Practical assessment 2—ASP.NET 4.5Due date: 5:00pm AEST, Friday Week 10 ASSESSMENT

Weighting: 25%

2Length: No set length

ObjectivesThis assessment item relates to the course learning outcome numbers 2 and 3.

More specifically, the objective of this assignment is for students to:

Develop, test and maintain a dynamic Internet application for business using an integrated suite of software tools.

IntroductionYou are required to further develop the South-East eat street website using ASP.NET 4.5 and C#. You must develop the web pages according to the specifications given in this document. This means that you must provide the functionality specified, produce the layout specified and use the data and images provided on the course website. You may change the colour scheme and general styling, but you may not change the layout or functionality described. This document is a specification that you are required to implement.

Overview of website to be developedYour website must:

Use a master page and content pages throughout

Define and use a consistent theme throughout

Use a web.sitemap and related navigation controls

Use roles and authorization rules to implement site security

Use a database to retrieve food details; this database will be supplied to you

Simulate implementing a shopping cart so that foods can be bought from the catalog page.

You are also required to:

Submit a brief Word document describing what features did and did not work in your website.

You are required to develop the following content pages:

Web Page DescriptionDefault.aspx The home page.Pages/OurMenu.aspx Top level page under the "Our Menu" menu optionPages/FoodMenu.aspx Lists foods from different Country in a grid view format,

includes drop-down list filter, thumbnails and hyperlinks.Pages/FoodItem.aspx This page displays an individual item so that it can be added

to the shopping cartPages/Specials.aspx Lists foods that are available on sale at 10% off their sale

price.Pages/ChangePassword.aspx This page allows authenticated users to change their

password.Pages/Register.aspx This page allows users to register as a member.

Page 1 of 24

Aussie Stamp Place

Admin AddUser.aspx AddUserToRole.aspx Default.aspx Manage

Menu.aspx

Pages

Food

Menu.aspx

FoodItem.aspx

Specials.aspx Register.aspx

ChangePassword.aspx

Default.aspx

App_Data

Images

Default.aspxMasterPage.mast

er Web.configWeb.sitem

ap

FoodDB.mdf

Themes

Shopping

ShoppingCartPage.aspx Checkout.aspx ShoppingCartItem.aspx

Pages/ContactUs.aspx This page provides contact details and also allows users to provide a feedback.

Admin/Default.aspx The top-level page in the admin menu.Admin/AddUser.aspx This page allows admin users to add a new user.Admin/AddUserToRole.aspx This page allows admin users to add an existing user to an

existing role.Admin/ManageMenu.aspx This page allows admin users to add, edit or delete foods

from the foods Menu.Shopping/Checkout.aspx This page implements the checking out stage of the E-

commerce pipelineShopping/ShoppingCart.aspx This page implements the displaying of the contents of the

current shopping listShopping/ShoppingCartItem.aspx This page contains details on a single item, and the link to

add the item to the shopping cart

You must also create the Web.sitemap and Masterpage.master files, as well as make appropriate edits to the web.config file.

These requirements are discussed in more detail below.

Provided materials – starter kitTo get you started, an assignment 2 starter kit is available on the web site. This starter kit contains:

The Images directory containing all the images required for the assignment

FoodDB.mdf – the SQL database required for this assignment

The resources files required for the themes for this assignment

Website structureThe files in your website should be structured in the following way:

Page 2 of 24Aussie

Web.sitemapYou must construct your web.sitemap to achieve the following menu hierarchy:

Home

Food Menu

Register

Current specials

Change password

Admin

Shopping Cart

Checkout

Contact Us

Manage Food Menu

Add new user

Add user to role

The menu items above must map to the following content pages:

Menu item Content page

Home ~/Default.aspx

Food Menu ~/Pages/FoodMenu.aspx

Register ~/Pages/Register.aspx

Current specials ~/Pages/Specials.aspx

Change password ~/Pages/ChangePassword.aspx

Contact Us ~/Pages/ContactUs.aspx

Administration ~/Admin/Default.aspx

Page 3 of 24

App_Themes

Images

Web.sitemap

Web.config

MasterPage.Master

default.aspx

.aspx

Indian Chinese.aspx

Pages

SouthEastEatStreet

Administration > Manage Menu ~/Admin/ManageFoodMenu.aspx

Administration > Add new user ~/Admin/AddUser.apsx

Administration > Add user to role ~/Admin/AddUserToRole.aspx

Shopping Cart ~/Shopping/ShoppingCartPage.aspx

Checkout ~/Shopping/Checkout.aspx

Master pageYour master page must achieve the following layout:

Header The header must contain the logo. The actual logo displayed will depend on the theme. The Colour1 theme uses logo logo.jpg. The Monochrome theme uses logo-grey.jpg.

BreadcrumbThe breadcrumb division should contain a SiteMapPath control. Your breadcrumb should not be hardcoded.

