‼️  This chapter should be completed by Deadline 5 (see course information at Lovelace)

---

📑  Chapter summary

In this section your group must design, implement and test a client application that uses the RESTful API implemented by you. If you utilize HTML and JavaScript, it is mandatory that the HTML is contained in static files. It means that your server cannot generate HTML dynamically (using PHP or JSP). All modifications made to the webpage must be done in the client side using javascript. Of course, you can use anchors () to load a new URL. Please, consider the Same Origin Policy" because it might cause problems to your client implementation. It is recommend to host the files in a local HTTP server and not directly in your file system. We will give you more instructions in Exercise 4.

In addition, you must include an auxiliary service that interacts with your API (and possibly the client).

CHAPTER GOALS

• Learn how to use APIs
• Implement a client that uses the project API
• Implement an auxiliary service that interacts with your API

---

✔️     Chapter evaluation (max 30 points)

You can get a maximum of 30 points after completing this section. You can check more detailed assessment criteria in the Lovelace return box for Deadline 5.

---

📑  Content that must be included in the section

You must provide a description of the application. You must clarify which are the goals of the application and why a user would like to use this application. You must also state what is the functionality provided by the RESTful API used by this application.

---

The developed client application is designed to efficiently manage user data and access control within an organization. Built with modern web technologies, the application provides a streamlined interface for users and administrators to perform essential tasks such as user registration, updates, access requests, and viewing access logs and permissions. The goal was to create a secure, user-friendly system that simplifies the management of user data and access permissions using FacePass which uses computer vision to control access permissions.

1. User Registration:

   • Allows users to register by providing their name and selecting their permission level.
   • Captures the user's image via webcam for profile creation.

2. User Deletion:

   • Enables administrators to delete users by specifying their user ID.
   • Ensures outdated or unauthorized users are removed from the system.

3. User Update:

   • Allows administrators to update user details, including name and permission level.
   • Maintains up-to-date user information and permissions.

4. Access Request:

   • Users can request access by providing their user ID and capturing their image.
   • Allows users to select the desired permission level for their access request.

5. View Access Logs:

   • Administrators can view access attempt logs for specific users by entering their user ID.
   • Detailed logs include access request ID, timestamp, outcome, and associated permissions.

6. View User Permissions:

   • Administrators can view the permission levels assigned to specific users.
   • Provides transparency and helps manage user access control.

7. View Access Requests:

   • Administrators can view all access requests made by specific users.
   • Facilitates monitoring and managing access requests efficiently.

The following table summarizes the resources and methods accessed by the client application:

Endpoint	HTTP Method	Description
/identities	POST	Registers a new user by capturing their image and details.
/identities/int:user_id	DELETE	Deletes an existing user by their user ID.
/identities/int:user_id	PUT	Updates details of an existing user.
/access_request/int:user_id	POST	Requests access for a user by capturing their image.
/identities/int:user_id/access-logs	GET	Retrieves access logs for a specific user.
/identities/int:user_id/permissions	GET	Retrieves permission levels assigned to a user.
/identities/int:user_id/requests	GET	Retrieves access requests made by a specific user.
/access-log/int:log_id	GET	Retrieves details of a specific access log.
/access-request/int:access_request_id	GET	Retrieves access logs for a specific access request.
/identities/int:user_id	GET	Retrieves the profile of an existing user by their user ID.
/identities/name/name:user_name	GET	Retrieves users by name.
/face_pass/tos	GET	Renders the terms of service HTML page.
/face_pass/link-relations	GET	Renders the link relations HTML page.
/face_pass/profile	GET	Renders the profile HTML page.

The need for this client application arose from the requirement to have a streamlined, secure, and efficient way to manage user data and access control within the organization. Traditional methods of user management were cumbersome and prone to errors, often lacking the necessary security measures. This application addresses these issues by providing:

• Improved Security: With secure API endpoints and data validation, the application ensures only authorized users can perform sensitive operations.
• Enhanced Usability: The user-friendly interface makes it easy for users and administrators to perform tasks efficiently.
• Comprehensive Management: From registration to deletion and access requests, the application covers all aspects of user management.
• Transparency: Detailed logs and permission views ensure that administrators have full visibility over user actions and permissions.

The developed client application is a powerful tool for managing user data and access control. Its secure, intuitive interface and comprehensive features make it an essential solution for any organization looking to streamline their user management processes. The application not only simplifies administrative tasks but also enhances security and compliance within the organization.

