svlada · October 31, 2013 10:35
diff --git a/Candidate b/Candidate
 # Weeks 1 - 2

 ## Reading 

 ### Mandatory
 - Read Spring MVC in Action
 - Read http://en.wikibooks.org/wiki/Java_Persistence

 ### Optional
 - Read Pro JPA 2 - Mastering the Java Persistence 
 - Read Java Persistence with Hibernate

 ## Practical
 - Analysis of project structure in existing pilot projects
 - Trying examples from books, tutorials

 ## Milestone 1 - After two week period
 - Gained basic Spring and JPA knowledge
 - Have project structure ready for pilot project



 # Weeks 3 - 6

 # Pilot project

 **Estimate:** Time allocated for this project is 4 weeks

 ## Requirements

 ### Security

 #### User can register to your web application

 1. User registration
    2. User will provide following details on the registration form
        3. Username - **required field**
            4. Number of characters: Min: 8, Max: 254
            5. At least one uppercase letter, At least one number
        6. Password - **required field**
            7. Hash password with BCrypt or PBKDF2 on the server. Use hashing schema from the following URL https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
        8. First name - **required field**
        9. Last name - **required field**
        10. Email - **required field**
        11. Store as a lower case to the database
        12. Validate email address
    10. After user finish with registration, confirmation email is sent to the user
        11. Confirmation email must contain **confirmation URL**
        12. User will not be able to login to web application until he click on **confirmation URL**
    13. After registration user should be given **User** role. 

 #### User can login to your web application

 1. User login process
    2. User will provide username and password
    3. **Optional** After third unsuccessful attempt to login - show captcha
    4. User can select **Remember me** check box on login page

 #### User Roles

 You must create at least two user roles for your project.

 List of suggested roles:

 1. Admin
 2. User / Regular user
 3. Anonymous 
 

 ### Content for authenticated user

 #### User can view list of arbitrary items

 Each list that is shown to the User must have following functionalities:

 1. User with role User can do the following:
    1. List items he created
    2. List must be paginated
    2. Pagination must be configurable (Page size, Number of Elements Per page)
    3. List must be sortable (A-Z, Z-A)
    4. Permission to perform CRUD operations on items created by himself
    5. Add item comments (for any item)
 4. User with the role Admin
    5. Can Add, Edit, Delete items that he owns
    6. Delete other user's item comments
 6. User with the role Anonymous 
    7. Read only mode

 > **Note:** Item mentioned here is abstract term. For example one item **Person** could have one or more **Phone** items. 
 > Please meke sure that following relationships are covered in the data model:
 > *One To Many, Many To One, Many To Many, One To One*

 > **Example**: User can write one or more articles. Article could be edited by one or more users. Article could be tagged with specific tag keyword, and again same tag keyword could be applied to the different articles.


    
 #### Navigation menu

 1. User can navigate through application by using navigation menu
 2. User can have various roles (Admin, Editor, User, etc). Based on user role different menu items should be shown. 

 #### Search 

 User should be able to perform search in your web application. You should provide two search forms.

 1. Simple search 
    2. One Text box and search button
        3. User will enter some term in search box and after search is performed results will be shown to the user
 2. Advanced search
    3. Use following components to create advanced search:
        4. Text box, Date Range, Text box (accepts only Numbers), Drop down with some Enumerated values
        5. Monthly view/search of items 
    
 > **Note:** Search results will be shown in a form of a result list. Based on Role user will be able to perform one of the CRUD operations.

 #### Admin panel

 Admin Panel will be available to the users with the Role **Admin**
 Admin panel should allow search and CRUD operation on application users.]

 #### Retention policy

 The application should keep only items and comments that are not older than one year. This requires a scheduled job that will peridically delete old records.
	# Weeks 1 - 2

	## Reading

	### Mandatory
	- Read Spring MVC in Action
	- Read http://en.wikibooks.org/wiki/Java_Persistence

	### Optional
	- Read Pro JPA 2 - Mastering the Java Persistence
	- Read Java Persistence with Hibernate

	## Practical
	- Analysis of project structure in existing pilot projects
	- Trying examples from books, tutorials

	## Milestone 1 - After two week period
	- Gained basic Spring and JPA knowledge
	- Have project structure ready for pilot project



	# Weeks 3 - 6

	# Pilot project

	Estimate: Time allocated for this project is 4 weeks

	## Requirements

	### Security

	#### User can register to your web application

	1. User registration
	2. User will provide following details on the registration form
	3. Username - required field
	4. Number of characters: Min: 8, Max: 254
	5. At least one uppercase letter, At least one number
	6. Password - required field
	7. Hash password with BCrypt or PBKDF2 on the server. Use hashing schema from the following URL https://www.owasp.org/index.php/Password_Storage_Cheat_Sheet
	8. First name - required field
	9. Last name - required field
	10. Email - required field
	11. Store as a lower case to the database
	12. Validate email address
	10. After user finish with registration, confirmation email is sent to the user
	11. Confirmation email must contain confirmation URL
	12. User will not be able to login to web application until he click on confirmation URL
	13. After registration user should be given User role.

	#### User can login to your web application

	1. User login process
	2. User will provide username and password
	3. Optional After third unsuccessful attempt to login - show captcha
	4. User can select Remember me check box on login page

	#### User Roles

	You must create at least two user roles for your project.

	List of suggested roles:

	1. Admin
	2. User / Regular user
	3. Anonymous


	### Content for authenticated user

	#### User can view list of arbitrary items

	Each list that is shown to the User must have following functionalities:

	1. User with role User can do the following:
	1. List items he created
	2. List must be paginated
	2. Pagination must be configurable (Page size, Number of Elements Per page)
	3. List must be sortable (A-Z, Z-A)
	4. Permission to perform CRUD operations on items created by himself
	5. Add item comments (for any item)
	4. User with the role Admin
	5. Can Add, Edit, Delete items that he owns
	6. Delete other user's item comments
	6. User with the role Anonymous
	7. Read only mode

	> Note: Item mentioned here is abstract term. For example one item Person could have one or more Phone items.
	> Please meke sure that following relationships are covered in the data model:
	> One To Many, Many To One, Many To Many, One To One

	> Example: User can write one or more articles. Article could be edited by one or more users. Article could be tagged with specific tag keyword, and again same tag keyword could be applied to the different articles.



	#### Navigation menu

	1. User can navigate through application by using navigation menu
	2. User can have various roles (Admin, Editor, User, etc). Based on user role different menu items should be shown.

	#### Search

	User should be able to perform search in your web application. You should provide two search forms.

	1. Simple search
	2. One Text box and search button
	3. User will enter some term in search box and after search is performed results will be shown to the user
	2. Advanced search
	3. Use following components to create advanced search:
	4. Text box, Date Range, Text box (accepts only Numbers), Drop down with some Enumerated values
	5. Monthly view/search of items

	> Note: Search results will be shown in a form of a result list. Based on Role user will be able to perform one of the CRUD operations.

	#### Admin panel

	Admin Panel will be available to the users with the Role Admin
	Admin panel should allow search and CRUD operation on application users.]

	#### Retention policy

	The application should keep only items and comments that are not older than one year. This requires a scheduled job that will peridically delete old records.