# User documentation ## Student ### Authentication Almost all parts of ReCodEx system is available only after authentication. For this purpose JWT tokens are used but in normal usage users do not have to worry about them, because web application does this. With this stated it is obvious that there has to be some registration mechanism and some web form in which users can fill their credentials and stay logged in for up-coming moments. #### Registration Registration into ReCodEx can be done two ways: using our own authentication service or pick some of the external ones. Currently there is only one external authentication mechanism which is CAS (Charles University Authentication Service). During registration user has to choose instance to which he/she wants to belong to (This is why registration using CAS has to be separated from simple login). This choice cannot be undone with current username and thus has to be done properly, based on instance user will see groups available in chosen instance. In normal authentication using ReCodEx proper password has to be provided. There are certain checks if password is suitable and can be accepted otherwise user cannot register. Passwords are hashed, salted and stored in database, so nobody can see or decode them. This of course means that if user loose his/hers password it cannot be retrieved and forgotten password mechanism has to be used. #### Login Login form is like registration divided into ReCodEx authentication and external service authentication. User should use particular mechanism which was used during registration. All authentication forms should be simple and require only proper combination of username and password. #### Forgotten password Works only for ReCodEx authentication mechanism. For external authentication services please use their forgotten password mechanisms. After request for resetting password user should get email delivered to email address specified in user's profile. In mentioned email there should be link on change password form which can be used for password reset and setting of new one. Please note that access to change password link is time limitted for security sake and can be used only for couple of minutes. ### User profile // TODO: password change, profile change, email notifications ### Groups #### Group membership // TODO: list of groups, join, leave #### Assigned exercises // TODO: deadlines, etc #### Submission of assignment and its results As stated before assignments can be found in some particular group and are submitable only if several conditions are satisfied (deadlines, etc.). On detail of assignment files can be submitted for evaluation. Files can be uploaded only one by one and after uploading all of them solution of assignment can be submitted. There is no need to specify language of provided files, application is using automatic detection from file extensions to find appropriate code language. This of course means that files has to have proper extension. If everything goes well then after submitting of files progress bar of evaluation will be shown. When evaluation ends on backend side of ReCodEx, results with all the provided statistics can be displayed. Results of submission contains some information about execution process and also about evaluation and points. Most notably there are information about evaluation, like date and time of evaluation, if deadlines were satisfied, if compilation was successful or if evaluation even finished. There is also list of all tests which are bounded with exercise and their percentual results. User can also access files which was submitted and notes which was provided. Results of submission should give overall image on user solution. ## Group supervisor ### Groups #### Management // TODO: create sub-group, delete sub-group, change parameters of group #### Students submissions // TODO: list of them, submitted files, etc ### Exercises // TODO: update, create, delete ### Assignment of exercise // TODO: update, create, delete, etc ## Administrator ### Instances // TODO: create, delete, update, manage licenses ### Users management There are only few roles to which users can belong in ReCodEx. Basically there are only three: student, supervisor, and superadmin. Base role is student which is assigned to every registered user. Roles are stored in database alongside other information about user. One user always has only one role at the time. At first startup of ReCodEx administrator should create his/hers account and them change role in database by hand. After that manual intervention into database should never be needed. - Student -- - Supervisor -- Inherits all permissions from student role. - Superadmin -- Inherits all permissions from supervisor role. There is a little catch in groups management. Groups can have admins and supervisors. This setting is valid only per one particular group and has to be separated from basic role system. This implies that supervisor in one group can be student in another and simultaneously have global supervisor role. Changing role from student to supervisor is done automatically by application and should not be managed by hand in database! // TODO: user actions (delete, create, update or whatever) ### Groups // TODO: management, higher privileges than supervisor