Improved system description.
This commit is contained in:
parent
7ac4f5b8b6
commit
deef3ad3cc
24
README.md
24
README.md
|
@ -1,10 +1,24 @@
|
||||||
# Grade Management - An Intentionally Vulnerable Rails Application
|
# Insecure Grade Management - An Intentionally Vulnerable Rails Application
|
||||||
|
|
||||||
Grade Management is an **intentionally vulnerable** grade management application that can
|
Insecure Grade Management is an **intentionally vulnerable** grade management application
|
||||||
be used for teaching *security testing* and *security programming*.
|
that can be used for teaching *security testing* and *security programming*.
|
||||||
|
|
||||||
Grade Management implements a simplistic system for managaing university grade, i.e., students
|
## Application Scenario
|
||||||
can check their marks and academics can enter marks.
|
|
||||||
|
Insecure Grade Management implements a simplistic system for managing university grades.
|
||||||
|
Students can view their grades for their lectures. Moreover, students can add comments
|
||||||
|
to the grades that can be viewed by lecturers. Thus, the applications knows three roles:
|
||||||
|
*admins*, *lecturers*, and *students*.
|
||||||
|
|
||||||
|
* *Admins* can create new students, lecturers, and other admins. Admins can create
|
||||||
|
new lectures, held by any lecturer. Admins can also create, view, and edit new
|
||||||
|
grades for all lectures and students and can create, view, and edit comments.
|
||||||
|
* *Lecturers* can create new students. They can also create new lectures that are
|
||||||
|
being held by them. Lecturers can can view grades for all students, but only enter
|
||||||
|
new grades for their own students. Lecturers can see comments for all grades,
|
||||||
|
but can not change any.
|
||||||
|
* *Students* can view their grades. For their convenience, they have the ability to filter
|
||||||
|
their grade list by a lecturer name.
|
||||||
|
|
||||||
## Setup
|
## Setup
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue