John Hancock - Project Snapshot Azure AD Authentication and Permissions Management Assembly

Project Overview

Welcome to Project Snapshot! The goal of this project is to create an app that will allow intuitive consumption of project information and allow project reviewers to interact with the project information so that positive or negative observations can be communicated with transparency.

Competition Task Overview

For this challenge, you will need to make some changes to the authentication / authorization implementation and also fix some bugs.

Please keep in mind that the code will eventually be deployed to Microsoft Azure so make sure your code has no compatibility issue with that environment.

If you have any questions about the requirements, please ask in the forum.

Azure AD
Right now the app is using normal Windows Server Active Directory service, we need to switch to Azure AD instead. You will have to:
- Remove exisitng authentication code and any related unit tests, documentation, etc... Note that the current code has some code that uses mocked user and bypasses AD authentication, such code needs to be removed as well.
- Update the frontend and backend to use Azure AD service. The frontend will now re-direct the user to Azure AD login page, and once login succeeds Azure AD will re-direct the users back to the snapshot app with some basic user info. The frontend needs to pass the info to the backend and let the backend save necessary information. I think we should at least store info like username, user id, email, first / last name etc.
- The frontend should also use the Azure AD Graph API to retrieve user avatar, please check this for API reference: https://msdn.microsoft.com/en-us/library/azure/ad/graph/api/users-operations
- We have provided sample app and the Azure AD details (url, and test user accounts) in the forum so you can see how it should be done.

Authorization / Permission Control
In the current app authorization is not properly done, we need to update the app to make sure it works as described in the Users with Special Functions section of the BRD (the last section of page 10). Please note that only a few users will have these special privileges, most users will have readonly access to the app.

We do not need a UI to manage user roles, but it must be possible to set / update user permissions through a database table.

The frontend will also need some updates since now different users will have access to some different features inside the app. These changes are also in scope.

Bug Fixes
All issues with the challenge label in GitLab shoule be fixed in this challenge: https://gitlab.com/jh-snapshot/snapshot/issues?label_name%5B%5D=challenge

There are overall 9 issues included in this challenge, see http://take.ms/tx3avu

Deployment Guide
Please clean up the deployment guide a bit, we only want a consolidated guide in markdown format, so you should put all info into this single readme: https://gitlab.com/jh-snapshot/snapshot/blob/dev/README.md

The readme should clearly describe how to configure and deploy the app, from backend to frontend (in order). The other deployment guides should be removed to make things clear.

Unit Tests
You must not break any existing unit tests already done in the backend code. You should clean / remove unit tests that no longer make sense (for example: tests related to the old AD authentication).

Timeline
The challenge has shortened review / appeals timeline, please pay attention to it.

Winner Responsibility
The winner will be responsible for sending a merge request to our repo and deploy the code to a provided VM.

Technology Overview
SQL Server 2012 (must be compatible with Azure database)
Windows Server / Azure (must be deployable as an Azure web app)
Active Directory (Authentication / Authorization)
Angular.js
HTML5
CSS
C# / .NET 4.5.2
REST services (using ASP.NET Web API)
HTML5
HTTPS connectivity from the browser to the server

Documentation Provided

Register to download all documents from challenge forum.

Final Submission Guidelines