Professional Documents
Culture Documents
0
Page 1 of 29 Date: 4/16/2008
Vendor Management
Software Design
Specification (SDS)
Prepared by
Curt Marjaniemi
4/16/2008
Vendor Management Version: 1.0
Page 2 of 29 Date: 4/16/2008
Table of Contents
1. Introduction 4
2. System Overview 4
3. Design Considerations 4
3.1. Assumptions and Dependencies 4
3.2. General Constraints 4
3.2.1. Requirements 4
3.2.2. Network Communications 4
3.2.3. Hardware Constraints 5
3.2.4. Software Requirements 5
3.3. Goals and Guidelines 5
3.4. Development Methods 5
4. Architectural Strategies 5
4.1. Architectural Style 5
5. System Architecture 6
5.1. Subsystem Architecture 6
5.1.1. Presentation Layer 6
5.1.2. Business Layer 7
5.1.3. Data Access Layer 7
6. Policies and Tactics 8
6.1. Microsoft .NET 3.5 and ASP.NET 8
6.2. Coding Conventions 8
6.3. Design Patterns 8
6.3.1. N-Tier design pattern 8
6.3.2. Provider model design pattern 8
6.4. Software Configuration Management (SCM) 8
6.5. Continuous Integration 8
7. Detailed System Design 9
7.1. Contract state machine 9
7.1.1. Contract states 9
7.1.2. Contract state transitions 10
7.2. Database Design 11
7.3. Class Diagrams 16
7.4. User Interface Design 22
7.4.1. Master Page Layouts 22
7.4.2. Themes, Style sheets, and Skins 25
8. Requirements Traceability 27
9. Appendix A – Coding Conventions 28
9.1. General Notes 28
9.2. Comments 29
9.3. Class or Struct 29
9.4. Ordering Regions 29
Vendor Management Version: 1.0
Page 3 of 29 Date: 4/16/2008
Revision History
Date Version Description Author
4/13/2008 1.0 Draft submitted to capstone project Curt Marjaniemi
committee.
Vendor Management Version: 1.0
Page 4 of 29 Date: 4/16/2008
1. Introduction
The purpose of this software design specification (SDS) document is to clearly describe the
implementation design details of the Vendor Management system and subsystems. This
document assumes that the reader has reviews the software requirements specifications (SRS)
document for the Vendor Management application.
2. System Overview
The Vendor Management application will provide a mechanism for organizations to better
manage their vendor relationships, with particular regard to monitoring and managing the risk
associated with critical vendors.
In today’s business environment, where vendors can sometimes provide essential services and
house sensitive business data, managing critical relationships with vendors is more important
than ever. In the financial sector, there is an increase in regulatory oversight surrounding proper
vendor management. The Vendor Management application specified in this document intends to
fill this business need for managing vendors and providing an audit trail for regulators.
This application was initially designed for Ent and is based upon Ent’s vendor management
policies and procedures, and industry best practices. The application is designed to be used by
multiple institutions in a hosted environment, with the intention that Ent would host this
application for use by other Credit Unions.
The application will be a web application built using the latest Microsoft technologies, ASP.NET,
C#, LINQ, and use a SQL Server 2005 backend database.
3. Design Considerations
This section describes many of the issues that will need to be addressed or resolved.
4. Architectural Strategies
4.1. Architectural Style
The system will utilize the modularity of a 3-logic tier architecture in order to separate the
concerns of these distinct functionalities (see Figure 1).
The business entities and data access layer will utilize the Microsoft Language Integrated
Query (LINQ) technology. LINQ’s builds all of the business entities based off of the design of
the database.
Test Driven Developed (TDD) is the development methodology utilized in this project.
Microsoft Test through Visual Studio 2008 will be utilized for building the unit tests that will
be used for the services layer, where the majority of the business log resides.
One of the requirements is to allow the look and feel of the application to change based on
the institution using the application. Microsoft Master Pages and themes will be used to
implement this feature.
In general the design tries to take advantage as much as possible any Microsoft functionality
available. For example the authentication, object relational mapping (ORM), navigation,
exception management, themes, and configuration management all utilize existing asp.net
technologies.
Application configuration settings will utilize the standard .NET configuration management
libraries, with the majority of the configuration settings contained in the web.config.
Common configuration settings (e.g. database connection string) are contained in a sperate
configuration file called common.config, which is shared between the web application and
the test application, since they both need the same configuration information.
