Assignment
Bug Tracker Portal (Secure, Dynamic, Role-Based)
Objective: (100 Marks)
Create a Flask application where users can:
1. Register and log in.
2. Add bug reports (with a title, description, and severity<Low, Medium, High>).
3. View a dashboard showing all submitted bugs.
4. Only logged-in users can submit or view bugs.
5. Use sessions to manage login state.
Strict Note:
• Do not use any database.
• Create simple but well-designed templates/pages
• Store all bugs and users in in-memory structures
• Implement form validations and session checks.
1. Role-Based Access Control (RBAC) – (40 marks)
• Two types of users: admin and user.
• Only admin can delete bug reports or see bug reports submitted by all users.
• Regular user can only see and manage their own bugs.
2. CSRF Protection – (12 marks)
• Implement CSRF tokens manually or use Flask-WTF with token validation (if
Flask-WTF allowed).
• If not using Flask-WTF, manually pass CSRF tokens in the form and validate them
on submission.
�3. Flash Messaging (12 marks)
• Flash success/failure messages (login success, bug submitted, invalid
credentials, etc.)
4. Authentication With Salted Password Hashing (12 marks)
• When users register, passwords should be stored hashed using SHA-256
• On login, hash the entered password and compare it to the stored hash.
5. Dynamic Severity-Based Colouring in Dashboard (12 marks)
• Bugs with High severity appear in red, Medium in orange, and Low in green.
6. Search Filter for Bugs ( 12 marks)
• Add a form to filter bug reports based on title or severity from the dashboard.
Basic Requirements:
Functional Routes:
• /register – register with role (admin/user)
• /login – login with session
• /dashboard – dashboard (dynamic by role)
• /add-bug – add new bug
• /delete-bug/<bug_id> – only admin can delete
• /logout – end session
