Report Part2

MVC Based Python Framework
For
Website Deployment
Summer Training Project Report
Submitted in partial fulfillment for the requirement of the award of the
degree of
Bachelor of Technology
In
Computer Science and Engineering
By
Akshay Rohatgi
(Roll No. : 03414802711)
Maharaja Agrasen Institute Of Technology

Guru Gobind Singh Indraprastha University
Sector-16, Dwarka, Delhi
[1]
ACKNOWLEDGMENT
I express my sincere thanks and deep sense of gratitude to our project mentors: Mr.
Sandeep Nailwal, Mr. Nitin Verma and Mr. Ravi Kumar Singh for his valuable motivation and
guidance along with other members of our development team, without which this project report
would not have been possible. I consider myself fortunate for having the opportunity to learn and
work under their able supervision and guidance over the entire period of association. I have deep
sense of admiration for her innate goodness. Also I here deeply thank H.O.D, Ms. Namita Gupta
Department of Computer Science and Engineering Maharaja Agrasen Institute of Technology, for
her valuable cooperation for this project report.
Finally, I would like to express my deep appreciation to my family and friends who have been a
constant source of inspiration. I am internally grateful to them for always encouraging me
wherever and whenever I needed them.
Akshay Rohatgi
(03414802711)
[2]
Index
1. Abstract--------------------------------------------------------------------------------01
2. List of Figures------------------------------------------------------------------------03
3. List of tables--------------------------------------------------------------------------11
4. List of Abbreviations----------------------------------------------------------------23
5. Architecture---------------------------------------------------------------------------24
6. Introduction ---------------------------------------------------------------------------28
7. Related Theory------------------------------------------------------------------------32
8. Output----------------------------------------------------------------------------------40
9. References and Bibliography-------------------------------------------------------44
[3]
Abstract
Objective:
The basic purpose of the project was to create a framework in python that will serve on the web
and allow to create Enterprise grade apps easily. With the help of this framework, 2 products
were created that are to be shipped in the market.
Inspiration:
In the industry considerable amount of applications that are required are of the form nature, i.e. it
has same set of interface with same kind of functionalities which includes database interaction,
management among other things.
Inspiration of the project comes from the fact that first of all, as of now there are no frameworks
that exists that will facilitate creation of the enterprise grade forms applications in a very little
time using python technology. Since the nature of the application is same, hence a framework
can be created to speed up the development process but still providing the capability to extend
the project towards a functionality that deviates from the standard form structure.
This framework provides a solution to this problem by providing a development environment
and pre render code which is common in mostly all the application which are of this nature.
Features:
The framework thus created as a solution to this problem have the following functionalities:
1. RBAC Security Model for creating and managing the access control in the product.
2. Data validation functionalities both on client side and server side.
3. Error Logging functionalities for enabling better management of product in its running
time.
4. Unit testing module for efficiently and quality testing of the product.
5. Many more functionality that will help in better management and development of the
product.
Implementation:
With the help of this framework two products were created:
[4]
1. Gym Management System: This product is a classic example of a standard enterprise

application which involves gym and client management through extensive use from
database.
2. GPS tracking system: This product although require the same set of functionalities as a
standard application but it also make use of various different technologies ranging from
Google Maps API to hardware integration and hence deviates from classical application
structure in this sense.
[5]
List of Figures
Framework Use Case
[6]
Gym Management System Use Case
[7]
GPS Live Tracking System Use Case
[8]
Use Case Description

Use Case:
Create and Manage Organization
Primary Actor:
Super User
Scope:
Product Management
Brief:
Super user can add, edit or delete and organization. This will first use case which is
executed when a new organization is created.
Stakeholders
Organizations, Super User
Post Conditions
Minimal Guarantees:
None
Success Guarantees:
Organization will be successfully created, updated or deleted
Changes will be automatically reflected
Preconditions:
Super User must be logged in to the system
Triggers:
The Super User opens manage organization form.
[9]
Basic flow:
1. The system provides a table listing all the organizations that are associated with the
company.
2. The Super User will click on the appropriate command button
3. Super User will fill out all the details that are required
4. The system will save the data and update database accordingly
Extensions:
a. Cancel:
1. The Super User selects Cancel.
2. The system discards any change the Super User has made then go to homepage.
[10]
Use Case:
Manage Employee
Primary Actor:
SuperUser, MainUser [:User]
Scope:
Organization Management
Brief:
User can add or delete employees and their details.
Stakeholders
Organizations, MainUser
Post Conditions
Minimal Guarantees:
List of all employees with their details
Success Guarantees:
Employee Details will be automatically updated in the database.
Pre Conditions:
User must be logged in to the system. If the SuperUser has logged in, then he must have
selected a particular organization.
Triggers:
The user opens employee management form.
Basic flow:
[11]
5. The system provides a table listing all the employees with their details associated with the
organization.
6. The user will give appropriate commands.
7. User will fill in appropriate details and click on submit.
8. The system will save the data and update database accordingly.
9. Page will refreshed and updated data will be shown
Extend:
a. Cancel:
1. User will click on cancel button.
2. System will discard the change and refresh the page
[12]
Use Case:
Manage Employee Roles
Primary Actor:
SuperUser,MainUser [:User]
Scope:
Organization Management
Brief:
User can add or delete roles assigned to the employees.
Stakeholders
Organizations, MainUser
Post Conditions
Minimal Guarantees:
List of all employees with their current roles
Success Guarantees:
Roles for employees will be successfully modified
All logged in employees whose roles have changed will be automatically logged
out and asked to log in again
Pre Conditions:
[13]
User must be logged in to the system. If the SuperUser has logged in, then he must have
selected a particular organization.
Triggers:
The user opens security management form.
Basic flow:
10. The system provides a table listing all the employees with their associated roles in the
organization.
11. The user will check or uncheck the roles checkboxes against the employee.
12. The system will save the data and update database accordingly.
List of Tables
In the project the database is created in such a way that it is in 3 rd normal form .Tables in the
database can be categorized in two parts as below:
1) General Tables :
These are the tables which are not specific to framework implementation and are generic
tables. These tables are generic and can be used without any changes in any
implementation of the framework.
Following are the general tables formed in the database:
a) Entity :
This table stores the basic entity, can refer to anything, a person, an organization, etc
Table definition is as follows:
CREATE TABLE entity
(
id character(32) NOT NULL,
CONSTRAINT entity_pkey PRIMARY KEY (id)
);
b) User :
This table is used to store user authentication details. These may include superusers,
clients and customers of clients as well.
[14]
CREATE TABLE "user"