Sidebar – menu The menu division must contain a Navigation area. The navigation area will display a TreeView based on the Web.sitemap file.

Note:

The TreeView control must obtain its menu items from the Web.sitemap file; menu items should not be hard coded into the TreeView control.

Three styles have been provided to you in the CSS file: dynamicHoverStyle, dynamicMenuItem and staticMenuItem. You should apply these CSS styles to your TreeView control – this will help ensure the correct appearance of the control.

Your TreeView control should not show the top (Home) node.

Page 4 of 24

FooterThe footer contains two other divisions – the copyright and lastupdate divisions. The copyright division should contain a copyright symbol, your name and the current year, along with the image copyright statement. The lastupdate division should contain the date that the website was last updated. You may hard code this date. This is unchanged from assignment 1.

The database fileA SQL database is provided to you in the Assignment 2 starter kit. It contains all the necessary data required for this assignment. The database is named FoodDB.mdf. You will need to place a copy of this database in the App_Data directory of your website.

This database contains a table named FoodTable . FoodTable contains the following fields:

Field Data type Required Description

FoodId Autonumber (int) Yes Unique number for each food, automatically supplied by the database

Name nvarchar(50) Yes The name for the food item, eg. Fried Noodles

Price money Yes The cost of the food item

InStock int Yes The number of foods in stock

LastUpdate datetime Yes When the data was last modified

Picture nvarchar(50) Yes URL for link to image for this food

Country String Yes Country of origin; Indian or Chinese

OnSpecial smallint Yes 0 if not on special, 1 if on special

If you wish to you can use the information from the above tables to re-create the database.

Page 5 of 24

Home pageThe home page should appear as follows for an unauthenticated user:

Food MenusThe Food Menus page must appear as follows. Note that for brevity, only the main content area is shown.

After selecting the country of origin, the foods from the country of origin should be displayed as shown.

Page 6 of 24

Note that:

A GridView control should be used to achieve the table layout.

The GridView control must be bound to the FoodTable table in the database.

Price must be appropriately formatted to appear as currency and should be right aligned.

The image is the image whose hyperlinked is given in the Picture field in the FoodTable table.

The GridView must have sorting enabled.

The drop-down list must show a list of foods from the Country given in the DropDownList.

Duplicates should not appear in the DropDownList list.

When a particular Country value is selected from the DropDownList list, the GridView should be updated to show all foods with that Country value.

Page 7 of 24

Sidebar – login The LoginArea division must contain a LoginView control. You are to use the LoginView control to display different content depending on whether or not the user is authenticated. Specifically, if the user is un-authenticated (i.e. not logged in), they should see a login control as follows:

Note that:

You should apply the CssClass loginControl to the Login control. This will help achieve the appearance shown above.

You should not display "Remember me".

The hyperlink underneath the “Log In” button should say: Not a member? Please Register. You can do this by setting the CreateUserText property. Clicking this link should take the user to ~/Pages/Register.aspx.

Experiment with the TextLayout property to obtain the layout above.

If the user is authenticated, they should see a Login name and LoginStatus control. A user logged as kuttys should see the following:

Note that a LoginName and a LoginStatus control are used to achieve this.

Contact UsThis page allows users to access contact details of Aussie Food place. To achieve this, create a webpage ContactUs.aspx in Pages folder similar to the below screenshot:

Page 8 of 24

Note:

On clicking the submit button a pop up message should appear to thank the user for providing feedback.

Roles and securityYou are required to:

Create appropriate roles, as described below

Create three users for testing, as described below

Implement authorization rules to achieve the security access, as described below

Implement security trimming; guidance is given below

Set the home page as the login page; guidance is given below.

RolesYou are required to create two roles as follows:

Member

Admin

You may use the WSAT tool to create these three roles.

RolesYou should create the following three roles for the purposes of testing and marking. Failure to create these roles may result in loss of marks:

User Name Password Role

kuttys kuttys@123 member

mary admin@123 admin

Authorization rulesAccess to content pages must be restricted as shown below. You are required to add the appropriate authorization rules to the Web.config file to achieve the security restrictions shown below:

Page 9 of 24

Page name Unauthenticated users

Member Admin

Home

Food Menu

Current specials see note below

Change password

Page 10 of 24

Administration

Administration > Manage Food Menu

Administration > Add new user

Administration > Add user to role

Shopping Cart

Checkout

ContactUs

Note: Refer to the section below on the Current specials page for more information.

