This repository has been archived by the owner on Nov 16, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
eap
José Miguel Isidro edited this page Jan 8, 2023
·
1 revision
EvUP aims to allow Student Organizations and other academic entities to have a single space to advertise and manage upcoming events whilst giving the opportunity to offer some interaction with the users. This tool would boost the popularity of these events among students and also facilitate their promotion for the organizers.
The main goal of this artifact is to describe the web application architecture to be implemented, using resources organized in modules based on their properties. It also describes operations like create, read, update and delete for each resource.
| Module Name | Module Description |
|---|---|
| M01: Authentication | Web resources associated with user authentication, including the following system features: login, logout and sign-up. |
| M02: Profile and User Information | Web resources associated with profile management and user data, including the following system features: view and edit profile, account deletion, list of events that users are organizing and attending and request to be an organizer. |
| M03: Events | Web resources associated with events, including the following system features: view and search events, filter tags, event page, report, create, edit and cancel an event, join request and invite users to an event. |
| M04: User Administration | Web resources associated with administration of users, including the following system features: get reports, get organizer requests, list all user types, block/unblock users, delete event, accept/deny reports and organizer requests and make a user an organizer. |
| Abbreviation | Name | Description |
|---|---|---|
| PUB | Public | Unauthenticated User |
| USR | User | Authenticated User |
| OWN | Owner | User who's owner of a comment or an account. |
| ADM | Administrator | System Administrator |
| ATT | Attendee | Authenticated User who is attending events |
| ORG | Organizer | Authenticated User organizing events |
OpenAPI specification in YAML format to describe the vertical prototype's web resources.
Link to the a7_openapi.yaml file in the group's repository: https://git.fe.up.pt/lbaw/lbaw2223/lbaw2252/-/blob/main/a7_openapi.yaml
openapi: 3.0.0
info:
version: "1.0"
title: "LBAW EVUP API"
description: "Web Resources Specification (A7) for EVUP"
servers:
- url: lbaw2252.lbaw.fe.up.pt
description: Production server
externalDocs:
description: Find more info here.
url: https://git.fe.up.pt/lbaw/lbaw2223/lbaw2252/-/wikis/home
tags:
- name: "M01: Authentication"
- name: "M02: Profile and User Information"
- name: "M04: Events"
- name: "M05: User Administration"
paths:
# M01: Authentication
/login:
get:
operationId: R101
summary: "R101: Login Form"
description: "Provide form for authentication. Access: PUB"
tags:
- "M01: Authentication"
responses:
"200":
description: "Ok. Show Login form"
post:
operationId: R102
summary: "R102: Login action"
description: "Processes the login form submission. Access: PUB"
tags:
- "M01: Authentication"
requestBody:
required: true
content:
application/x-www-form-urlencoded:
schema:
type: object
properties:
email:
type: string
format: email
password:
type: string
format: password
required:
- email
- password
responses:
"302":
description: "Redirect after processing the login credentials."
headers:
Location:
schema:
type: string
examples:
302Success:
description: "Successful login. Redirect to homepage."
value: "/"
302Failure:
description: "Failed login. Redirect to login form."
value: "/login"
/logout:
get:
operationId: R103
summary: "R103: Logout action"
description: "Logout the current authenticated user. Access: USR"
tags:
- "M01: Authentication"
responses:
"302":
description: "Redirect after processing logout."
headers:
Location:
schema:
type: string
examples:
302Success:
description: "Successful logout. Redirect to homepage."
value: "/"
/signup:
get:
operationId: R104
summary: "R104: Sign-up Form"
description: "Provide form for new users. Access: PUB"
tags:
- "M01: Authentication"
responses:
"200":
description: "Ok. Show sign-up form"
post:
operationId: R105
summary: "R105: Sign-up action"
description: "Processes the new user sign-up form submission. Access: PUB"
tags:
- "M01: Authentication"
requestBody:
required: true
content:
# since we want to upload binary files (avatar)
multipart/form-data:
schema:
type: object
properties:
name:
type: string
email:
type: string
userPhoto:
type: string
format: binary
required:
- name
- email
- password
responses:
"302":
description: "Redirect after processing the new user sign-up form."
headers:
Location:
schema:
type: string
examples:
302Success:
description: "Successful registration. Redirect to user profile."
value: "/users/{id}"
302Failure:
description: "Failed registration. Redirect to sign-up form."