Vendor Management Version: 1.0
Page 6 of 29 Date: 4/16/2008
5. System Architecture
The Vendor Management system is composed of three major logical layers (see Figure 1):
presentation layer, business layer, and data access layer.
In the Visual Studio solution for the Vendor Management application the presentation
layer is composed of the following projects:
VendorMgmt.Web – Contains the actual web site including the page definitions, images,
master pages, and style sheets.
Vendor Management Version: 1.0
Page 7 of 29 Date: 4/16/2008
The business entities are entirely created by LINQ to SQL. LINQ reads the database and
generates the business entities. For example, in the database there is a table called
Contracts, which contains all of the contract data elements. LINQ reads the database
and creates a Contract business entity, a Contracts collection, and the associations
between each of the other business entities. For example, each Contract object has an
associated contract owner. LINQ will create a property on the Contract object called
ContractOwner which is a reference to a User object.
Any specific business rules that associated to a business entity and are not represented
by the database are implemented in C # partial classes. For example, there is a business
rule that contracts over $25K need to have at least three competitive bids. This logic is
contained in the Contract partial class.
In the Visual Studio solution for the Vendor Management application the business layer
is contained in the following projects:
VendorMgmt.Services – Contains the services that the UI uses for interacting with the
data, such as the Contracts service, Vendors service, etc.
VendorMgmt.Data - Contains the LINQ data map (VendorMgmt.dbml) which is used by
LINQ to generate all of the business entities. The generated code file is
VendorMgmt.Designer.cs (this generated code file is more than 10K lines of code). This
project contains the partial classes that contain specific business entity logic.
LINQ handles all of the access to SQL, including connection management, change
tracking, transaction management, etc.
There is no specific code for the data access layer as LINQ handles this layer entirely.
support in Visual Studio 2008). LINQ reduced the size of the project by an estimated 40%
since it completed generates the business entities from the database.
In the Vendor Management application the provider design patter was mainly utilized in
the presentation layer, for a customized role and permission providers and a site map
(navigation) provider.
On this project the development is being done by a single developer, so the advantages of
continuous integration cannot be fully realized, however in the future the application may
have multiple developers working on it simultaneously.
for some reason. This is a final state. Cancelled contracts are not displayed in the
default view of the application.
7. Active – The contract is officially active. The contract official start date and termination
date (if applicable) must be set at this point.
8. Terminated/Expired – The contract has been terminated or has expired. This is a final
state.
Figure 10: Base page related classes from the VendorMgmt.Controls namespace
Vendor Management Version: 1.0
Page 18 of 29 Date: 4/16/2008
Figure 11: Web server control related classes in the VendorMgmt.Controls namespace.
Vendor Management Version: 1.0
Page 19 of 29 Date: 4/16/2008
There are two master pages that are used in the application, an authenticated master
page used for the logon and logoff pages, and the non-authenticated master page used
for all pages that are within a logged in session. The authenticated master page has two
different layouts, which are used depending on the selected theme. The three different
screen layouts are depicted below:
8. Requirements Traceability
The traceability from software requirements to the design is shown in the following table.
Table 1: Requirements traceability matrix
Design
Feature ID Description
Component
1 Manage the contract lifecycle, including contract
Contract state
submission, due diligence, approval, monitoring,
machine
renewal, and expiration.
2 Allow for multiple institutions to use the vendor Master Page
management application independently. Layouts
&Database
Design –
specifically the
InstitutionID keys
on almost all
tables
3 Provide a mechanism for recording and monitoring risk Database Design
related to a vendor contract. – specifically the
logging tables
4 Provide a mechanism for recording and tracking vendor Database Design
Vendor Management Version: 1.0
Page 28 of 29 Date: 4/16/2008
9.2. Comments
Do not write comments for every line of code and every variable declared.
Write comments wherever required. However, good readable code will require very few
comments. If all variables and method names are meaningfull, that will make the code very
readable and comments will only be required to illuminate the more complex passages.
Fewer lines of comments will make the code more elegant. However, if the code is not
clean/readable and there are inadequate comments, that is worse.
If you have to use some complex or weird logic for any reason, document it very well with
sufficient comments.
With the code regions (e.g. Private Methods, Public Methods) try to balance using the code
regions to split apart logical groups without having a code region for everything.