Security trimmingYou must implement security trimming. Security trimming means that a user can only see those menu items for which they have authorization. They cannot see menu items for pages that they do not have authorization. To implement security trimming, add the following code to your Web.config file just before the closing tag of </system.web>:

<siteMap defaultProvider="XmlSiteMapProvider" enabled="true"> <providers> <add name="XmlSiteMapProvider" description="Default SiteMap provider." type="System.Web.XmlSiteMapProvider" siteMapFile="Web.sitemap" securityTrimmingEnabled="true"/> </providers></siteMap>

Setting the login pageWhen a user attempts to access a page for which they are not authorized, the web server will re-direct the user to the login page. You must ensure that the user is re-directed to the home page for login services. To do this, add <forms loginUrl="Default.aspx"> to the Web.config file between authentication mode tags as follows:

<authentication mode="Forms"> <forms loginUrl="Default.aspx"></forms></authentication>

Also note the mode attribute must be set to "Forms" and the authentication element must be a pair of opening and closing tags.

Note: For an authenticated user, or a user in a role, the Navigation menu should look like this:

Page 11 of 24

SpecialsSpecials are those foods that have a value of 1 in the OnSpecials column in the FoodTable table. Any food that is currently on special is available to registered members at 10% off the sale price.

Specials are only available to registered members. However, you should not use an authorization rule to implement this security. You are to use a LoginView control to display alternate content depending on whether the user is authenticated or not.

To an unauthenticated user, the Specials page must appear as follows. Note that for brevity, only the main content area is shown.

Note that the register now hyperlink must link to ~/Register.aspx. The register page is described in more detail below.

To an authenticated user (ie a member), the Specials page must appear as follows:

Page 12 of 24

Note that:

GridView controls should be used to achieve the table layout.

The GridView controls must be bound to the FoodTable table in the database. Each table has its own GridView on the page.

Only FoodTable foods that have a OnSpecial value of 1 should appear in these lists. You can achieve this by adding a WHERE condition when configuring the data source object.

Sales Price must be appropriately formatted to appear as currency and should be right aligned.

The image is found at the Picture field in the FoodTable table.

The GridView must have sorting enabled.

The Sales Price column is a calculated field. It is not available directly from the database; you must calculate it in the underlying SELECT query. To do this:

o Set up your GridView and data source using Sale Price in lieu of Price.

o Switch to Source view. Alter the SelectCommand of the data source object, change [Price], to:[Price] * 0.90 AS [Sales Price],

o Refresh your GridView schema using the smart panel.

Note that:GridView controls should be used to achieve the table layout and each table should have its own GridView.

The GridView controls must be bound to the FoodTable table in the database.

Wholesale Price must be appropriately formatted to appear as currency and should be right aligned.

The image is the image described in the Picture field in the FoodTable table.

The GridView must have sorting enabled.

Page 13 of 24

Change passwordThe Change Password page should appear as follows. For brevity, only the content area is shown.

Note that you may use the change password control.

Register pageThe Register page should appear as follows. For brevity, only the content area is shown.

Note that:

The newly created user must be added to the member role.

The newly created user should be automatically logged in and the Specials page shown when the user clicks continue on the Complete step of the CreateUserWizard. You can optionally include a message to the user to show the registration is complete similar to the following screenshot

Page 14 of 24

You may adjust your Web.config file so that the security question and answer are not required if desired.

Administration

Menu barWhen a user has signed in as an administrator then the user should have the menu options

The default administration page should appear as follows:

Page 15 of 24

Administration – Manage MenuThe manage Menu page should appear as follows. For brevity, only the content area is shown.

This page consists of a DropDownList control, a GridView control and a FormView control. The GridView control lists existing StandardFoods in the Menu; the FormView is to be used for adding a new StandardFoods to the Menu.

With respect to the drop-down list control, note that:

The drop-down list must show a list of all Country that appear in the FoodTable table.

Duplicates should not appear in the drop-down list.

When a Country is selected from the drop-down list, the GridView should be updated to show all FoodTable in that Country.

With respect to the GridView, note that:

The GridView must be bound to the FoodTable table in the database.

All prices must be appropriately formatted to appear as currency and should be right aligned.

Editing, deleting and sorting must be enabled.

With respect to the FormView control, note that:

The default mode must be insert.

There is no field in the form view for Id. You should remove this field from the insert item template of the form view. The Id field should be set automatically.

There is no field in the form view for LastUpdate. You should remove this field from the insert item template of the form view. The LastUpdate field should be set to the current data and time.

During the inserting event, you must add the Country value from the drop-down list into values being inserted into the database.

The inserted record should appear in the GridView immediately.

Page 16 of 24

Administration – Add new userThe Add new user page must appear as follows. Note that for brevity, only the main content area is shown.

Note that

you may simply use the CreateUserWizard control

you may configure your Web.config file to remove the security question and answer if desired.

Page 17 of 24

Administration – Add user to roleThe add user to role page must appear as follows. Note that for brevity, only the main content area is shown.

This page consists of two list boxes, a button and a label control. Note that:

The first ListBox must display a list of users from the ASPNETDB.MDF database. Do not hard code these names.

The second ListBox must display a list of roles from ASPNETDB.MDF database. Do not hard code these roles.

