C# ПІДРУЧНИКИ / c# / Premier Press - C# Professional Projects
.pdf
PROJECT CASE STUDY AND DESIGN |
Chapter 18 |
|
419 |
|
|
||||
|
|
|
|
|
As you can see in Figure 18-5, you can select parameters for generating reports in the Reports.aspx form. For example, in the monthly flight revenue report, business managers can select the month and year for which the report should be generated. These parameters are internally used by the application to generate the final report.
The FreqFl.aspx Form
The FreqFl.aspx form is used for managing the frequent fliers program.The form is shown in Figure 18-6.
FIGURE 18-6 Enabling the frequent fliers prog ram
The FreqFl.aspx form provides two parameters on which you can enable the frequent fliers program: the number of times that a passenger has flown the flight and the total amount paid by passengers as fare. When a business manager enables the frequent fliers program on these parameters, the eligible passengers are added to the dtFrequentFliers table of the SkyShark Airlines database, which is used for enabling discounts to the selected passengers at the time of reservation.
PROJECT CASE STUDY AND DESIGN |
Chapter 18 |
421 |
|
|
|
|
|
The CancelRes.aspx Form
The CancelRes.aspx form is used for canceling reservations. The only parameter required on this form is the ticket number. After the line-of-business executive specifies the ticket number and cancels the reservation, the ticket is marked as canceled and status of the flight is updated in the dtFltStatus table.The CancelRes.aspx form is shown in Figure 18-8.
FIGURE 18-8 Canceling reservations
The QueryStat.aspx Form
The QueryStat.aspx form is used for retrieving the status of flights and tickets. The status of flights is queried from the dtFltStatus table by using the date, class, and flight number. Similarly, the status of tickets is retrieved from the dtReservations table by using the ticket number. The QueryStat.aspx form is shown in Figure 18-9.
PROJECT CASE STUDY AND DESIGN |
Chapter 18 |
425 |
|
|
|
|
|
ChangePassword.aspx. The ChangePassword.aspx form is used for changing the password of a user. This form has a consistent interface across all roles in the airline.
Header.aspx. The Header.aspx form is used for displaying the header of every form, which contains the banner.
Logoff.aspx. The Logoff.aspx form is used for logging off a user from the Web application. The Logoff.aspx form is shown in Figure 18-13.
FIGURE 18-13 Logging off users from the Web application
Enabling Security with the Directory Structure
Whenever you create a new application, you need to secure it. This especially holds true for ASP.NET applications because they need to be protected from unauthorized intruders from the Internet. Security is not an issue that can be dealt with only after applications are complete. Instead, you need to plan for the security of the application from the conception stage.
ASP.NET enables you to implement directory-level security. Thus, you can grant permissions to different uses for accessing forms stored in different directories. This ability of ASP.NET is especially useful for your airline application.
426 Project 4 CREATING AN AIRLINE RESERVATION PORTAL
SkyShark Airlines has different roles defined for its executives. Each role has a set of tasks defined for it. These tasks do not overlap. Therefore, your application should not allow a line-of-business executive to add a new flight by using the ASP.NET forms that is to be used by business managers. As a result, you need to authenticate users to access the Web site and restrict users from accessing forms based upon their respective roles.
To enable such a security model on your Web site, you can implement either of the following methods:
Place ASP.NET forms into different folders based upon the roles of users who need to access these forms and use different security settings for the folders.
Programmatically manage access to ASP.NET forms of the Web application.
In the airline application, I implement both the methods described above. Different folders are created for forms pertaining to different roles and access to ASP.NET forms is controlled programmatically. You can learn about restricting access to ASP.NET forms programmatically in Chapter 25,“Securing the Application.” However, I will examine the directory structure of the application, which is always finalized in the early phases of the project.
In the SkyShark Airlines application, the ASP.NET forms pertaining to the three business roles are given as follows:
Business managers. AddFl.aspx, RequestID.aspx, Reports.aspx, and FreqFl.aspx
Line-of-business executives. CreateRes.aspx, CancelRes.aspx, QueryStat.aspx, and ConfirmRes.aspx
Network administrators. ManageUsers.aspx and ManageDatabases.aspx
The application root directory should therefore have three subdirectories: BM, LOB,and NA.Each of these subdirectories will store files as per the scheme given in the previous list. The final directory structure for the SkyShark Airlines application is given in Figure 18-14.
PROJECT CASE STUDY AND DESIGN |
Chapter 18 |
427 |
|
|
|
|
|
FIGURE 18-14 Directory structure for the SkyShark Airlines application
Note that in the preceding directory structure, I have not shown the Images folder, but in the final application, the Images folder is present in all subdirectories and holds figures that are used on Web pages.
Summary
The ASP.NET professional project is based upon the business transactions of a fictitious airline, SkyShark Airlines. Executives in SkyShark Airlines can be categorized into three roles: business management, line-of-business operations, and network administrators.
Business managers are responsible for framing policies and analyzing the performance of the airline. Similarly, line-of-business executives are responsible for