Demo Guideline

1. Assignment 02 - Demo Marking Guideline

1.1 Primary Focus During Evaluation

• Emphasis on understanding both the code and the rationale behind development decisions.
• Evaluation of the originality and authenticity of the submitted work.
• Identifying portions of the code that lack justified reasoning or appear to be implemented without clear understanding.
• A fully functional implementation does not automatically result in full marks.
• Judging the submission based on the skills and proficiency expected for Web Application Frameworks.

1.2 Understanding of Terminology

• A solid understanding of relevant technical terms is crucial.
• Although English language skills are not being assessed, students are expected to accurately understand and use terminology related to web application frameworks.
• Be mindful of the key terms covered during the lecture and practical sessions, as these reflect the expected level of familiarity.

IMPORTANT

Understanding technical terminology is crucial for interpreting the questions asked during the demonstration. Make sure to pay close attention to the terms introduced in both lectures and practical sessions. The WAF-wiki is also a valuable resource for reviewing these concepts. A lack of familiarity with key terms may result in misunderstandings during the demo, potentially affecting your performance.

1.3 Importance of Practical Sessions

• Attendance at practical sessions is strongly recommended. These sessions include valuable discussions on technologies, frameworks, and key terminology.

• The content covered in practical sessions is directly relevant to your assignments and demo assessments.

• During the practical sessions, some helpful tips for preparing for the upcoming demonstration sessions are also provided.

• Students are also encouraged to ask questions about the assignment specification or their implementation if they are uncertain about any aspect.

• For example:

  • Topics like security enhancements (e.g., CSRF) are explained in detail during practicals. If you miss a session, refer to the prac tips videos available on the wiki for a recap.
  • Demo preparation tips are also shared during practicals to help students perform confidently and effectively in their assignment demos.

  VIDEO RECORDINGS

  The video recordings available on the wiki are not full recordings of the practical sessions. These videos are intended as supplementary tips to support your practical work. However, they do not capture all the in-depth discussions and explanations provided during the sessions, so important content may be missed if you do not attend in person.

1.4 Code Understanding & Justification

• Every student is expected to fully understand and explain the code they submit.
• Do not include third-party code that you cannot explain.
• If external code is used, ensure that you can justify its necessity and demonstrate comprehension with due reference.

Third Party Sources

“Third-party sources” refer to assistance obtained from the internet (e.g., Stack Overflow, generative AI like ChatGPT, or other online resources) or help received from another person.

Academic Misconduct

Including even a single line or part of a code line from third-party sources will be considered academic misconduct. What is recommended is, referring to online resources, study the code, understand it fully, and then write your own code for your submission with due reference (you may put the reference as a comment).

This ensures that you have complete understanding of the code in case you are questioned.

1.5 Adherence to Assignment Specifications

• Submissions may strictly follow the provided specifications.
• Unspecified enhancements should be avoided unless there is a clear and justified reason for their inclusion.
• Be mindful of potential security loopholes and vulnerabilities that unspecified enhancements may introduce.
• Failure to recognize and address these issues will result in a lower score for your code understanding.
• Marks will be deducted if enhancements are included without a solid explanation.
• Simply adding enhancements does not guarantee extra marks.

Unjustified Enhancements

Unjustified enhancements may even lead to a reduction in marks, as using code from the internet without proper understanding and due reference is strictly against academic policies and, it is considered a academic misconduct! In certain cases, if we believe your code has parts you have borrowed from internet (including GenAI) your submission will be reported to the academic committe for further investigation.

---

2. Guidelines for Performing Well in the Demonstration

2.1 Explanation Guidelines

When explaining a specific line of code, you must:

• Explain what the code does.
• Explain the consequences of removing the code.
• Explain how the code works to achieve the intended functionality.
• Explain minimal changes required to slightly modify the behavior of the code.

2.2 Justifications

When asked for justifications,

• You must justify your code changes from different perspectives including:
  • Application perspective (why the change is necessary to meet the assignment’s functional requirements).
  • User perspective (usability, convenience, security, etc.).
• Consider scalability, maintainability, and long-term usability when justifying decisions.

2.3 Third-Party Sources

• Ensure you fully understand every line of code you include from third-party sources.
• Do not include any code you cannot explain, as it may result in your submission being reported to the academic committee for further investigation.
• Understand clearly what you can do and cannot do regarding third party sources.
• If you’re unsure about what you should do, consult your tutor. This is a sensitive issue that must be handled with great care.

WARNING

If you are found guilty of academic misconduct, it will not only impact your performance in this unit (WAF) but could also affect your entire degree. Please be cautious before using code from third-party sources.

IMPORTANT

This is a formal assessment. Once your demonstration is complete, you are strictly prohibited from speaking to other students or discussing any aspect of the demonstration question. You must leave the lab room immediately and are not allowed to wait outside or interact with others near the lab. Any breach of these instructions will be treated appropriately.