(
username character varying(64) NOT NULL,
password character varying(128) NOT NULL,
entity_id character(32) NOT NULL,
countryCode character varying(16),
languageCode character varying(16),
CONSTRAINT user_pkey PRIMARY KEY (username),
CONSTRAINT user_entity_id_fkey FOREIGN KEY (entity_id)
REFERENCES entity (id) MATCH SIMPLE
ON UPDATE NO ACTION ON DELETE NO ACTION
);
c) Person:
The above table is used to store details of the user like name, dob, sex etc. This table
references user table and entity table. The id refers to (foreign key relationship) to
Entity.id. Thus every entry in person table, must match with an entry in entity table.
This is analogous to OOP. An Entity is a base class, a Person is a derived class.
CREATE TABLE person
(
name character varying(64),
dob date,
sex integer,
CONSTRAINT person_pkey PRIMARY KEY (id),
CONSTRAINT person_id_fkey FOREIGN KEY (id)
);
d) Role :
This table is used to store roles as used in rbac (Role Based Access Control) structure.
It stores role name, organization to which the given role is associated and role
description. Table Definition is as follows:
CREATE TABLE role
(
name character varying(64) NOT NULL,
organization_id character(32) NOT NULL,
description character varying(512),
CONSTRAINT role_pkey PRIMARY KEY (name, organization_id),
CONSTRAINT role_organization_id_fkey FOREIGN KEY (organization_id)
[15]
REFERENCES organization (id) MATCH SIMPLE

);
e) Facet_Role :
All roles and permissions are organization specific, that is, every organization can
have their own set of Roles/Permissions. Thus, instead of assigning roles to users
directly, roles are assigned to facets. Example: We have an admin organization:
adminOrg. Lets suppose we have a user: user1, who is a support staff at adminOrg.
Lets say we have a client Organization: org1. The support staff is given admin rights
to 'org1' for a brief period of time. Thus, there will be two facets:
(adminOrg, user1) -> This facet will have role (adminOrg, support)
(org1, user1) -> This facet will have role (org1, admin)
Thus, user1 will be able to use admin level properties as long as he/she is doing 'org1'
related work.
Table Definition is as follows:
CREATE TABLE facet_role
(
role_name character varying(64) NOT NULL,
CONSTRAINT facet_role_pkey PRIMARY KEY (role_name, username,
organization_id),
CONSTRAINT facet_role_role_name_fkey FOREIGN KEY (role_name,
organization_id)
REFERENCES role (name, organization_id) MATCH SIMPLE
ON UPDATE NO ACTION ON DELETE NO ACTION,
CONSTRAINT facet_role_username_fkey FOREIGN KEY (username,
organization_id)
REFERENCES facet (username, organization_id) MATCH SIMPLE
);
f) Permission :
The Permissions defines the pages to which a particular user is granted access. This
table is used to store the permission details used in an organization.
CREATE TABLE permission
(
description character varying(512),
CONSTRAINT permission_pkey PRIMARY KEY (name, organization_id),
[16]
CONSTRAINT permission_organization_id_fkey FOREIGN KEY

(organization_id)
);
g) Permission_Role :
To implement rbac system used in the system there is a need to grant certain
permissions to specific roles. These details are stored in this table.
CREATE TABLE permission_role
(
permission_name character varying(64) NOT NULL,
role_name character varying(64) NOT NULL,
CONSTRAINT permission_role_pkey PRIMARY KEY (permission_name,
role_name, organization_id),
CONSTRAINT permission_role_permission_name_fkey FOREIGN KEY
(permission_name, organization_id)
REFERENCES permission (name, organization_id) MATCH SIMPLE
CONSTRAINT permission_role_role_name_fkey FOREIGN KEY (role_name,
organization_id)
REFERENCES role (name, organization_id) MATCH SIMPLE
);
h) Organization :
Similar to Person Table, this is also referred to entity.id via foreign key. Used to store
Organizations.
CREATE TABLE organization
(
parent_id character(32) NOT NULL,
countryCode character varying(16),
languageCode character varying(16),
CONSTRAINT organization_pkey PRIMARY KEY (id),
CONSTRAINT organization_id_fkey FOREIGN KEY (id)
[17]

