Skip to content

Latest commit

 

History

History
216 lines (215 loc) · 8.17 KB

Backlog.md

File metadata and controls

216 lines (215 loc) · 8.17 KB
Raw

Backlog

  • Initialize Spring project
  • Database
    • Currently, data is stored using SQLite in todo.db file in root folder
    • User
      • users_roles (many-to-many)
      • Role (high-level roles)
        • roles_privileges (many-to-many)
        • Privilege (low-level permissions)
      • verification_token
      • persistent_logins
      • password_reset_token
      • security_question
      • security_question_definition
      • users_follows(follower is following the followed user)
    • Todo
      • todo-log
      • todos_logs
    • Set username & password
    • Migrate to MySQL
  • General
    • Header/Navigation/Footer fragments
      • Spring Security JSP Taglib is added for easier control of authenticated users
    • Set page title
      • Each page's title is encapsulated in model
    • Support UTF-8 encoding
    • Handle exceptions with exact error reason
      • All exceptions will be redirected to /error showing the reason and what happened.
      • If any error occurs in subdirectories, the page is not shown correctly
    • Multi-language (English / Italian)
      • Currently user-session based
      • Change static texts to <spring:message code="key"/>
  • Search
    • in Todos
    • in Gym
      • Plans
      • Workouts
  • Access Management
    • User
      • Profile
        • Account details
          • Name, Bio, Location
        • Photo
        • Change password
        • Delete account
        • Security
          • Who can see me?
      • User's Public Page
      • Follower / Following
        • Follow / Unfollow
          • 🟡 a user can follow any user, multiple times
    • Log in
      • Spring Security
      • There are two roles ROLE_USER and ROLE_ADMIN
      • Everyone can access Log in or Sign up, but for accessing the todos, the user must log in or sign up first.
      • User can not login on multiple clients at the same time
      • After login, user shouldn't be able to login again
      • Field validation
      • Log out
      • Forgot my password
        • The data is separately stored in PasswordResetToken with 12-hour limit
        • Security Question
        • Field validation
      • Remember me
        • Note that the check-box should be ... name="remember-me" ...
        • Client-side (cookie)
        • Server-side (persistence)
          • ❌ it seems db is not populated
      • Logged in user, should not be able to reach pages like "Login", "Signup", ...
        • Managed in SecurityConfiguration, by defining the rules
      • Signup new user
        • All new users are registered as USER
        • Filed validation
        • Security Question
          • Entity SecurityQuestionDefinition stores the questions.
          • Entity SecurityQuestion manages the relationship between the User and it's security question_id & answer.
          • It appears while signing up or changing password.
        • Password
          • Passwords are encrypted with BCrypt 10
          • Password strength and validation on front-end & back-end
            • It is done with jQuery & pwstrength.js
          • Password confirmation
        • Profile Photo
          • It is optional, so user can add/update it later from his profile page
          • Photo's name is changed to username + .jpg
          • It uses Storage Service to handle file upload. This interface can be extended for any other file types or customizations
        • Successful sign up
          • Email verification
            • I used smtp.gmail.com as the server. Your email credentials username & password must be inserted in application.properties
            • The user has 24 hours to verify his account
            • Token is valid
            • Token is not valid
            • Token is expired
            • User already activated
        • Unsuccessful sign up
          • Show errors & exceptions
  • Logger
    • Define logger utility
    • Log events
  • Query Optimization
  • Charts
    • Todo
      • Start-End range
      • Gantt (completed / not-completed)
    • Gym
      • Plan
      • Workout
  • Test
    • Test report
      • with mvn clean test or mvn site -DgenerateReports=false
    • Test coverage report
    • Implementing smoke & regression tests
  • Sections
    • Admin panel
      • General
        • Site name & description
        • Footer copyright
        • Anyone can register?
          • Shows/Hides the links in pages
          • Changes security policy for accessing signup page
        • Default role for registered user
          • Add new role
          • Modify role
        • Date Structure
        • Time structure
        • Language
            1. Admin can configure the language/country of whole system
            1. Any user can change the language/country of current session by himself (in footer)
      • Users
        • If user has ROLE_ADMIN, she can access the dashboard
        • List of online users
        • 1-click user's state change
        • 1-click delete user
        • Modify user
        • Add new user
          • Handle mistakes like signing up a new user
          • Email verification if user is suspended
          • Set specified roles
            • Support multiple roles
        • Define new roles
      • Todos
        • Delete (admin needs only delete todos, nothing more is needed)
        • Page size
        • Allow search engines to fetch public todos
        • Users must be registered to access a public page
        • Users must be registered to access a public todo
        • Manage Todo types & priority
      • Email
        • Admin email
        • Configurations
        • Formats
      • Security
        • How long lasts verification email
        • How long lasts reset password email
        • Newly registered users must be verified for further access
        • Password combination
        • Define new security questions
    • Todos
      • All user's todos
      • Public / Private
      • Management
        • Add new
        • Modify
        • Complete & Archive
        • Cancel/Resume (todo is never deleted, but kept forever, can be resumed)
      • Log
        • During working on the todo, user might need to comment some thoughts
        • Not editable, only removable
      • Type
        • 1-time
        • Repeatable
          • Reminder
        • mini-Task
      • Subtasks
      • Progress bar
    • Wishes
      • Todos that will be taken care later, at unknown time. When the user wants, he can turn a wish into a todo
      • Other users can comment on his wishes, or help with appropriate advices
    • Personal Life Cycle Test
      • The test is currently in Persian
    • Gym
      • Gym homepage
        • All plans
        • Active plans
        • Completed plans
        • Blog posts
        • Plan shop
          • Payment
      • Record management
        • Plan
          • View
          • Add
          • Delete
        • Workout
          • View
          • Add
          • Delete
        • Workout log (❗ only available in active plan)
          • Add
          • Edit
          • Delete
      • Search
        • Plans
        • Workouts
        • Blog
      • Filter plans
      • Statistics
        • Plan
          • Workout days and distances
          • Percentage of trained muscles
          • Numerical stats (start/end weight, difference, progress, total reps/weights)
        • Workout
          • Progress trend
          • Reps history
          • Numerical stats (start/end weight, difference, progress, total reps/weights)