value: "/signup"
# M02: Profile and User Information
/user/{id}:
get:
operationId: R201
summary: "R201: View your own profile"
description: "Show the individual user profile. Access: OWN"
tags:
- "M02: Profile and User Information"
parameters:
- in: path
name: id
schema:
type: integer
required: true
responses:
"200":
description: "Ok. Show user profile (UI20)"
"404":
description: "User not found"
/user/{id}/public:
get:
operationId: R202
summary: "R202: View public user profile"
description: "Show the individual public user profile. Access: PUB"
tags:
- "M02: Profile and User Information"
parameters:
- in: path
name: id
schema:
type: integer
required: true
responses:
"200":
description: "Ok. Show user profile (UI20)"
"404":
description: "User not found"
/user/{id}/edit:
get:
operationId: R203
summary: "R203: User profile edition form"
description: "Provide form for user profile edition. Access: OWN"
tags:
- "M02: Profile and User Information"
parameters:
- in: path
name: id
schema:
type: integer
required: true
responses:
"200":
description: "Ok. Show user profile edition form"
"401":
description: "Unauthorized. Must be authenticated"
"403":
description: "Forbidden. Must be owner of the profile"
"404":
description: "User not found"
post:
operationId: R204
summary: "R204 : Edit profile action"
description: "Processes the profile edition form. Access: OWN"
tags:
- "M02: Profile and User Information"
requestBody:
required: true
content:
application/x-www-form-urlencoded:
schema:
type: object
properties:
username:
type: string
email:
type: string
name:
type: string
required:
- username
- email
- name
responses:
"302":
description: "Redirect after processing the profile edit form."
headers:
Location:
schema:
type: string
examples:
302Success:
description: "Successful profile edition. Redirect to profile Page."
value: "/user/{id}"
302Failure:
description: "Failed profile edition. Redirect to profile form."
value: "/user/{id}"
/user/accept/{id}:
put:
operationId: R205
summary: "R205: Accepts an invite"
description: "Accepts an invite to an event that the user received. Access: OWN"
tags:
- "M02: Profile and User Information"
parameters:
- in: path
name: id
schema:
type: integer
required: true
responses:
"200":
description: "Ok. Show user events organized"
"401":
description: "Unauthorized. Must be authenticated"
"403":
description: "Forbidden. Must be owner of the profile"
"404":
description: "Invite not found"
/user/deny/{id}:
put:
operationId: R206
summary: "R206: Does not accept an invite"
description: "Does not accept an invite to an event that the user received. Access: OWN"
tags:
- "M02: Profile and User Information"
parameters:
- in: path
name: id
schema:
type: integer
required: true
responses:
"200":
description: "Ok. Show user events organized"
"401":
description: "Unauthorized. Must be authenticated"
"403":
description: "Forbidden. Must be owner of the profile"
"404":
description: "Invite not found"
# M03 : Events
/event/{id}:
get:
operationId: R301
summary: "R301: View event page"
description: "Show the individual event page. Access: USR"
tags:
- "M03: Events"
parameters:
- in: path
name: id
schema:
type: integer
required: true
responses:
"200":
description: "Ok. Show event page"
"404":
description: "Event not found"
post:
operationId: R302
summary: "R302: Edit event page action"
description: "Processes the event edit page form submission. Access: OWN"
tags:
- "M03: Events"
parameters:
- in: path
name: id
schema:
type: integer
required: true
requestBody:
required: true
content:
multipart/form-data:
schema:
type: object
properties:
eventName:
type: string
address:
type: string
description:
type: string
eventPhoto:
type: string
format: binary
startDate:
type: string
format: date
endDate:
type: string
format: date
responses:
"302":
description: "Redirect after processing the event updated information."
headers:
Location:
schema:
type: string
examples:
302Success:
description: "Successful event edition. Redirect to event page."
value: "/event/{id}"
302Failure:
description: "Failed event edition. Redirect to edit event form."
value: "/event/{id}/edit"
/event/{id}/edit:
get:
operationId: R303
summary: "R303 : Event edition form"
description: "Provide a form for event edition. Access: OWN"
tags:
- "M03: Events"
parameters:
- in: path
name: id
schema:
type: integer
required: true
responses:
"200":
description: "OK. Show event edition form"
"401":
description: "Unauthorized. Must be authenticated."
"403":
description: "Unauthorized. Must be the owner of the event"
"404":
description: "Event not found"
/event/{id}/searchUsers:
post:
operationId: R304
description: "Show Search Page given a search type and value. Access: PUB"
tags:
- "M03: Events"
parameters:
- in: path
name: id
schema:
type: integer
required: true
requestBody:
required: true
content:
multipart/form-data:
schema:
type: object
properties:
eventid:
type: integer
search:
type: string
responses:
"200":
description: "OK."
/event/{id}/inviteUsers:
post:
operationId: R305
description: "Invite users to an event. Access: PUB"
tags:
- "M03: Events"
parameters:
- in: path
name: id
schema:
type: integer
required: true
requestBody:
required: true
content:
multipart/form-data:
schema:
type: object
properties:
eventid:
type: integer
search:
type: string
responses:
"200":
description: "OK"
/event/{id}/attendees:
get:
operationId: R306
description: "Get attendees of an event. Access: ATT"
tags:
- "M03: Events"
parameters:
- in: path
name: id
schema:
type: integer
required: true
responses:
"200":
description: "OK."
/event/{id}/adduser:
get:
operationId: R307
description: "Get list of users not attending event. Access: ATT"
tags:
- "M03: Events"
parameters:
- in: path
name: id
schema:
type: integer
required: true
responses:
"200":
description: "OK."
/event/{eventid}/adduser/{userid}:
post:
operationId: R308
description: "Adds users to an event. Access: ORG"
tags:
- "M03: Events"
parameters:
- in: path
name: eventid
schema:
type: integer
required: true
requestBody:
required: true
content:
multipart/form-data:
schema:
type: object
properties:
eventid:
type: integer
userid:
type: integer
responses:
"200":
description: "OK."
/event/{eventid}/removeuser/{userid}:
post:
operationId: R309
description: "Removes users of an event. Access: ORG"
tags:
- "M03: Events"
parameters:
- in: path
name: eventid
schema:
type: integer
required: true
requestBody:
required: true
content:
multipart/form-data:
schema:
type: object
properties:
eventid:
type: integer
userid:
type: integer
responses:
"200":
description: "OK."
/myEvents:
get:
operationId: R310
description: "Get events user is attending/has attending. Access: USR"
tags:
- "M03: Events"
responses:
"200":
description: "OK."
/myEvents/organizing:
get:
operationId: R311
description: "Get events user is organizing. Access: ORG"
tags:
- "M03: Events"
responses:
"200":
description: "OK."
/myEvents/createEvent:
get:
operationId: R312
description: "Get forms to create event. Access: ORG"
tags:
- "M03: Events"
responses:
"200":
description: "OK."
post:
operationId: R313
description: "Leave event user is attending/has attendend. Access: ORG"
tags:
- "M03: Events"
requestBody:
required: true
content:
multipart/form-data:
schema:
type: object
properties:
eventname:
type: string
eventadress:
type: string
public:
type: boolean
description:
type: string
startdate:
type: string
enddate:
type: string
parameters:
- in: path
name: id
schema:
type: integer
required: true
responses:
"200":
description: "OK."
"401":
description: "Unauthorized. Must be authenticated"
"403":
description: "Forbidden. Must be owner of the event"
"404":
description: "Event not found"
/myEvents/{id}:
post:
operationId: R314
summary: "R305: "
description: "Leave event user is attending/has attendend. Access: ORG"
tags:
- "M03: Events"
requestBody:
required: true
content:
multipart/form-data:
schema:
type: object
properties:
eventid:
type: integer
parameters:
- in: path
name: id
schema:
type: integer
required: true
responses:
"200":
description: "OK."
"401":
description: "Unauthorized. Must be authenticated"
"403":
description: "Forbidden. Must be attendee of the event"
"404":
description: "Event not found"
# M04: User Administration
/admin:
get:
operationId: R401
summary: "R401: Administration Panel"
description: "Administration Page. Access: ADM"
tags:
- "M04: User Administration"
responses:
"200":
description: "Ok. Access to administration page"
"400":
description: "Bad request."
"401":
description: "Unauthorized. Not logged in"
"403":
description: "Forbidden. No permissions"
"404":
description: "Not found"
/admin/reports/{report_id}/close:
put:
operationId: R402
summary: "R402: Close a report"
description: "Processes a report and closes it"
tags:
- "M04: User Administration"
parameters:
- in: path
name: report_id
schema:
type: integer
required: true
responses:
"200":
description: "Ok. Report closed successfully."
/admin/organizerRequests/{organizerRequests_id}/deny:
put:
operationId: R403
summary: "R403: Denies an organizer requests"
description: "Processes an organizer requests and denies it"
tags:
- "M04: User Administration"
parameters:
- in: path
name: organizerRequests_id
schema:
type: integer
required: true
responses:
"200":
description: "Ok. Organizer Request denied successfully."
