-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathrefinement-plan-and-code-review.html
229 lines (208 loc) · 19.7 KB
/
refinement-plan-and-code-review.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
<!DOCTYPE html>
<html lang="en">
<head>
<!-- Favicon and Icons -->
<link rel="icon" href="https://Smokey027.github.io/favicon.ico" type="image/x-icon">
<link rel="apple-touch-icon" sizes="180x180" href="/apple-touch-icon.png">
<link rel="icon" type="image/png" sizes="32x32" href="/favicon-32x32.png">
<link rel="icon" type="image/png" sizes="16x16" href="/favicon-16x16.png">
<link rel="manifest" href="/site.webmanifest">
<!-- Meta Tags -->
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="Enhancement Plan and Code Review page of Scot's ePortfolio.">
<!-- Title -->
<title>Enhancement Plan and Code Review - Scot C. Batton's ePortfolio</title>
<!-- Styles -->
<style>
body {
font-family: Arial, sans-serif;
line-height: 1.6;
margin: 0;
padding: 0;
background-color: #f0f0f0;
color: #333;
}
header {
padding: 20px;
text-align: center;
background-image: url('red-3124617_1280.png');
background-size: cover;
background-position: center;
color: black;
font-family: 'Copperplate Gothic Bold', sans-serif;
}
header h1 {
font-size: 28px;
margin: 5px 0;
}
header p {
font-size: 24px;
margin: 5px 0;
}
nav {
background-color: #333;
color: #fff;
padding: 10px;
text-align: center;
}
nav a {
color: #fff;
margin: 0 15px;
text-decoration: none;
cursor: pointer;
}
main {
padding: 20px;
max-width: 800px;
margin: 0 auto;
background-color: #fff;
}
footer {
padding: 20px;
background-color: #888;
color: #fff;
text-align: center;
}
section {
margin-bottom: 40px;
}
h2, h3 {
color: #4169e1;
}
a {
color: #4169e1;
text-decoration: none;
}
a:hover {
text-decoration: underline;
}
.img-center {
display: block;
margin: 0 auto;
max-width: 100%;
position: relative;
transform: scaleY(0.75);
}
.github-button {
display: inline-block;
margin-top: 10px;
padding: 10px 20px;
background-color: #24292e;
color: #ffffff;
border-radius: 5px;
text-decoration: none;
font-weight: bold;
}
</style>
</head>
<body>
<header>
<h1>Scot C. Batton</h1>
<p>ePortfolio</p>
<p>CS-499 Computer Science Capstone</p>
<a href="https://github.com/Smokey027/Smokey027.github.io" class="github-button" target="_blank" rel="noopener noreferrer">View Project on GitHub</a>
</header>
<nav>
<a href="index.html#welcome">Welcome</a>
<a href="index.html#self-assessment">Professional Self-Assessment</a>
<a href="refinement-plan-and-code-review.html">Enhancement Plan and Code Review</a>
<a href="software-design.html">Software Design</a>
<a href="algorithms.html">Algorithms</a>
<a href="databases.html">Databases</a>
</nav>
<main>
<section id="codereview">
<h2>Enhancement Plan and Code Review</h2>
<img class="img-center" src="EventTrackingApp/codereview.jpg" alt="Code Review Image" title="Code Review">
<p style="text-indent: 40px;">The capstone project for my bachelor's degree in computer science is designed to showcase the skills learned throughout the degree and how I can effectively use those skills. The narrative that follows is based on an Event Tracking Application that I created during <strong>CS-360: Mobile Architecture and Design</strong>. The Event Tracking Application will be used as all three of my artifacts and will be used for all three enhancements. This narrative and enhancement plan focuses of the categories of software engineering and design, algorithms and data structures, and databases in the artifact that I am presenting. I have analyzed the original code for weaknesses, limitations, and vulnerabilities using the skills, best coding practices, and resources I have been given throughout my degree. I have provided my enhancement plan for each of the three categories and provide examples of how the course outcomes apply to the current code and the changes I presented.</p>
<h3>Software Design and Engineering</h3>
<p style ="text-indent: 40px;"> The first category that will be examined within the code base will focus on <strong>Software Design and Engineering</strong>. The code base has several activities that are used within an Android application. The MAIN ACTIVITY handles the user logging in, validates users’ credentials against the information stored within the database, and allows the user to navigate to the list of events or the registration screen. The REGISTRATION ACTIVITY is what manages the registration of the user and makes sure that the username and password for the user is provided prior to them being stored in the database. The EVENTLISTACTIVITY displays the list of events to the user. This activity uses a ListView for display and allows the user to delete events. The EVENTADAPTER connects the event data to the user interface in a RecyclerView and provides the functionality for the editing and deleting of the events. The SMSPERMISSIONACTIVITY is currently only a placeholder for the management of SMS permissions.</p>
<p style ="text-indent: 40px;"> The Activities included in this section provide features and functions to the application. This section of the code is for user authentication (login and registration), CRUD operations for events (create, read, update, delete), Dynamic user interface updates via RecyclerView and ListView, and provides a placeholder for SMS functionality.</p>
<p style ="text-indent: 40px;"> The code within these activities is created with modularity and provide different classes for the different functionalities (authentication and event management) but as stated before, the SMSPERMISSIONACTIVITY has not been implemented. Code is easy to read, and the classes and methods are clearly and logically named, however the code does not have detailed comments to advance the code creation and further explain the code. There is minimal error handling used with the operations of the database or for user input, (no check for database connection failure). The security of the application is also at risk. The passwords are not stored with hashing or encryption and there is no input sanitization which allows the change for SQL injection attacks. There are also no unit tests in this code section with can be crucial for the reliability of the application. The code overall follows JAVA coding standards but does have some naming inconsistencies. Making these changes along with using design patterns (MVC) could help better this code.</p>
