E1908 signupsheet: Difference between revisions

From Expertiza_Wiki
Jump to navigation Jump to search
No edit summary
No edit summary
Line 27: Line 27:
=====Drawbacks and Solutions=====
=====Drawbacks and Solutions=====


* '''Problem 2''': The search criteria created in the method paginate_list was difficult to comprehend.
* '''Problem 1''': Create method has an if-else condition determining if create or update should be called. Create method should not be responsible for calling update.
::The code which builds the search criteria in the method paginate_list uses many string literals and conditions and is hardly intuitive. The programmer will have to spend some time to understand what the code is really doing.
:: Identify why the if-else condition exists. The if-else condition exists because the current implementation calls update if a signup sheet with the same name already exists.  
* '''Solution''': The implementation has been changed. A student is not allowed to delete any versions now. Other types of users, for instance administrators, instructors and TAs are allowed to delete only the versions they are authorized to view.
* '''Solution''': Rectified this method by removing the call to update and flashing an error instead.  
* '''Problem 3''': The paginate method can be moved to a helper class.
::VersionsController is not the only component which require to paginate items. There are other components too. For instance, the UsersController has to paginate the list of users. Hence the Paginate method can be moved to a helper class which can be accessed by other components as well.
* '''Solution''': The filtering options has also been enhanced. The current user can now choose as part of the version search filter any user from a list of users if the current user is authorized to see the versions created by that user.


===New Implementation===
* '''Problem 2''': Update method has a plethora of instance variables defined before updating. These are not necessary (For e.g., look at update method of bookmarks_controller).
*The method paginate_list has been split into 2 methods now.  
* '''Solution''': Refactored the variables not needed out.
** BuildSearchCriteria – as the name suggests the sole purpose of this method is to build a search criteria based on the input search filters when the current user initiates a search in versions.
** paginate_list – this method will call the paginate API.
:First the search criteria is built, then the criteria is applied to versions in the database to get all versions which matches the criteria and then the retrieved versions are paginated.
<pre>
  # pagination.
  def paginate_list(versions)
    paginate(versions, VERSIONS_PER_PAGE);
  end


  def BuildSearchCriteria(id, user_id, item_type, event)
* '''Problem 3''': Several method names are renamed to be more intuitive.
    # Set up the search criteria
* '''Solution''': load_add_signup_topics is renamed to get_assignment_data and ad_info is renamed to get_ad.
    search_criteria = ''
    search_criteria = search_criteria + add_id_filter_if_valid(id).to_s
    if current_user_role? == 'Super-Administrator'
      search_criteria = search_criteria + add_user_filter_for_super_admin(user_id).to_s
    end
    search_criteria = search_criteria + add_user_filter
    search_criteria = search_criteria + add_version_type_filter(item_type).to_s
    search_criteria = search_criteria + add_event_filter(event).to_s
    search_criteria = search_criteria + add_date_time_filter
    search_criteria
  end
</pre>
* The string literals and conditions in the method paginate_list were replaced with methods with intuitive names so that the programmer can understand the code more easily. We also removed an empty if clause and a redundant statement.
<pre>
  def add_id_filter_if_valid (id)
    "id = #{id} AND " if id && id.to_i > 0
  end


  def add_user_filter_for_super_admin (user_id)
* '''Problem 4''': The list method is too long and is sparsely commented.
    "whodunnit = #{user_id} AND " if user_id && user_id.to_i > 0
* '''Solution''': Added comments.
  end


  def add_user_filter
* '''Problem 5''': Participants variable in load_add_signup_topics actually means teams that signed up for a topic.
    "whodunnit = #{current_user.try(:id)} AND " if current_user.try(:id) && current_user.try(:id).to_i > 0
* '''Solution''': Renamed participants variable to 'teams'.
  end


  def add_event_filter (event)
* '''Problem 6''': Signup_as_instructor_action has if-else ladder.
    "event = '#{event}' AND " if event && !(event.eql? 'Any')
* '''Solution''': It has been made more elegant using a helper function.
  end


  def add_date_time_filter
* '''Problem 7''': Delete_signup and delete_signup_as_instructor have much in common and violates the DRY principle.
    "created_at >= '#{time_to_string(params[:start_time])}' AND " +
* '''Solution''': Refactored them by moving the duplicate code to a helper function.
        "created_at <= '#{time_to_string(params[:end_time])}'"
  end


  def add_version_type_filter (version_type)
    "item_type = '#{version_type}' AND " if version_type && !(version_type.eql? 'Any')
  end
</pre>
* The paginate method has been moved to the helper class Pagination_Helper. This new method can be now reused by the different components like UsersController etc. The method receives two parameters, first the list to paginate and second the number of items to be displayed in a page.