/admin/organizerRequests/{organizerRequests_id}/accept:
put:
operationId: R404
summary: "R404: Accepts an organizer requests"
description: "Processes an organizer requests and accepts it"
tags:
- "M04: User Administration"
parameters:
- in: path
name: organizerRequests_id
schema:
type: integer
required: true
responses:
"200":
description: "Ok. Organizer Request accepted successfully."
/admin/users:
get:
operationId: R405
summary: "R405: View users"
description: "Page with information about all users. Access: ADM"
tags:
- "M02: Profile and User Information"
- "M04: User Administration"
responses:
"200":
description: "Ok. Show users "
"400":
description: "Bad request."
"401":
description: "Unauthorized. Not logged in"
"403":
description: "Forbidden. No permissions"
"404":
description: "Not found"
/admin/users/search:
get:
operationId: R406
summary: "R406 : User search"
description: "Provides a page component with a list of users. Access: ADM"
tags:
- "M02: Profile and User Information"
- "M04: User Administration"
parameters:
- in: query
name: value
description: "string used for full-text search"
schema:
type: string
required: true
responses:
"200":
description: "OK. Show a list of users that fit the query."
/admin/users/add:
get:
operationId: R407
summary: "R407: Admin Add User Form"
description: "Administration Page to add a new user to the platform. Access: ADM"
tags:
- "M04: User Administration"
responses:
"200":
description: "Ok. Access to administration page"
"400":
description: "Bad request."
"401":
description: "Unauthorized. Not logged in"
"403":
description: "Forbidden. No permissions"
"404":
description: "Not found"
post:
operationId: R408
summary: "R408: Admin Add User Action"
description: "Adds a new user to the platform. Access: ADM"
tags:
- "M04: User Administration"
requestBody:
required: true
content:
application/x-www-form-urlencoded:
schema:
type: object
properties:
name:
type: string
username:
type: string
email:
type: string
password:
type: string
required:
- name
- username
- email
- password
responses:
"200":
description: "Ok. Access to administration page"
"400":
description: "Bad request."
"401":
description: "Unauthorized. Not logged in"
"403":
description: "Forbidden. No permissions"
"404":
description: "Not found"
/admin/users/{user_id}/ban:
put:
operationId: R409
summary: "R409: Bans an user"
description: "Changes User Status to 'Blocked', effectively banning him from the platform. Access: ADM"
tags:
- "M04: User Administration"
parameters:
- in: path
name: user_id
schema:
type: integer
required: true
responses:
"200":
description: "Ok. Successfully banned user."
"400":
description: "Bad request."
"401":
description: "Unauthorized. Not logged in"
"403":
description: "Forbidden. No permissions"
"404":
description: "Not found"
/admin/users/{user_id}/unban:
put:
operationId: R410
summary: "R410: Unbans an user"
description: "Changes User Status to 'Active', effectively unbanning him from the platform. Access: ADM"
tags:
- "M04: User Administration"
parameters:
- in: path
name: user_id
schema:
type: integer
required: true
responses:
"200":
description: "Ok. Successfully unbanned user."
"400":
description: "Bad request."
"401":
description: "Unauthorized. Not logged in"
"403":
description: "Forbidden. No permissions"
"404":
description: "Not found"
The vertical prototype implements the high priority high user stories and aims to validate the architecture presented.
