Working of the App
When a user registers, a User Account is created. The user contains various details of the user like the username, automatically generated userid, password. These all are stored in the User model. A separate Profile model is present which deals with the various permission a user has on the Review System platform. They are as follows:
- If the user can see the ratings.
- If the user can register.
- If the user can edit their ratings.
These permissions can be directly changed by the Sudo User or also be changed by the user itself, given certain conditions are met.
A separate work model is present which stores the various works that the user can do. It has a foreign key object to link it to the respective user and an object to store the work itself. It is interesting to note that even the works are encrypted and cannot be viewed from directly breaching the database.
Works has a CRD architecture, which allows the user to Create, Read and Delete the work to his/her convenience. Other users can only read the work by either opening the leaderboard or the profile.
Leaderboard gives the one-look view of all the users, ratings and their latest work. It has no separate model but uses data from different models. The leaderboard doubles as a portal to visit the other users and also shows the users in descending order of their ratings.
Rating model is present in the app which works solely to store information regarding
- The Rater
- The Ratee
- The Rating
- Review for the Ratee
- Time of Rating
Rater and Ratee are foreign key objects which connect them to their respective User Objects. Rating is an integer between 1 to 10. Review is the reason for the rating. Time of Rating is the timestamp of when the rating is added/updated and is going to be used for internal logic which would be covered under the Sudo User documentation.
- Red arrow shows method overload, where Update Everyone overrules the canRate,canEdit and canSee definitions for a user. More in the Sudo User Page
- User is a built-in Django Model, whereas Profile uses the User model along with a few other attributes.
- Ratings stored are encrypted in the database.It is more appropiat to call it as a signed rating and a signed review
- user1 rates user2
The Ratings, Reviews and Works are encrypted in the Review System, to ensure no data leakage in case of Database breach. The system uses the Django Signing class to return a URL-safe sha1 signed compressed JSON string.
The ratings and reviews, once the form is submitted, is changed into individual tuples, encrypted and then stored. Now, when the data is required to be viewed, the encrypted data gets decrypted and is shown to the user. In this way, no unencrypted data gets stored in the database, so even the Django-admin can't view the data.
Click for full size image