---

📑  Content that must be included in the section

Provide a use case diagram of your application. For each case, specify which is the API resource/s that cover the given functionality

---

Here's a detailed table summarizing each use case and the corresponding API resources:

Use Case	Description	API Resource
Register User	Allows users to register by providing their name, selecting their permission level, and capturing their image via webcam.	POST /identities
Delete User	Enables administrators to delete users by specifying their user ID.	DELETE /identities/int:user_id
Update User	Allows administrators to update user details, including name, permission level, and image.	PUT /identities/int:user_id
Request Access	Users can request access by providing their user ID, capturing their image, and selecting the desired permission level.	POST /access_request
View Access Logs	Administrators can view access attempt logs for specific users by entering their user ID. Detailed logs include access request ID, timestamp, outcome, and associated permissions.	GET /identities/int:user_id/access-logs
View User Permissions	Administrators can view the permission levels assigned to specific users.	GET /identities/int:user_id/permissions
View Access Requests	Administrators can view all access requests made by specific users.	GET /identities/int:user_id/requests
Retrieve User Profile	Administrators can retrieve user profiles by user ID.	GET /identities/int:user_id
Retrieve Users by Name	Administrators can retrieve users by name.	GET /identities/name/name:user_name
Read Terms of Service	The user can view the terms of service HTML page.	GET /face_pass/tos
Link Relations	The user can view the link relations HTML page.	GET /face_pass/link-relations
Read FacePass Profile Page	The user can view the profile HTML page.	GET /face_pass/profile

---

📑  Content that must be included in the section

Draw a diagram of the client layout. Students can use any software they want to do the sketching. For more professional-like design, students can use any wireframing tool available in Internet. Some of them can be found from http://webdesignledger.com/tools/13-super-useful-ui-wireframe-tools. Pencil is free, open source and easy to use. Other options are Visio and Balsamiq (you need a license). You can also create the UI using a paper and a pencil and scan the resulting drawing.

---

---

📑  Content that must be included in the section

It is a single page web application client. All screens can be accessed from any page. 

---

✏️ Add your diagrams here

💻     TODO: SOFTWARE TO DELIVER IN THIS SECTION

The code repository must contain:

1. The source code for the client application. 
2. External libraries. You can also report them in the README.md if the libraries are very big or need to be installed.
3. The code for testing the application (if it exists).
4. We recommend to include a set of scripts to run your application and tests (if they exist).
5. A README.md file containing:
   • Dependencies (external libraries)
   • How to setup/install the client
   • How to configure and run the client
   • How to run the different tests of your client (if you have implemented unit testing)

NOTE: Your code MUST be clearly documented. For each public method/function you must provide: a short description of the method, input parameters, output parameters, exceptions (when the application can fail and how to handle such fail). Check Exercise 4 for examples on how to document the code. addition, should be clear which is the code you have implemented yourself and which is the code that you have borrowed from other sources.

---

📑  Content that must be included in the section

You must provide a description of the service. You must clarify which are the goals of the service and how it interacts with your API (and possibly the client). The service can be autonomous entity that does some automated work on the API (data cleaning, calculating composites etc.), or it can be commanded from the client interface to perform heavier tasks that would clog the API server itself (statistics generation, recommendation algorithms etc.).

---

✏️ Write your description here

---

📑  Content that must be included in the section

Provide a diagram that shows how the service communicates with other parts in the ecosystem.

---

✏️ Put your diagram here

---

💻     TODO: SOFTWARE TO DELIVER IN THIS SECTION

The code repository must contain:

1. The source code for the auxiliary service. 
2. External libraries. You can also report them in the README.md if the libraries are very big or need to be installed.
3. The code for testing the service (if it exists).
4. We recommend to include a set of scripts to run your service and tests (if they exist).
5. A README.md file containing:
   • Dependencies (external libraries)
   • How to setup/install the service
   • How to configure and run the service
   • How to run the different tests of your service (if you have implemented unit testing)

NOTE: Your code MUST be clearly documented. For each public method/function you must provide: a short description of the method, input parameters, output parameters, exceptions (when the application can fail and how to handle such fail). Check Exercise 4 for examples on how to document the code. Should be clear which is the code you have implemented yourself and which is the code that you have borrowed from other sources.

---

✏️ Do not need to write anything here. Implement your service

---

Task	Student	Estimated time
pytests update and test after integration	Tharindu Muthukuda Walawwe ([email protected])	2h
DL1,DL2,DL3,DL4 action points implementation and fixes	Tharindu Muthukuda Walawwe ([email protected])	3h
clean up pylint and generate utility functions outside app	Tharindu Muthukuda Walawwe ([email protected])	2h