| User Story reference | Name | Priority | Description |
|---|---|---|---|
| US01 | Browse Events | high | As a User, I want to browse events, so that I can see all the current public events available |
| US02 | View Public Event | high | As a User, I want to access the event page, so that I can see a complete description of it |
| US03 | Search Events | high | As a User, I want to search the platform keywords, so that I can quickly find events that I am looking for |
| US08 | Sign-in | high | As a Visitor, I want to authenticate into the system, so that I can access privileged information |
| US09 | Sign-up | high | As a Visitor, I want to register myself into the system, so that I can authenticate myself into the system |
| US13 | Invite Users to Public Event | high | As an Authenticated User, I want to invite users to public events, so that they can join me in events I’m attending |
| US14 | Manage Events Attended / to Attend | high | As an Authenticated User, I want to manage my events attended / to attend, so that I can add and remove events if I need to |
| US15 | View Profile | high | As an Authenticated User, I want to view my profile, so that I can access my information |
| US16 | Edit Profile | high | As an Authenticated User, I want to edit my profile, so that I can change my information |
| US17 | Logout | high | As an Authenticated User, I want to logout, so that I can exit my account |
| US18 | Create Event | high | As an Event Organizer, I want to create events, so that I can publish it in the platform |
| US19 | Edit Event Details | high | As an Event Organizer, I want to edit an event’s details, so that I can keep the attendees informed |
| US20 | Add User to Event | high | As an Event Organizer, I want to add an user to a event, so that they can attend said event |
| US21 | Manage Event Details | high | As an Event Organizer, I want to manage an event’s details, so that I can make any changes to the event’s title, description, date, etc |
| US22 | Manage Event Participants | high | As an Event Organizer, I want to manage an event’s participants, so that I can make any changes to the participants’ list |
| US23 | Delete Event | high | As an Admin, I want to delete events from the platform so they can no longer be accessed or viewed by authenticated users |
| US24 | Browse Events | high | As an Admin, I want to browse events, so that I can see all the current public events available |
| US25 | View Event Details | high | As an Admin, I want to see event’s details, so I can check if its content is within the website’s terms |
| US26 | Administer User Accounts | high | As an Admin, I want to be able to manage all the user accounts, including searching, editing, creating and viewing them |
| US27 | Block Users | medium | As an Admin, I want to be able to block user accounts, in case they are breaking the terms of service |
| US28 | Unblock Users | medium | As an Admin, I want to be able to unblock user accounts, in case they were block unjustly |
Module M01: Authentication
| Web Resource Reference | URL |
|---|---|
| R101: Login form | GET/login |
| R102: Login action | POST/login |
| R103: Logout action | GET/logout |
| R104: Sign-up form | GET/signup |
| R105: Sign-up action | GET/signup |
Module M02: Profile and User Information
| Web Resource Reference | URL |
|---|---|
| R201: View user profile | GET/user/{id} |
| R202: View public user profile | GET/user/{id}/public |
| R203: Form to user profile | GET/user/{id}/edit |
| R204: Edit the user profile | POST/user/{id}/edit |
| R205: Accepts an invitation to an event | PUT/user/accpet/{id} |
| R206: Rejects an invitation to an event | PUT/user/accept/{id} |
Module M03: Events
| Web Resource Reference | URL |
|---|---|
| R301: View event page | GET/event/{id} |
| R302: Edit event page action | POST/event/{id} |
| R303: Event edition form | GET/event/{id}/edit |
| R304: Show Search Page given a search type and value | POST/event/{id}/searchUsers |
| R305: Invite users to an event | POST/event/{id}/inviteUsers |
| R306: Get attendees of an event | GET/event/{id}/attendees |
| R307: Get list of users not attending event | GET/event/{id}/adduser |
| R308: Adds users to an event | POST/event/{eventid}/adduser/{userid} |
| R309: Removes users of an event | POST/event/{eventid}/removeuser/{userid} |
| R310: Get events user is attending | GET/myEvents |
| R311: Get events user is organizing | GET/myEvents/organizing |
| R312: Get forms to create event | GET/myEvents/createEvent |
| R313: Leave event user is attending | POST/myEvents/createEvent |
| R314: Leave event user is attending | POST/myEvents/{id} |
Module M04: User Administration
| Web Resource Reference | URL |
|---|---|
| R401: Administration panel | GET/admin |
| R402: Close a report | PUT/admin/reports/{report_id}/close |
| R403: Denies an organizer requests | POST/admin/organizerRequests/{organizerRequests_id}/deny |
| R404: Accepts an organizer requests | POST/admin/organizerRequests/{organizerRequests_id}/accept |
| R406: View users | GET/admin/users |
| R405: User search | GET/admin/users/search |
| R407: Admin Add User Form | GET/admin/users/add |
| R408: Admin Add User Action | POST/admin/users/add |
| R409: Bans an user | PUT/admin/users/{user_id}/ban |
| R410: Unbans an user | PUT/admin/users/{user_id}/unban |
The prototype is available at:
- lbaw2252.lbaw.fe.up.pt
Credentials:
-
User:
- email: mfalcus0@google.com.hk
- password: 1234
-
Administrator:
- email: admin@evup.com
- password: 1234
-
Organizer:
- email: organizer@evup.com
- password: 1234
The code is available at:
Changes made to the first submission:
- Added A7 and A8
- Editor for the first submission: Sara Moreira Reis
- Last Changed: 24/11/2022
GROUP2223
- Daniela Tomás, up202004946@edu.fc.up.pt
- Hugo Almeida, up202006814@edu.fe.up.pt
- José Miguel Isidro, up202006485@edu.fe.up.pt
- Sara Moreira Reis, up202005388@edu.fe.up.pt