2.4 Preparation for the Demo

• Your marks will be based solely on the demonstration of your code, but not the the code you have written to implement the assignment. In other words, achieving 100% implementation of the assignment does not guarantee any marks unless you can successfully demonstrate your code!

• It is crucial that you thoroughly prepare for the demonstration before you attend the demonstration session.

• Be aware that each student is given a limited amount of time for the demonstration. (For Assignment 01, it is 15 minutes per student, but this may vary for other assignments).

• The allocated time must be used to assess the student on each criterion based on the marking guide. During the evaluation:

  • You will be asked 1 or 2 questions (depending on the available time) related to each criterion, and if you fail to answer, you will be marked accordingly as per the marking key.
  • If you take too long to answer a question due to lack of preparation, the assessor may move on to the next question, which will affect your score.
  • If you are late to your allocated session, the assessor may choose whether or not to proceed with the marking. It is important to understand that the assessor requires the full allocated time (e.g., 15 minutes for Assignment 01) to assess the student thoroughly. Therefore, late attendance may not be tolerated. In the worst case, you will need to contact UC to reschedule, or you may only be assessed on a limited number of criteria due to the reduced time available for late attendance.

• Typical Students Responses:

  • “I’m sorry, it’s been a while since I completed my assignment, and I barely remember the code to answer the question.”

  • “I’m sorry, I thought marks were mainly awarded for the code itself, and the demonstration was just to verify the code’s authenticity.”

  • “I’m Sorry, The code was working few hours ago, but it does not work now.”

  • “I’m Sorry, Im trying to setup the environment to get my webapp started.”

    NOT ACCEPTED

    Unfortunately, none of the above responses will be considered during marking. As a student, it is your responsibility to adequately prepare before the demonstration.

Booking a Time

• Do not remove the name once the booking is made!
• If you are unable to attend, you must send an email to Dr. Sheik (UC) as soon as you can (preferably prior to the date your booking is made).
• Please be responsible and professional when making bookings since there are a lot of students who wait to get a booking slot.
• If you do not attend your booking slot nor inform Sheik prior to the booking date, you may not receive a booking time, and in the worse case you will receive a mark of 0 for your demonstration.

---

IMPORTANT

By adhering to guidelines above, students can ensure they meet assessment criteria while demonstrating a deep understanding of web application frameworks.

---

3. Common Issues Identified in Assignment 01 Demo

3.1 User Authentication

• Some students implement user authentication as an extra feature but fail to justify the major security loopholes it introduces.
• As per the assignment specification:
  • Only superusers should be able to create categories.
  • No two users should have their own separate categories.
  • When creating a task, all users see all defined categories in the system, regardless of ownership. This becomes problematic as user-specific private categories become visible to others.
• Failing to acknowledge or explain the consequences of implementing User Authentication makes the project vulnerable to security issues and will lead to reduction of marks.
• This is why User Authentication was not required in the original specification. If you implement additional features, ensure they have solid justifications and that you fully understand the security risks and other pitfalls they introduce.

3.2 Failure to Explain the Code

• If you do not understand your own code or fail to justify changes, it suggests the code is done without knowing its true purpose.

• Failing to explain all steps involved in specific feature (e.g. implementation of custom 404 pages).

• Failing to justify why 404 and 500 error pages do not extend base.html or providing weak justifications.

• Failing to demonstrate a clear understanding of 404 and 500 errors, purpose, when and how they occur, and how to test them separately.

• Failing to explain foreign key relationships, the on_delete property, and category deletion behavior or any other additional parameters you have set (e.g., preventing tasks from being deleted when a category is removed).

• Implementing security enhancements blindly (e.g., using CSRF tokens or get_object_or_404() without understanding how they prevent XSS and SQL injection) will result in a loss of mark for poor or incomplete explanation.

• Failing to explain all the security enhancements and error handling done in the code.

• Poor understanding of CRUD operations in Django models via the admin backend (failing to explain how Create, Read, Update, and Delete work on Category and Tasks tables).

• Weak understanding of urls.py:

  • Failure to properly explain URL patterns or URL parameter mechanics.
  • Lack of justification for maintaining both local (app-level) and project-level urls.py files.

• Failing to explain function decorators used in the code (i.e. Failing to explain the @login_required decorator and its function in authentication control).

Assessment Criteria

• According to the rubric marking keys, if explanations are incomplete or unclear, marks will be deducted and you will be given the mark-key relevant to incomplete or unclear regardless of whether the code works correctly or all parts are implemented.
• Your understanding of the code is the primary focus of the assessment. Ref Here

IMPORTANT

Some students have implemented the views for the assignment using Class-Based Views (Django CBV) without fully understanding how they work. This method was not covered in the lectures or practical sessions or the wiki. If you choose to use an alternative approach for the assignment, you must ensure you have a thorough understanding of the method you’ve used. During the demonstration, many questions will likely arise if such approaches, which were not taught in the curriculum, are noticed. Failing to fully explain your code puts you at high risk of being categorized under academic misconduct.