This is the backend program written in java providing backend functionality for the frontend of project 1.
- Java EE
- Spring framework
- Hibernate (persistence)
- Maven (project object model)
- PostgreSQL
- Dependencies
- junit
- jackson-databind
- spring-webmvc
- spring-test
- mockito-core
- Mockito and PowerMockito (unit testing)
The approach we took was to build out the User, Post, Comment, Profile layers in tandem with Auth thus allowing us to avoid code refactoring later on. Once basic functionality was met we began integrating the front-end application and dealt with exception handling via Postman. Unit Testing accounted for the breadth of our project as we tried to hit on every instruction not neccesarily just meet the minimum coverage. Final steps were to test making sure no breaks occurred during fetches and all exceptions were handled.
- ERD for the clarity of database entity relationship
- CRUD for designing routes
- DRY (don't repeat yourself) and KISS (keep it simple)
- UML to visualize the system structure
- Pivitol tracker
- User Stories/Wireframes
- User Stories to break down requirements and concepts into features
- we broke down the features and steps into Epics, User Stories, and Tasks to manage the progress
- Continuous Integration & Early Deliverables
- we kept on testing the functionality with postman and integrating the frontend to ensure the deliverables along the way
- Pair Programming
| URL Pattern | Method | Description | Bearer Token Auth |
|---|---|---|---|
| /postit/user/signup | Post | Create Account | N |
| /postit/user/login | Post | Login | N |
| /postit/post/ | Post | Create Post for authenticated user | Y |
| /postit/post/{post_id} | Delete | Delete post by post id | Y |
| /post/list | Get | Get all posts | N |
| /postit/profile | Post | Create Profile for authenticated user | Y |
| /postit/profile | Post | Update Profile for authenticated user | Y |
| /postit/profile | Get | Get Profile for authenticated user | Y |
| /postit/comment/{post_id} | Post | Create Comment by post id | Y |
| /postit/comment/{comment_id} | Delete | Delete comment by comment id | Y |
| /postit/user/post | Get | Get all posts by the authenticated user | Y |
| /postit/post/{post_id}/comment | Get | Get comments by post id | N |
- CORS
- When integrating front-end app came across a few different CORS related issues.
- Request Authentication and its unit test for controller
-
To extract the authentication information, we added one argument for the Authentication object in the controller functions.
-
Directly placing the Authentication object in controller function led to duplicate code and a harder setup for the unit test with mockito MVC builder, so we used SecurityContextHandler to get the authentication information in a separate function, which made the code isolated and easier for testing.
- Unit test for static methods and constructors
- Mockito doesn't support mocking for static methods and constructors, we adopted PowerMockito partially to overcome this case.
- User Role
-
The backend has only one role "ROLE_USER". For a better differentiation of user group, we need to implement more methods for UserRole entity.
-
user signup needs a user role to obtain an authority level for security configuration, but we designed not to expose the user role setting to regular user, so we used a default role 'ROLE_USER' for user signing up and only Admin can user /role url to grant any other level of authorities.
- Higher unit testing coverage
Qiming Chen
Christopher Cook