CONSTRAINT organization_parent_id_fkey FOREIGN KEY (parent_id)
CONSTRAINT organization_name_key UNIQUE (name)
);
i) Info:
This table stores Information about entities. Information can be of various types. The
type of information is determined by an Enum. This can be used to store multiple
values of same type of information. Example: multiple emails or mobile numbers.
Each entry however, will have a preference value, which will be used to pick the most
preferred information type needed.
CREATE TABLE info
(
type integer NOT NULL,
preference double precision NOT NULL,
data character varying(128),
CONSTRAINT info_pkey PRIMARY KEY (id),
CONSTRAINT info_entity_id_fkey FOREIGN KEY (entity_id)
CONSTRAINT info_entity_id_data_type_key UNIQUE (entity_id, data, type),
CONSTRAINT info_entity_id_type_preference_key UNIQUE (entity_id, type,
preference)
);
j) Facet :
In our software, it is required that a single user can belong to different roles for
different
Organizations at a given time. For example a support staff of admin organization,
might be assigned to resolve some trouble in a client organization, and thus given
temporary admin rights to client's Organization (his activities however, will be
logged).
To achieve that purpose, we have a table called Facet. A Facet is a combination of
organization and user, stored in a table. So if user1 has roles in org1 and org2, we will
have two rows in facet table: (user1, org1) and (user1, org2).
The table Definition is as follows:
CREATE TABLE facet
(
[18]

CONSTRAINT facet_pkey PRIMARY KEY (username, organization_id),
CONSTRAINT facet_organization_id_fkey FOREIGN KEY (organization_id)
CONSTRAINT facet_username_fkey FOREIGN KEY (username)
REFERENCES "user" (username) MATCH SIMPLE
CONSTRAINT facet_username_preference_key UNIQUE (username, preference)
);
k) Payment :
This table is used to store payment details.
CREATE TABLE payment
(
payer_id character(32) NOT NULL,
payee_id character(32) NOT NULL,
"when" timestamp without time zone NOT NULL,
amount numeric(7,2) NOT NULL,
currency character varying(16) NOT NULL,
CONSTRAINT payment_pkey PRIMARY KEY (id),
CONSTRAINT payment_payee_id_fkey FOREIGN KEY (payee_id)
CONSTRAINT payment_payer_id_fkey FOREIGN KEY (payer_id)
);
l) PaymentDetail :
This table is used to store payment info and mode like if it is cash mode, cheque
mode and online mode.
CREATE TABLE "paymentDetail"
(
payment_id character(32) NOT NULL,
data character varying(128),
CONSTRAINT "paymentDetail_pkey" PRIMARY KEY (id),
[19]
CONSTRAINT "paymentDetail_payment_id_fkey" FOREIGN KEY (payment_id)

REFERENCES payment (id) MATCH SIMPLE
CONSTRAINT "paymentDetail_payment_id_type_data_preference_key" UNIQUE
(payment_id, type, data, preference)
);
2) Implementation Based Tables:

These type of tables include implementation specific tables. For example in Gps tracking
implementation tables are used to store coordinate, vehicle related data, in Gym
management tables are used to store gym services, packages etc.
a) Table structure used in Gps tracking implementation of framework is as follows :
CREATE TABLE "Gps_Coordinate_Data" (
"Vehicle_Id" character(32) NOT NULL,
"Time" character varying(16) NOT NULL,
"Date" date NOT NULL,
"Latitude" numeric(20,15) NOT NULL,
"Longitude" numeric(20,15) NOT NULL,
"Field1" character varying(16),
"Field2" character varying(16)
);
CREATE TABLE "Gps_Geofence_Data" (
"Geofence_Id" character(32) NOT NULL,
"Geofence_Name" character varying(20) NOT NULL,
"User_Id" character(32) NOT NULL,
"Coordinate_Id" character(32) NOT NULL,
"Latitude" character varying(1024) NOT NULL,
"Longitude" character varying(1024) NOT NULL
);
CREATE TABLE "Gps_Poi_Data" (
"Id" integer NOT NULL,
"Poi_Id" character(32) NOT NULL,
"Time" character varying(16) NOT NULL,
"Date" date NOT NULL
);
CREATE TABLE "Gps_Poi_Info" (

"Poi_Id" character(32) NOT NULL,
[20]

"Poi_Name" character varying(1024) NOT NULL,
"Poi_Latitude" numeric(20,15) NOT NULL,
"Poi_Longitude" numeric(20,15) NOT NULL,
"Category" character varying(20)
);
CREATE TABLE "Gps_Vehicle_Info" (
Vehicle_Id" character(32) NOT NULL,
"Vehicle_Name" character varying(20) NOT NULL,
"Vehicle_Make" character varying(20) NOT NULL,
"Vehicle_Reg_No" character varying(16),
"Vehicle_Type" character varying(16)
);
b) Table structure used in Gym Management implementation of framework is as
follows:
CREATE TABLE gym (
manager_id character(32) NOT NULL
);
CREATE TABLE "gymCampaign" (
gym_id character(32) NOT NULL
);
CREATE TABLE "gymCampaignInfo" (
"gymCampaign_id" character(32) NOT NULL,
data character varying(128)
);
CREATE TABLE "gymCampaignPackageInfo" (
campaign_id character(32) NOT NULL,
package_id character(32) NOT NULL,
);
[21]
CREATE TABLE "gymCampaignServiceInfo" (

service_id character(32) NOT NULL,
);
CREATE TABLE "gymCampaign_gymPackage" (
);
CREATE TABLE "gymCampaign_gymService" (
);
CREATE TABLE "gymChain" (
manager_id character(32) NOT NULL
);
CREATE TABLE "gymClient" (
);
CREATE TABLE "gymClientInfo" (
"gymClient_id" character(32) NOT NULL,
data character varying(128));
CREATE TABLE "gymEnquiry" (
);
CREATE TABLE "gymEnquiryInfo" (
"gymEnquiry_id" character(32) NOT NULL,
[22]

);
CREATE TABLE "gymFollowUp" (
gym_id character(32) NOT NULL,
type character varying(64) NOT NULL,
response character varying(64) NOT NULL,
convertibility character varying(64) NOT NULL,
"when" timestamp without time zone,
comment character varying(512)
);
CREATE TABLE "gymFollowUpConvertibility" (
);
CREATE TABLE "gymFollowUpResponse" (
);
CREATE TABLE "gymFollowUpType" (
);
CREATE TABLE "gymPackage" (
);
CREATE TABLE "gymPackageInfo" (
"gymPackage_id" character(32) NOT NULL,
);
CREATE TABLE "gymPackageServiceInfo" (
[23]

);
CREATE TABLE "gymPackage_gymService" (
);
CREATE TABLE "gymService" (
gym_id character(32) NOT NULL,
type character varying(64) NOT NULL
);
CREATE TABLE "gymServiceInfo" (
"gymService_id" character(32) NOT NULL,
);
CREATE TABLE "gymServiceType" (
);
CREATE TABLE info (

);
[24]
List of Abbreviations
Following abbreviations are used in report:
MVC: Model View Controller
RBAC: Role Based Access Control
LBAC: Lattice Based Access Control
ORM: Object Relational Mapper
OOP: Object Oriented Programming
[25]
CLI: Command Line Interface
GUI: Graphical User Interface
IDE: Integrated Development Environment
GPS: Global Positioning System
CSS: Cascaded Styling Sheets
DB: Database
API: Application Programming Interface
HTTP: Hypertext Transfer Protocol
HTML: Hypertext Markup Language
Architecture
The project follows the MVC architecture. It divides a given software application into three
interconnected parts, so as to separate internal representations of information from the ways that
information is presented to or accepted from the user. MVC is popular as it isolates the
application logic from the user interface layer and supports separation of concerns. Here the
Controller receives all requests for the application and then works with the Model to prepare any
data needed by the View. The View then uses the data prepared by the Controller to generate a
final presentable response.
[26]
The central component of MVC, the model, captures the application's behavior in terms of its
problem domain, independent of the user interface. The model directly manages the application's
data, logic and rules.
A view can be any output representation of information, such as a chart or a diagram; multiple
views of the same information are possible, such as a bar chart for management and a tabular
view for accountants.
The third part, the controller, accepts input and converts it to commands for the model or view.
In addition to dividing the application into three kinds of components, the MVC design defines
the interactions between them.
[27]
A controller can send commands to the model to update the model's state (e.g., editing a
document). It can also send commands to its associated view to change the view's
presentation of the model (e.g., by scrolling through a document).
A model notifies its associated views and controllers when there has been a change in its
state. This notification allows the views to produce updated output, and the controllers to
change the available set of commands. In some cases an MVC implementation might
instead be "passive," so that other components must poll the model for updates rather
than being notified.
A view requests information from the model that it uses to generate an output
representation to the user.
Although originally developed for desktop computing, modelviewcontroller has been widely
adopted as an architecture for World Wide Web applications in major programming languages.
Several commercial and noncommercial application frameworks have been created that enforce
the pattern. These frameworks vary in their interpretations, mainly in the way that the MVC
responsibilities are divided between the client and server.
The main workhorse of the whole software is the class: app.App

This class is instantiated only once at the start of the program and is responsible for loading
every other module. After loading, it is responsible for making available all the resources for
different modules to work with each other properly. Example: database module, logging module.
[28]
The user level configuration of the software is done in appConfig.AppConfig

For testing, the configuration used is: testConfig.AppConfig
For developer configuration of all modules, componentConfig module should be used.
Model Layer
The db.Db class is responsible for managing all data level tasks, like managing databases,
creating ORM classes etc. It is loaded into app.App as dbManager module. The
dataModel package defines several modules which provide ORM classes for all the tables
involved in the software.
Controller Layer
The controller layer itself is divided into two parts. There is protocol independent layer
and there is a protocol specific layer. The protocol independent layer provides generic
functionality which can be used by controllers based on any protocol. In protocol specific
layer, there is only one protocol currently supported: HTTP. HTTP specific controller
layer controls the web specific management of server-side logic. Cherrypy is used to
provide the basic features to interact with HTTP protocol.
View Layer
The view layer is used by protocol specific layer to deliver the view specific to that
protocol. Since only HTTP protocol is yet supported, the 'view layer' specific files
consists of HTML templates (using mako), CSS and javascript files.
Some of the additional components provided besides the MVC architecture are as follows:
testComponent
Provided by testComponent. TestComponent class. It is the testing framework for entire
software, encompassing all layers of the software.
autoBrowser
Its a small component which provides features similar to test framework but instead is
used as an aid to develop deeply nested GUI. To save time navigating to a GUI form, it
utilizes the selenium framework to automatically navigate to the form being worked on.
commandConsole
[29]
This provides a rich and easily extensible interface to user to manage the server. Its a
command line based interface, and hence doesnt require any GUI, thus can be easily
used on GUI-less server deployments.
Introduction
The MVC based python framework is a tool / software developed to deploy websites
implementing the logic and design according to the end user or client. The back end logic of the
framework is implemented using the python programming language and front end logic is
implemented via JavaScript and CSS.
The main aim of project was to facilitate creation of the enterprise grade forms applications in a
very little time and was able to achieve this using the developed framework.
Various python libraries are also involved in the framework which are discussed below:
CherryPy
It is an object-oriented web application framework using the Python programming
language. It is designed for rapid development of web applications by wrapping the
HTTP protocol but stays at a low level. It can be a web server itself or one can launch it
via any WSGI compatible environment (including Apache 2). It does not deal with tasks
such as templating for output rendering or backend access. The framework is extensible
with filters, simple interfaces made of seven functions. These are called at defined points
in the request/response processing.
[30]
Mako
It is a template library written in Python. It provides a familiar, non-XML syntax which
compiles into Python modules for maximum performance. Mako's syntax and API
borrows from the best ideas of many others, including Django and Jinja2 templates,
Cheetah, Myghty, and Genshi. Conceptually, Mako is an embedded Python (i.e. Python
Server Page) language, which refines the familiar ideas of componentized layout and
inheritance to produce one of the most straightforward and flexible models available,
while also maintaining close ties to Python calling and scoping semantics. Mako is used
by reddit.com where it delivers over one billion page views per month. It is the default
template language included with the Pylons and Pyramid web frameworks.
SQLAlchemy
It is an open source SQL toolkit and object-relational mapper (ORM) for the Python
programming language released under the MIT License. SQLAlchemy provides "a full
suite of well-known enterprise-level persistence patterns, designed for efficient and highperforming database access, adapted into a simple and Pythonic domain language".
SQLAlchemy's philosophy is that SQL databases behave less and less like object
collections the more size and performance start to matter, while object collections behave
less and less like tables and rows the more abstraction starts to matter.
Selenium
Selenium is a portable software testing framework for web applications. Selenium
provides a record/playback tool for authoring tests without learning a test scripting
language (Selenium IDE). It also provides a test domain-specific language (Selenese) to
write tests in a number of popular programming languages, including Java, C#, Groovy,
Perl, PHP, Python and Ruby. The tests can then be run against most modern web
browsers. Selenium deploys on Windows, Linux, and Macintosh platforms. It is opensource software, released under the Apache 2.0 license, and can be downloaded and used
without charge.
User can interact with framework of the software using either of the two methods:
Command line interface (for developers)

GUI / Frontend Templates (for end users / clients)
Command Line Interface

The command line method of interaction provides developers various commands that
implements various functionalities to configure, maintain and setup software, such as:
Database operations
[31]
o Creating tables
o Load initial data to tables
o Drop tables
Unit testing in test mode
Running the current module using auto mode
Graphical User Interface

Various rendered templates of the software provides the GUI method to interact with software for
ease of use for the underlying logical design of software.
Database
Database is designed using business oriented way. In this approach tables are designed based on
requirements, in such a way that all expected queries are optimized by relationship rules among
tables, using foreign keys, indices etc. Database handling and transactions are handled by
PostgreSQL, which is an object-relational database management system. It is accessed using the
SQLAlchemy, which is an ORM which maps tables to instances and queries could be performed
using pre-defined functions, provided by ORM itself.
Following two core points are maintained while designing the database structure:
Data Anomaly is avoided at all costs.