<h4>Enhancements:</h4>
<ul>
<li>Redesign the UI/UX: Implement a consistent color scheme and typography for better aesthetics, enhancing the user experience in the MAIN ACTIVITY and EVENTLISTACTIVITY.</li>
<li>Add a Bottom Navigation Bar: Ensure seamless navigation between different sections of the app, improving usability across all activities.</li>
<li>Incorporate Animated Buttons: Provide interactive feedback to users during their interactions, particularly in the REGISTRATION ACTIVITY and EVENTLISTACTIVITY.</li>
<li>Improve Security: Implement password hashing and encryption, and ensure input sanitization to mitigate SQL injection risks, addressing vulnerabilities in user authentication.</li>
<li>Increase Error Handling: Add checks for database connection failures and improve user input validation, enhancing the reliability of the database operations.</li>
<li>Implement Unit Tests: Ensure reliability through thorough testing of functionalities, particularly for user authentication and event management.</li>
</ul>
<h4>Specific Skills Demonstrated:</h4>
<ul>
<li>UI/UX design principles</li>
<li>Application development best practices</li>
<li>User-centered design techniques</li>
<li>Error handling and security practices</li>
</ul>
<h4>Course Outcomes Supported:</h4>
<ul>
<li><em>Outcome 1:</em> Employ strategies for building collaborative environments that enable diverse audiences to support organizational decision making in the field of computer science.</li>
<li><em>Outcome 2:</em> Design, develop, and deliver professional-quality oral, written, and visual communications that are coherent, technically sound, and appropriately adapted to specific audiences and contexts.</li>
<li><em>Outcome 3:</em> Design and evaluate computing solutions that solve a given problem using algorithmic principles and computer science practices and standards appropriate to its solution, while managing the trade-offs involved in design choices.</li>
</ul>
<h3>Algorithms and Data Structures</h3>
<p style ="text-indent: 40px;"> The second category that will be addressed within the Event Tracking application will be <strong>Algorithms and Data Structures</strong>. The code base used for this application utilizes the standard data structures that are provided by the Android network, these include ListView and RecyclerView. These structures are used to display events to the user. This code also used SimpleCursorAdapter to bind the data from a SQLite database to the aforementioned ListView.</p>
<p style ="text-indent: 40px;"> The SimpleCursorAdapter functions as a binder of the database cursor data to the user interface components. The EventManager used in this code, uses lists to manage events which provides the application with efficient data retrieval and manipulation.</p>
<p style ="text-indent: 40px;"> The code reviewed for the Algorithms and Data Structures section of this review has some quality parts but there are also sections that need improvement. The efficient of the code is lacking. The current set up of the code is only efficient when the data set used is small. The performance of the application may degrade as the number of events grows, this is caused using ListView and SimpleCursorAdpater and not RecyclerView. The complexity of the application code is also something that lacks optimization. The code itself is rather straightforward but if a more efficient algorithm or data structure was used for adding and deleting events the application would be more efficient. The scalability of the application is also in question. The current way the application handles data is something that needs changing. If pagination or lazy loading for event retrieval was used the scalability of the application could be greatly increased.</p>
<p style ="text-indent: 40px;"> The application could be greatly improved by providing greater logic, data structures, and optimization. Some of the algorithms have a higher time complexity in data retrieval and are not necessary. This not only will help with complexity, but it will also provide algorithm optimization. The data structures within the application can also be more advanced (hash maps, trees)</p>
<h4>Enhancements:</h4>
<ul>
<li>Implement Multilingual Support: Add English and Spanish language resources and allow users to toggle between languages, enhancing user accessibility.</li>
<li>Optimize Data Structures: Replace ListView with RecyclerView for better performance and scalability in the EVENTLISTACTIVITY.</li>
<li>Introduce Pagination or Lazy Loading: Enhance data retrieval efficiency as the number of events grows, addressing scalability concerns in event management.</li>
<li>Refine Algorithms: Use more efficient algorithms for adding and deleting events to improve overall performance in the EventManager.</li>
</ul>
<h4>Specific Skills Demonstrated:</h4>
<ul>
<li>Data handling and localization techniques</li>
<li>Implementation of algorithms for language management</li>
<li>Optimization of data structures for efficient data retrieval</li>
</ul>
<h4>Course Outcomes Supported:</h4>
<ul>
<li><em>Outcome 1:</em> Employ strategies for building collaborative environments that enable diverse audiences to support organizational decision making in the field of computer science.</li>
<li><em>Outcome 3:</em> Design and evaluate computing solutions that solve a given problem using algorithmic principles and computer science practices and standards appropriate to its solution, while managing the trade-offs involved in design choices.</li>
