Robustness Requirements

The Robustness requirements define how the system is intended to ensure data is handled in a fault-tolerant way, and the methods in which the system should handle invalid or corrupted data. Additionally, this section covers how the system should handle fault conditions such as disk full and network outages.

Definitions

Goals

  1. To ensure the Mall on Rails system provides a reliable ecommerce platform.
  2. To alert administrators if a failure condition has occurred.

Exclusions

  1. The system may not be able to detect all forms of sign in providers being unavailable. If the sign in provider displays their own error message, this is acceptable for the fulfilment of Robustness-4.

Requirements

  1. When the store owner submits a form containing invalid input (number out of range, string too long, or other similar error), the system shall perform all of the following tasks:
    1. Re-display the form page.
    2. Highlight the field(s) that contain an error.
    3. Display a message describing the error(s).
    4. Leave all valid fields as they were when the form was submitted.
  2. The system shall be written to ensure no ORM methods are called in a way that could allow for SQL injection attacks via user-provided or user-controlled input fields.
  3. The system shall display an error message if the store owner attempts to upload a photo if their store has no remaining storage space.
  4. If a sign in provider is unavailable, the system shall display an error message and suggest that the user try again later.
  5. If a payment processor is unavailable, the system shall perform all of the following tasks:
    1. Display an error message notifying the customer that the payment processor is experiencing technical difficulties, and that their bag has been saved and that administrators have been notified.
    2. Log an error including all of the following information:
      1. The response received by the payment processor, or the system error encountered when attempting to connect to the payment processor.
      2. The Bag ID that was being sent to the payment processor.
      3. The date and time of the request.
      4. The remote IP of the customer computer that attempted to check out.