Whenever possible, a foreign key or a unique index is used. This improves query
efficiency.
Description of some basic tables:
Entity: The basic entity, can refer to anything, a person, an organization, etc.
Info: Information about entities. Information can be of various types. The type of
information is determined by an Enum. This can be used to store multiple values of same
type of information. Example: multiple emails or mobile numbers. Each entry however,
will have a preference value, which will be used to pick the most preferred information
type needed.
Person: Used to store people. The id refers to (foreign key relationship) to Entity.id. Thus
every entry in person table, must match with an entry in entity table. This is analogous to
OOP. An Entity is a base class, a Person is a derived class.
[32]
Organization: Similar to Person, this is also referred to entity.id via foreign key. Used to
store organizations.
User: This table is used to store user authentication details.
The files containing table structure information are placed in dataModel.
Security System
Software follows a modified version of RBAC security model. An RBAC model means
permissions are not assigned directly to users. Instead, we assign permissions to roles, and roles
are then assigned to users. This makes management of large number of employees much simpler
than traditional methods. In the software, it is required that a single user can belong to different
roles for different organizations at a given time. For example a support staff of admin
organization, might be assigned to resolve some trouble in a client organization, and thus given
temporary admin rights to client's organization (his activities however, will be logged). To
achieve that purpose, we have a table called: Facet.
A Facet is a combination of organization and user, stored in a table. So if user1 has roles in org1
and org2, we will have two rows in facet table: (user1, org1) and (user1, org2). All roles and
permissions are organization specific, that is, every organization can have their own set of
Roles/Permissions. Thus, instead of assigning roles to users directly, we will assign roles to
facets.
Example: We have an admin organization: fitx. Lets suppose we have a user: user1, who is a
support staff at 'fitx'. Lets say we have a client organization: org1. The support staff is given
admin rights to 'org1' for a brief period of time. Thus, there will be two facets:
(fitx, user1) -> This facet will have role: (fitx, support)
(org1, user1) -> This facet will have role (org1, admin)
Thus, user1 will be able to use admin level properties as long as he/she is doing 'org1' related
work. If this user1 chooses org1, opens an admin form, and then switches to fitx, the admin form
submission will fail, resulting in permission denied error.
[33]
Related Theory
During the course of training, three projects were created i.e. Framework, Gym Management
System, and GPS live tracking system. All of these three provides various functionalities that
facilitate its users to do various tasks.
Concept:
1. Framework: The framework, which we popularly called as fitx is an extensive and
evolving framework which is used to create various form based web applications very
easily. During the development of the framework, various components were created
and were integrated together to form the framework. Various components include in
the framework include:
a. Data Model :
This component of the framework contains all the table with appropriate
definition and constraints. New tables that are added are defined in this
component.
This component works using implementing sqlalchemy as its ORM to create
the tables in the database during the first run.
[34]
b. Security Module:
In this component various security related features are implemented. This
component will create a Login Management System that will enable various
user to login into a product that is created using the framework and maintain
their access levels. This component will also implement a RBAC model for
security. Within an organization, roles are created for various job functions.
The permissions to perform certain operations are assigned to specific roles.
Members or staff (or other system users) are assigned particular roles, and
through those role assignments acquire the computer permissions to perform
particular computer-system functions. Since users are not assigned
permissions directly, but only acquire them through their role (or roles),
management of individual user rights becomes a matter of simply assigning
appropriate roles to the user's account; this simplifies common operations,
such as adding a user, or changing a user's department.
Three primary rules are defined for RBAC:
1. Role assignment: A subject can exercise permission only if the subject
has selected or been assigned a role.
2. Role authorization: A subject's active role must be authorized for the
subject. With rule 1 above, this rule ensures that users can take on
only roles for which they are authorized.
3. Permission authorization: A subject can exercise a permission only if
the permission is authorized for the subject's active role. With rules 1
and 2, this rule ensures that users can exercise only permissions for
which they are authorized.
Additional constraints may be applied as well, and roles can be combined in
a hierarchy where higher-level roles subsume permissions owned by subroles.
With the concepts of role hierarchy and constraints, one can control RBAC to
create or simulate lattice-based access control (LBAC). Thus RBAC can be
considered to be a superset of LBAC.
c. Component Module: This module allows creation of various forms in the
application. Each form in the application adds a component to the model. The
framework integrates with other component to provide a RBAC based security
to the forms, provides it various validation features, and access to the
database. These forms create the core of the application and frameworks is to
[35]
create such an environment that the creation and management of these forms
is easy and available.
d. Database Module: This component allows the developer API to access the
database. Various tables that are created are mapped to the classes in this
module and hence can be used throughout the whole project.
Database Module of the project is the part where Object Relational Mapping
using sqlalchemy is implemented. Object-relational mapping (ORM, O/RM,
and O/R mapping) in computer software is a programming technique for
converting data between incompatible type systems in relational databases and
object-oriented programming languages. This creates, in effect, a "virtual
object database" that can be used from within the programming language.
There are both free and commercial packages available that perform objectrelational mapping, although some programmers opt to create their own ORM
tools.
Pros and cons ORM often reduces the amount of code needed to be written,
making the software more robust (the fewer the lines of code in a program, the
fewer the errors contained within them).
There are costs as well as benefits for using O/R mapping. For instance, some
O/R mapping tools do not perform well during bulk deletions of data. Stored
procedures may have better performance but are not portable.
2. Gym Management System:

This system is implemented for better management of the gyms. This system inherits
its basic functionalities from the fitx framework. Further for the management of the
gym it provides various features:
a. Service Management: This feature allows various services to be created and
managed. In a Gym, service is the lowest unit that the gym can offer. The
service will include basic Gym offerings like gym floor, machines, training etc
will be provided and serviced through this module.
b. Package Management: Packages refers to the various packages that are
given to the user by the gym. A gym package will contain various services
with some discount or additional content offerings to the user which the gym
will sell to the users.
c. Campaign Management: Campaign will be the schemes which the gym will
run as seasonal offerings to attract more clients.
[36]
d. Client Management: The scope of the project will also include various
extensive client focusing features which includes:
i. Training Routine: The gym trainers can create specific training
routines for their client to have them focus on certain area or type of
exercise that they want. These routines can be assigned, modified and
removed from the clients by the gym trainers.
ii. Diet Routine: Similar to training routines the diet routines can also be
created and modified by the gym trainers exclusive for the users. It is
based on the idea that different clients of a Gym will have different
needs and hence different plans can and should be created for them.
This diet will be made available to the client by the gym trainer
through the help of this feature.
e. Integration with Mobile applications: In the Gym Management systems,
APIs are created so that the mobile applications can be created through which
at further down the line, mobile applications can be created which can be
integrated with the system and client will have a full-fledged web rich
experience.
3. GPS Live Tracking System