<pre>
module PaginationHelper
  def paginate (items, number_of_items_per_page)
    items.page(params[:page]).per_page(number_of_items_per_page)
  end
end
</pre>
===Code improvements===
* Introduced a constant VERSIONS_PER_PAGE and assigned the value 25 to it. The pagination algorithm for VersionsController displays at most 25 versions in a page. The existing implementation uses the value 25 straight in the code and there are few problems associated with such an approach.
** It is not easy to understand what 25 is unless the programmer takes a close look at the code.
** In case if the value 25 is used at more than one places and in future a new requirement comes to show at most 30 versions in a page, all the values will have to be modified. It is not very DRY.
* The VersionsController was overriding AccessHelper - action_allowed? method to return true in all the cases. This was violating the whole purpose of the method action_allowed?. The purpose of this method is to determine whether the user who is triggering a CRUD operation is allowed to do so. So when the current user invokes a CRUD operation, the action_allowed? method is invoked first and if the method returns true the CRUD operation is triggered or else the user is intimated with a message and gracefully exited. Hence, when the action_allowed? method is overridden to return true always, it results in providing unauthorized access to certain users.
<pre>
def action_allowed?
    true
  end
</pre>
:With the new implementation the AccessHelper - action_allowed? method has been modified in such a way that unauthorized access is prevented. As per the new algorithm, 'new', 'create', 'edit', 'update' cannot be invoked by any user. These operations can be accessed only by ‘papertrail’ gem. Only an ‘Administrator’ or ‘Super-Administrator’ can call 'destroy_all' method. All the other methods are accessible to ‘Administrator’,  ‘Super-Administrator’, ‘Instructor’, ‘Teaching Assistant’ and ‘Student’.
<pre>
  def action_allowed?
    case params[:action]
    when 'new', 'create', 'edit', 'update'
    #Modifications can only be done by papertrail
      return false
    when 'destroy_all'
      ['Super-Administrator',
      'Administrator'].include? current_role_name
    else
      #Allow all others
      ['Super-Administrator',
      'Administrator',
      'Instructor',
      'Teaching Assistant',
      'Student'].include? current_role_name
    end
  end
</pre>
===Automated Testing using RSPEC===
The current version of expertiza did not have any test for VersionsController. Using the test driven development(TDD) approach, we have added an exhaustive set of RSPEC tests for VersionsController, to test all the modifications we have done to the code of the controller class. The tests use double and stub features of rspec-rails gem, to fake the log in by different users - Administrator, Instructor, Student etc. The tests can be executed "rpec spec" command as shown below.
<pre>
user-expertiza $rspec spec
.
.
.
Finished in 5.39 seconds (files took 25.33 seconds to load)
66 examples, 0 failures
Randomized with seed 19254
.
.
</pre>
===Testing from UI===
Following are a few testcases with respectto our code changes that can be tried from UI:
1. To go to versions index page, type in the following url after logging in:
  http://152.46.16.81:3000/versions
2. After logging in as student/instructor or admin : Try accessing the  new, create, edit, update actions. These actions are not allowed to any of the users.
  http://152.46.16.81:3000/versions/new
  This calls the new action. In the current production version of expertiza, it is unhandled and application gives a default 404 page.
3. Another feature that can be tested from UI is Pagination. Try searching for a user's versions and see if the results are paginated or not. Search here:
  http://152.46.16.81:3000/versions/search
4. Visit the same URL as step 3, you should see only the students under that instructor in the users dropdown.


===References===
===References===


#[https://github.com/expertiza/expertiza Expertiza on GitHub]
#[https://github.com/expertiza/expertiza]
#[https://github.com/WintersLt/expertiza GitHub Project Repository Fork]
#[http://expertiza.ncsu.edu/ The live Expertiza website]
#[http://expertiza.ncsu.edu/ The live Expertiza website]
#[http://bit.ly/myexpertiza  Demo link]
#[http://wikis.lib.ncsu.edu/index.php/Expertiza Expertiza project documentation wiki]
#[https://relishapp.com/rspec Rspec Documentation]
#Clean Code: A handbook of agile software craftsmanship. Author: Robert C Martin

Revision as of 01:05, 26 March 2019

E1908. Refactoring the Sign-up sheet Controller

This page provides a description of the Expertiza based OSS project.



About Expertiza

Expertiza is an open source project based on Ruby on Rails framework. Expertiza allows the instructor to create new assignments and customize new or existing assignments. It also allows the instructor to create a list of topics the students can sign up for. Students can form teams in Expertiza to work on various projects and assignments. Students can also peer review other students' submissions. Expertiza supports submission across various document types, including the URLs and wiki pages.

Problem Statement

The following tasks were accomplished in this project:

  • Improved the clarity of code by improving the variable and parameter names.
  • Followed naming conventions throughout and renamed methods with inconsistent names including the calling methods.
  • Rectified several unwanted if-else conditions in methods and optimized the code.
  • Refactored all instance variables and removed unnecessarily defined variables.
  • Removed certain unwanted flash messages that occur for some user actions.
  • Included comments for functionalities throughout for better understanding.

About Sign-up sheet Controller

Sign-up sheet controller contains all functions related to management of the signup sheet for an assignment function to add new topics to an assignment, edit properties of a particular topic, delete a topic, etc are included here.


Drawbacks and Solutions
  • Problem 1: Create method has an if-else condition determining if create or update should be called. Create method should not be responsible for calling update.
Identify why the if-else condition exists. The if-else condition exists because the current implementation calls update if a signup sheet with the same name already exists.
  • Solution: Rectified this method by removing the call to update and flashing an error instead.
  • Problem 2: Update method has a plethora of instance variables defined before updating. These are not necessary (For e.g., look at update method of bookmarks_controller).
  • Solution: Refactored the variables not needed out.
  • Problem 3: Several method names are renamed to be more intuitive.
  • Solution: load_add_signup_topics is renamed to get_assignment_data and ad_info is renamed to get_ad.
  • Problem 4: The list method is too long and is sparsely commented.
  • Solution: Added comments.
  • Problem 5: Participants variable in load_add_signup_topics actually means teams that signed up for a topic.
  • Solution: Renamed participants variable to 'teams'.
  • Problem 6: Signup_as_instructor_action has if-else ladder.
  • Solution: It has been made more elegant using a helper function.
  • Problem 7: Delete_signup and delete_signup_as_instructor have much in common and violates the DRY principle.
  • Solution: Refactored them by moving the duplicate code to a helper function.


References

  1. [1]
  2. The live Expertiza website
Retrieved from "https://wiki.expertiza.ncsu.edu/index.php?title=E1908_signupsheet&oldid=122389"