<li><em>Outcome 4:</em> Demonstrate an ability to use well-founded and innovative techniques, skills, and tools in computing practices for the purpose of implementing computer solutions that deliver value and accomplish industry-specific goals.</li>
</ul>
<h3>Databases</h3>
<p style ="text-indent: 40px;"> The third and final category that will be reviewed for the Event Tracking application with be <strong>Databases</strong>. The database for an application is essential for holding all the information the user needs stored and the information that needs to be available to the user. The Event Tracking application uses SQLite for its data storage, management of the user’s credentials, and storage of the event information provided by the user. The database provided within the application handles the CRUD operations and schema management.</p>
<p style ="text-indent: 40px;"> The functions and features of the database are not extremely robust and are in their early stages. The storage of the data (user and event) is stored within SQLite and allows for persistent storage across the application sessions. The database class also uses CRUD operations which creates methods that allow for the addition, retrieval, updating, and deletion of events and users of the application.</p>
<p style ="text-indent: 40px;"> The code and database which is being reviewed for the Database category needs improvement but has a good start that currently provides the application with data storage and retrieval. The database itself needs to be normalized so that it can avoid any redundancy within the system. There is also currently no error handling within database operations. The lack of error handling can cause the application to crash and for the operations within to fail. The security of the database, especially user data, needs to be enhanced within the database. There are also performance questions for the database. The use of prepared statements to prevent SQL injections instead of the user of cursors for data retrieval will help this application.</p>
<p style ="text-indent: 40px;"> As shown in the first category, SMSPERMISSIONACTIVITY has not been implemented and needs to be finished to improve the structure and logic of the code. The use of a better architecture, Model-View-ViewModel will also improve separation and testing. Error handling needs to be implemented within the database as well. The use of try-catch blocks and providing user feedback will allow for better usability and review for the user and creator. The database needs to handle hash and salt passwords prior to storing them in the database instead of the lack of encryption that there is currently. The database also needs unit tests and integration tests to test functionality and components within the system. The creation of a README file for architecture and set up instructions would also be beneficial along with adding more comments to the files.</p>
<h4>Enhancements:</h4>
<ul>
<li>Implement AES-256 Encryption: Secure sensitive user data stored in the database, addressing security vulnerabilities in user data management.</li>
<li>Add Authentication Methods: Protect user information and ensure secure access, enhancing the user credential management process.</li>
<li>Utilize HTTPS for Data Transmission: Encrypt data sent between the application and the server, improving overall data security.</li>
<li>Normalize Database Schema: Avoid redundancy and improve data integrity, enhancing the effectiveness of CRUD operations.</li>
<li>Enhance Error Handling: Implement try-catch blocks for database operations and provide user feedback, improving the reliability of database interactions.</li>
<li>Introduce Unit and Integration Tests: Ensure functionality and reliability of the database operations, supporting robust testing practices.</li>
</ul>
<h4>Specific Skills Demonstrated:</h4>
<ul>
<li>Secure data handling techniques</li>
<li>Implementation of encryption methods</li>
<li>Best practices for database security and error handling</li>
</ul>
<h4>Course Outcomes Supported:</h4>
<ul>
<li><em>Outcome 3:</em> Design and evaluate computing solutions that solve a given problem using algorithmic principles and computer science practices and standards appropriate to its solution, while managing the trade-offs involved in design choices.</li>
<li><em>Outcome 4:</em> Demonstrate an ability to use well-founded and innovative techniques, skills, and tools in computing practices for the purpose of implementing computer solutions that deliver value and accomplish industry-specific goals.</li>
<li><em>Outcome 5:</em> Develop a security mindset that anticipates adversarial exploits in software architecture and designs to expose potential vulnerabilities, mitigate design flaws, and ensure privacy and enhanced security of data and resources.</li>
</ul>
<p style ="text-indent: 40px;">The entire application needs further functionality and security to allow for a more robust and usable system. The code itself could benefit from more complex structures and design patterns that will allow the code to be better maintained. The algorithms within the application can be optimized by including more advanced data structures and improving the efficiency of the entire application. The database and security of the application must also be improved and by normalizing the database schemas, optimizing queries, and implementing best practices when it comes to security, the overall maintainability, efficiency, and security of the application will be improved.</p>
<p>For my video on code review click, <a href="https://youtu.be/6eo0bEmdYWc" target="_blank" rel="noopener noreferrer">Event Tracking App Code Review</a></p>
<p style="text-indent: 40px;">
Explore the application and download the original code below:
<ul>
<li><a href="https://Smokey027.github.io/EventTrackingApp/EventTrackingApplicationOriginal.zip" download>Download Original Code</a></li>
</ul>
</section>
</main>
<footer>
<p>© 2024 Scot C. Batton. All rights reserved.</p>
</footer>
</body>
</html>