Global Positioning System (GPS) is a space-based satellite navigation system that
provides location and time information in all weather conditions, anywhere on or near
the Earth where there is an unobstructed line of sight to four or more GPS satellites.
In project various features are implemented like Geofencing, Live Tracking, Point Of
Interest and many other.
In this product we have used Tk103 GPS Tracking Device which have following
features:
Real-time polling
Auto track
Remote control oil and circuit
Modes switch between track and monitor
[37]
Geo-fence
Movement Alert
Over speed Alert
Restart the tracker
SOS Button
Cut power alert
This system is developed to track vehicles using GPS devices and manage them. It also
inherits the basic functionalities of the framework, it is developed on. It provides the
following functionalities:
a. Live Tracking: Live Tracking is the capability to track a GPS fitted object via
web gui. This particular feature allow users/clients to track their individual
vehicles live on google maps. This feature is particularly useful for car/truck
companies which rent vehicles as their owners can keep track of all their
vehicles all the time.
b. Geo Fencing: Geofence allows users to create a virtual perimeter by clicking
and selecting areas on google maps. The areas can be swept through either
using circle or square or users also has a choice to draw on the map itself and
that polygon will also work as geofence itself .In this feature the user is
notified when any of his vehicle go out of the virtual perimeter as defined by
himself. When the location-aware device of a location-based service (LBS)
user enters or exits a geo-fence, the device receives a generated notification.
c. Point of Interest: POI or point of interest is a place or location which is of

interest of the user. In implementation of this feature user can click on any
point of map to add it to POI, alternatively users can type in any address and
map will go to that particular point which is represented by that address and
that can be added to POI also. These are basically tagged points on map which
can be saved by user for future reference.
[38]
d. Point of Interest alerts: User gets notification or alerts whenever any of its
vehicle is near any of his places of interest. Here term near means that the
vehicle is in 1 km proximity range of the POI saved.
Technologies:
Three project i.e. Gym Management, GPS tracking System and the framework itself, were
created using a blend of various technologies. The system was deployed in two parts, with one
being the server was managed by the developers and operators while other part was rendered on
the clients end with the help of a browser. The various technologies used for creation of various
parts of projects are:
1. Backend:
Python 3.4: This was the language for creation of the backend of the project. An
extremely rich server side framework to facilitate the development of various projects
was created during the course of the internship.
Python is a multi-paradigm programming language: object-oriented
programming and structured programming are fully supported, and there are a number of
language features which support functional programming and aspect-oriented
programming (including by meta programming and by magic methods). Many other
paradigms are supported using extensions, including design by contract and logic
programming.
Python uses dynamic typing and a combination of reference counting and a cycledetecting garbage collector for memory management. An important feature of Python is
dynamic name resolution (late binding), which binds method and variable names during
program execution.
The design of Python offers only limited support for functional programming in
the Lisp tradition. The language has map (), reduce () and filter ()
functions, comprehensions for lists, dictionaries, and sets, as well as generator
expressions. The standard library has two modules (itertools and functools) that
implement functional tools borrowed from Haskelland Standard ML.
The core philosophy of the language is summarized by the document "PEP 20 (The Zen
of Python)", which includes aphorisms such as:
Beautiful is better than ugly
[39]
Explicit is better than implicit
Simple is better than complex
Complex is better than complicated
Readability counts
Rather than requiring all desired functionality to be built into the language's core, Python
was designed to be highly extensible. Python can also be embedded in existing
applications that need a programmable interface. This design of a small core language
with a large standard library and an easily extensible interpreter was intended by Van
Rossum from the very start because of his frustrations with ABC (which espoused the
opposite mindset).
While offering choice in coding methodology, the Python philosophy rejects exuberant
syntax, such as in Perl, in favor of a sparser, less-cluttered grammar. As Alex Martelli put
it: "To describe something as clever is not considered a compliment in the Python
culture." Python's philosophy rejects the Perl "there is more than one way to do it"
approach to language design in favor of "there should be one and preferably only one
obvious way to do it".
2. Database:
PostgreSql: PostGre SQL was used as the database in the project. The framework
provides a total of 10 tables to provide functionalities for login, user, and employee and
organization management. On the top of it various tables were created as described in the
list of tables.
PostgreSql, often simply "Postgres", is an object-relational database management
system (ORDBMS) with an emphasis on extensibility and standards-compliance. As a
database server, its primary function is to store data, securely and supporting best
practices, and retrieve it later, as requested by other software applications, be it those on
the same computer or those running on another computer across a network (including the
Internet). It can handle workloads ranging from small single-machine applications to
large Internet-facing applications with many concurrent users. Recent versions also
provide replication of the database itself for security and scalability.
PostgreSQL implements the majority of the SQL:2011 standard, is ACID-compliant
and transactional (including most DDL statements) avoiding locking issues using multi-
[40]
version concurrency control (MVCC), provides immunity to dirty reads and full
serializability, handles complex SQL queries using many indexing methods that are not
available in other databases; has updateable views and materialized views, triggers,
foreign keys; supports functions and stored procedures, and other expandability, and has a
large number of extensions written by third parties. In addition to the possibility of
working with the major proprietary and open source databases, PostgreSQL supports
migration from them, by its extensive standard SQL support and available migration
tools. And if proprietary extensions had been used, by its extensibility that can emulate
many through some built-in and third-party open source compatibility extensions, such as
for Oracle.
PostgreSQL is cross-platform and runs on many operating
systems including Linux, FreeBSD, Solaris, and Microsoft Windows. Mac OS X, starting
with OS X 10.7 Lion, has the server as its standard default database in the server
edition, and PostgreSQL client tools in the desktop edition. The vast majority of Linux
distributions have it available in supplied packages.
PostgreSQL is developed by the PostgreSQL Global Development Group, a diverse
group of many companies and individual contributors. It is free and open source
software, released under the terms of the PostgreSQL License, a permissive free software
license.
3. Object Relational Mapping:
SQLAlchemy is an open source SQL toolkit and object-relational mapper (ORM) for
the Python programming language released under the MIT License.
SQLAlchemy provides "a full suite of well-known enterprise-level persistence patterns,
designed for efficient and high-performing database access, adapted into a simple and
Pythonic domain language". SQLAlchemy's philosophy is that SQL databases behave
less and less like object collections the more size and performance start to matter, while
object collections behave less and less like tables and rows the more abstraction starts to
matter. For this reason it has adopted the data mapper pattern (like Hibernate for Java)
rather than the active record pattern used by a number of other object-relational
mappers. However, optional plugins such as Elixir and declarative allow users to develop
using declarative syntax.
[41]
SQLAlchemy was first released in February, 2006 and has quickly become one of the
most widely used object-relational mapping tools alongside Django's ORM in the Python
community.
4. Development Environment:
PyCharm: PyCharm is an Integrated Development Environment (IDE) used for
programming in Python. It provides code analysis, graphical debugger, integrated unit
tester, VCS/DVCS integration and supports web development with Django. PyCharm is
developed by Czech company JetBrains.
PyCharm for window 8.1 was installed on the system and all the project related
development was done it.
5. Deployment Server:
For Deployment Ubuntu 14 was installed on an instance of a virtual server provided by
Amazon and the projects were deployed, for the clients to access.
6. Source Control:
For source control purposes, sysgit for windows was used and the online repository was
hosted on www.github.com
[42]
OUTPUT
a) Login Screen
b) Dashboard Page
[43]
c) Point Of Interest Page
d) Security Setting Page
[44]
e) Playback Page
[45]
f) User Management Page
g) Vehicle Add Form
[46]
h) Geo Fence creation Page
References & Bibliography

