Final Technical Requirements Group Projects

Overall Requirements:

  • Your team project must meet ALL of the following requirements,
  • By the last day of class

Requirements (in no particular order):

  1. No Yellow Screens of Death. All error pages must be custom pages with your normal website header and a helpful message explaining what went wrong. Feel free to be creative, i.e. best 404 pages For sure you should take care of 404, but you're also likely to see 500 or even 400, 401, ... You should have a catchall so that any error displays your custom error page. Note, the behavior of error pages is different on Azure than on IIS on localhost.
  2. Not susceptible to XSS attacks, either reflected or stored, and not susceptible to XSRF attacks.
  3. All input forms (POST, PUT, DELETE) must be protected by either a login, or a CAPTCHA. You cannot have any unprotected forms that modify your database that could be abused by scripts (Selenium?). This includes your registration page.
  4. You'll need a credits page that includes:
    • description of the reason for the project, dates and place: WOU (spell it out) CS 460-462 Software Engineering I, II and III, Senior Capstone course, ...
    • all team members names
    • a link to your projects Git repository, which should be public
    • summary of tech/languages/SDLC/tools used to develop your site, include tools like Slack
    • anything you're proud of or want to say, or highlight
  5. No passwords, API keys or other private data can appear anywhere in your Git repository. If it did appear at one time in the past and was committed to the repository, then you'll need to remove it and change the passwords, keys, etc. Someone could very easily go back through past commits and search for passwords.
  6. You must have solitary UP and DOWN sql scripts that can be used to build your entire database from nothing, and then take it back down. No migrations scripts, incremental changes scripts, etc. ONE for bringing it up; and ONE for tearing it back down.
  7. You should have a page linked to from your Git repository home page (i.e. README.md) that explains all major steps required to install your application and get it up and running.
  8. All major database functionality must be refactored into using the Repository pattern using dependency injection, i.e. IoC and DI.
  9. Critically important functionality must be covered by unit tests. You don't need to unit test Identity functionality and you don't need to test everything.
  10. All regression tests (both NUnit and Selenium) must be present in your Git repository, and must PASS.
  11. Must be deployed with Continuous Deployment on Azure.
  12. Your source code should look professional: no sloppy code! All code that isn't trivially obvious (to an ASP.NET MVC 5 and Javascript programmer) must be commented.
  13. You can't store any user generated files (i.e. images, pdfs, etc.) on your web server. That is, you can't save user generated files in your App_Data folder.
  14. [Optionally] Visualize your software development activities with Gource. Record the video and put it on your Bitbucket welcome page. It's a great way to show people how much work you all put in!
  15. Generate an E-R diagram for your final database schema, save it as an image file, place it in your repo and include a link to it in your readme or other front-facing page.