  • Duplicates should not appear in the DropDownList list.
  • When a particular Country value is selected from the DropDownList list, the GridView should be updated to show all coins with that Country value.
Sidebar – login

The LoginArea division must contain a LoginView control. You are to use the LoginView control to display different content depending on whether or not the user is authenticated. Specifically, if the user is un-authenticated (i.e. not logged in), they should see a login control as follows:

Note that:

  • You should apply the CssClass loginControl to the Login control. This will help achieve the appearance shown above.
  • You should not display "Remember me".
  • The hyperlink underneath the “Log In” button should say: Not a member? Please Register. You can do this by setting the CreateUserText property. Clicking this link should take the user to ~/Pages/Register.aspx.
  • Experiment with the TextLayout property to obtain the layout above.

If the user is authenticated, they should see a Login name and LoginStatus control. A user logged as kuttys should see the following:

Note that a LoginName and a LoginStatus control are used to achieve this.

Contact Us

This page allows users to access contact details of BrissieCoin Palace. To achieve this, create a webpage ContactUs.aspx in Pages folder similar to the below screenshot:

Note:

On clicking the submit button a pop up message should appear to thank the user for providing feedback.

Roles and security

You are required to:

  • Create appropriate roles, as described below
  • Create two users for testing, as described below
  • Implement authorization rules to achieve the security access, as described below
  • Implement security trimming; guidance is given below
  • Set the home page as the login page; guidance is given below.
Roles

You are required to create two roles as follows:

member

admin

You may use the WSAT tool to create these three roles.

Roles

You should create the following three roles for the purposes of testing and marking. Failure to create these roles may result in loss of marks:

User Name / Password / Role
kuttys / kuttys@123 / member
mary / admin@123 / admin
Authorization rules

Access to content pages must be restricted as shown below. You are required to add the appropriate authorization rules to the Web.config file to achieve the security restrictions shown below:

Page name / Unauthenticated users / Member / Admin
Home /  /  / 
Coin Catalogue /  /  / 
Current specials / see note below
Change password /  /  / 
Administration /  /  / 
Administration > Manage catalog /  /  / 
Administration > Add new user /  /  / 
Administration > Add user to role /  /  / 
Shopping Cart /  /  / 
Checkout /  /  / 
ContactUs /  /  / 

Note: Refer to the section below on the Current specials page for more information.

Security trimming

You must implement security trimming. Security trimming means that a user can only see those menu items for which they have authorization. They cannot see menu items for pages that they do not have authorization. To implement security trimming, add the following code to your Web.config file just before the closing tag of </system.web>:

siteMapdefaultProvider="XmlSiteMapProvider"enabled="true"

<providers

<addname="XmlSiteMapProvider"

description="Default SiteMap provider."

type="System.Web.XmlSiteMapProvider"

siteMapFile="Web.sitemap"

securityTrimmingEnabled="true"/>

</providers

</siteMap

Setting the login page

When a user attempts to access a page for which they are not authorized, the web server will re-direct the user to the login page. You must ensure that the user is re-directed to the home page for login services. To do this, add formsloginUrl="Default.aspx" to the Web.config file between authentication mode tags as follows:

authenticationmode="Forms"

forms loginUrl="Default.aspx"</forms

</authentication

Also note the mode attribute must be set to "Forms" and the authentication element must be a pair of opening and closing tags.

Note: For an authenticated user, or a user in a role, the Navigation menu should look like this:

Specials

Specials are thosecoins that have a value of 1 in the OnSpecials column in the CoinsTable table. Any cointhat is currently on special is available to registered members at 10% off the sale price.

Specials are only available to registered members. However, you should not use an authorization rule to implement this security. You are to use a LoginView control to display alternate content depending on whether the user is authenticated or not.

To an unauthenticated user, the Specials page must appear as follows. Note that for brevity, only the main content area is shown.

Note that the register now hyperlink must link to ~/Register.aspx. The register page is described in more detail below.

To an authenticated user (ie a member), the Specials page must appear as follows:

Note that:

  • GridView controls should be used to achieve the table layout.
  • The GridView controls must be bound to the CoinsTabletable in the database. Each table has its own GridView on the page.
  • Only CoinsTablecoins that have aOnSpecial value of 1 should appear in these lists. You can achieve this by adding a WHERE condition when configuring the data source object.
  • Sales Pricemust be appropriately formatted to appear as currency and should be right aligned.
  • The image is found at the Picture field in the CoinsTabletable.
  • The GridView must have sorting enabled.
  • The Sales Price column is a calculated field. It is not available directly from the database; you must calculate it in the underlying SELECT query. To do this:
  • Set up your GridView and data source using Sale Price in lieu of Price.
  • Switch to Source view. Alter the SelectCommand of the data source object, change
    [Price],
    to:
    [Price] * 0.90 AS [Sales Price],
  • Refresh your GridView schema using the smart panel.

Note that:GridView controls should be used to achieve the table layout and each table should have its own GridView.

  • The GridView controls must be bound to theCoinsTabletable in the database.
  • Sale Price must be appropriately formatted to appear as currency and should be right aligned.
  • The image is the image described in the Picture field in the CoinsTabletable.
  • The GridView must have sorting enabled.
Change password

The Change Password page should appear as follows. For brevity, only the content area is shown.

Note that you may use the change password control.

Register page

The Register page should appear as follows. For brevity, only the content area is shown.

Note that:

  • The newly created user must be added to the member role.
  • The newly created user should be automatically logged in and the Specials page shown when the user clicks continue on the Complete step of the CreateUserWizard. You can optionally include a message to the user to show the registration is complete similar to the following screenshot
  • You may adjust your Web.config file so that the security question and answer are not required if desired.

Administration

Menu bar

When a user has signed in as an administrator then the user should have the menu options

The default administration page should appear as follows:

Administration – Manage catalogue

The manage catalogue page should appear as follows. For brevity, only the content area is shown.

This page consists of a DropDownList control, a GridView control and a FormView control. The GridView control lists existing coinsin the catalogue; the FormView is to be used for adding a new coinsto the catalogue.

With respect to the drop-down list control, note that:

  • The drop-down list must show a list of all Country that appear in the CoinsTabletable.
  • Duplicates should not appear in the drop-down list.
  • When a Country is selected from the drop-down list, the GridView should be updated to show all CoinsTablein that Country.

With respect to the GridView, note that:

  • The GridView must be bound to the CoinsTabletable in the database.
  • All prices must be appropriately formatted to appear as currency and should be right aligned.
  • Editing, deleting and sorting must be enabled.

With respect to the FormView control, note that:

  • The default mode must be insert.
  • There is no field in the form view for CoinId. You should remove this field from the insert item template of the form view. The CoinIdfield should be set automatically.
  • There is no field in the form view for LastUpdate. You should remove this field from the insert item template of the form view. The LastUpdatefield should be set to the current data and time.
  • During the inserting event, you must add the Countryvalue from the drop-down list into values being inserted into the database.
  • The inserted record should appear in the GridView immediately.

Administration – Add new user

The Add new user page must appear as follows. Note that for brevity, only the main content area is shown.

Note that

  • you may simply use the CreateUserWizard control
  • you may configure your Web.config file to remove the security question and answer if desired.

Administration – Add user to role