1.
2.
3.
4.
5.
6.
7.
CherryPy Documentation (https://cherrypy.readthedocs.org/)

Google Maps API Documentation(https://developers.google.com/maps/documentation/)
Python Documentation (https://docs.python.org/)
Sqlalchemy Documentation (docs.sqlalchemy.org/)
Validatejs Documentation (validatejs.org)
jQuery Documentation (api.jquery.com/)
jQueryUI Documentation (api.jqueryui.com/1.8/)
[47]
[48]

Report Part2

Hochgeladen von

Dokumentinformationen

Originalbeschreibung:

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Report Part2

Hochgeladen von

Copyright:

Verfügbare Formate

MVC Based Python Framework

Maharaja Agrasen Institute Of Technology

1. Gym Management System: This product is a classic example of a standard enterprise

Framework Use Case

Gym Management System Use Case

GPS Live Tracking System Use Case

Use Case Description

Organization will be successfully created, updated or deleted

Changes will be automatically reflected

Employee Details will be automatically updated in the database.

Roles for employees will be successfully modified

CREATE TABLE "user"

REFERENCES organization (id) MATCH SIMPLE

CONSTRAINT permission_organization_id_fkey FOREIGN KEY

ON UPDATE NO ACTION ON DELETE NO ACTION,

preference double precision NOT NULL,

CONSTRAINT "paymentDetail_payment_id_fkey" FOREIGN KEY (payment_id)

2) Implementation Based Tables:

CREATE TABLE "Gps_Poi_Info" (

"User_Id" character(32) NOT NULL,

CREATE TABLE "gymCampaignServiceInfo" (

preference double precision NOT NULL,

type integer NOT NULL,

CREATE TABLE info (

MVC: Model View Controller

RBAC: Role Based Access Control

LBAC: Lattice Based Access Control

ORM: Object Relational Mapper

OOP: Object Oriented Programming

CLI: Command Line Interface

GUI: Graphical User Interface

IDE: Integrated Development Environment

GPS: Global Positioning System

CSS: Cascaded Styling Sheets

API: Application Programming Interface

HTTP: Hypertext Transfer Protocol

HTML: Hypertext Markup Language

The main workhorse of the whole software is the class: app.App

The user level configuration of the software is done in appConfig.AppConfig

Command line interface (for developers)

Command Line Interface

Graphical User Interface

Data Anomaly is avoided at all costs.

Description of some basic tables:

User: This table is used to store user authentication details.

The files containing table structure information are placed in dataModel.

2. Gym Management System:

3. GPS Live Tracking System

c. Point of Interest: POI or point of interest is a place or location which is of

Beautiful is better than ugly

Explicit is better than implicit

Simple is better than complex

Complex is better than complicated

c) Point Of Interest Page

d) Security Setting Page

f) User Management Page

g) Vehicle Add Form

h) Geo Fence creation Page

References & Bibliography

CherryPy Documentation (https://cherrypy.readthedocs.org/)

Das könnte Ihnen auch gefallen