You must develop code for the button on-click event. When the user selects a user and a role and then clicks the add user to role button, your code should:

o Check to see if the selected user is already in the selected role

o If the user is not in that role, then add the user to the role and display, for example, User kuttys added to role admin in the label control. The name and role displayed in the message should be the same as those selected in the list boxes.

o If the user is already in that role, then the message User denise is already in role admin should be displayed in the label control. The name and role displayed in the message should be the same as those selected in the list boxes. For example:

Page 18 of 24

Shopping Cart Item PageThe shopping cart item page should appear as follows:

Note that:

When a user clicks on Add to cart on the FoodList.aspx, FoodCatalog.aspx or Specials.aspx pages the food selected will appear on this page as shown.

You can create your own Add To Cart image for the button.

All information and choices must be stored in the user Profile between user sessions.Page 19 of 24

Shopping Cart PageThe shopping cart page should appear as follows:

Note that:

A control should be used on the ShoppingCartPage.aspx to implement this. The control should use a GridView to achieve the table layout.

All the items that have been added to the cart should be displayed and the total should appear on the bottom of the table as shown.

All information and choices must be stored in the user Profile between user sessions.

Checkout pageTo the unauthenticated user the Login step of the CreateUserWizard of the checkout pages should appear as follows:

The authenticated user should be taken straight to the Delivery Address step. The Delivery Address step should appear as follows:

Page 20 of 24

If the Use membership address box is checked then the address stored in the user profile should be used as the delivery address.

The Payment step should appear as follows:

Page 21 of 24

The Confirmation step should appear as follows:

The Completion step should appear as follows:

When the Finish button is pressed the user should be taken back to the FoodMenu page.

Word documentYou are to prepare a brief Word document. Your document should:

Include an appropriate title page.

List the features you successfully implemented, there is no need to describe them.

List the features you were unable to successfully implement; you should describe the problem in a few sentences and also briefly describe anything you attempted to get it to work. Your approach to identifying and attempting to fix these bugs may gain you some partial credit for those features you were unable to implement.

A description of any additional functionality you believe would be useful to add to this Website. Explain what the features are and how they would help to improve the Website.

References (if any) listed using the Harvard Referencing Style.

SubmissionYou are required to submit your assignment electronically via the Moodle course website. You must zip together:

Page 22 of 24

The directory containing your ASP.NET website. Your Word document

The resulting zip file should be submitted on the course website. Please note that you should use your student ID to name your uploaded for this assignment.

Image copyrightsImportant note to students: The images supplied on the course Website for this assignment are only to be used in preparing the solution for this assignment. Use of these images for any other purpose is strictly prohibited in accordance with the copyright laws.

Assessment criteria Assignment Component Criteria Marks Total

Master page - Login- Login controls are present on master page- Correct view of login controls for authenticated vs unauthenticated

user2

Roles & security- Appropriate security rules present in web.config- Navigation menu is trimmed - Not possible to access pages directly unless user is authorised

1

Food Menu

- Drop-down filter contains list of Country, no duplicates- Drop-down selection correctly filters grid view- Currency correctly formatted, sorting is enabled and hyperlink to cart

works correctly

2.5

Specials- Correct content view according to user's role/authentication- Specials price is calculated and shown, currency correctly formatted,

hyperlink to cart works correctly and sorting is enabled1

Register - User can register- New user is automatically added to the member role 1

Change password - Only authenticated users can access the page- Authenticated user can change password 1

Admin – manage Menu

- Filter has list of Country, no duplicates- Selection of Country filters gridview- Grid view has appropriate formatting and alignment of columns- Items in gridview can be edited/deleted- New item can be added via form view- Country and LastUpdate values added automatically during inserting

event

3

Admin – Add user - Admin user can add new user- Admin user is not logged in as new user 1

Admin – Add user to role

- User can be added to role- Correct response when user is already in role 1

ShoppingCartItem page

- Image of item is correctly displayed- Add to cart button displays the shopping cart and adds the item to the

shopping cart1

ShoppingCart page

- Uses a control to display the information that shows all items that have been added to the cart

- Allows the items to be deleted and allows the Quantity to be edited- Correctly displays the Total

1.5

Checkout page

- Login for unauthenticated users displayed, but not displayed for authenticated users

- Delivery address step correct- Payment step correct- Confirmation step displays the shopping cart correctly- Completion step takes user back to FoodMenu page

2.5

Web.config - The profile has been added to allow saving of customer selections and data between visits to site 1

Page 23 of 24

Shopping.cs - The shopping.cs code has been modified correctly 1

Word document- Lists complete and incomplete stages and describes steps taken to fix

incomplete functionality (if applicable)- Suggestions for new functionality

4.5

Penalties

Total 25

Comments:

Lecturer’s Signature Date:

Page 24 of 24