Professional Documents
Culture Documents
THOMAS JHS.
ANTWI KINGSFORD
06201076
06201198
KUMI CHARLES
06201166
YEBOAH EVANS
06201229
JUNE, 2023
DECLARATION
We hereby declare that, except for reference for other people’s work which has
been duly acknowledged, this project work consists of our own work produced
from research undertaken under the supervision and that no part has been
…………..
…………..
…………..
i
CERTIFICATION
This is to certify that the project report entitled “DESIGN AND IMPLEMENT
and work done by us and submitted in partial fulfilment of the requirement for the
ii
ACKNOWLEDGEMENT
contributed toward making it a dream come true. First and foremost, thanks be to
the Almighty God for His guidance, and protection throughout the period. We are
also grateful to our supervisor for his positive assessment, guidance and selfless
assistance.
iii
DEDICATION
We, first of all, dedicate this project to the almighty God for the knowledge,
guidance and protection throughout our tertiary education, not forgetting our
parents for their motivation and assistance, to all our loved ones who proved to be
supportive and resourceful throughout this period. Finally, our special dedication
goes to our project supervisor Mr. John Tengviel for his patience and guidance
throughout our course. We pray that the Lord will supply every need of him
iv
TABLE OF CONTENTS
DECLARATION.......................................................................................................................
CERTIFICATION...................................................................................................................
ACKNOWLEDGEMENT......................................................................................................
DEDICATION.........................................................................................................................
LIST OF FIGURES..............................................................................................................
ACCROYMS...........................................................................................................................
ABSTRACT.....................................................................................................................................
CHAPTER ONE.......................................................................................................................
INTRODUCTION....................................................................................................................
1.0 Background Study.............................................................................................1
1.2 Statement of The Problem...........................................................................3
1.3 Objective of The Study......................................................................................3
1.3.1 The General Objectives..............................................................................4
1.3.2 Specific Objectives......................................................................................4
1.4 Significance of The Study..................................................................................4
1.5 Limitations and Delimitations of The Study....................................................5
1.6 Scope of The Study.............................................................................................6
1.7 Organization of Work........................................................................................7
CHAPTER TWO.....................................................................................................................
LITERATURE REVIEW........................................................................................................
2.0 Overview.....................................................................................................................................
2.1 History of File & Document Management System Plus Role-based Access
Control......................................................................................................................9
2.2 The Failure of Traditional Document and File Management.......................13
2.3 Role-Based Access Control..............................................................................14
2.4 Access Control..................................................................................................16
2.4.1 How others have used the access control.................................................18
2.5 Electronic Document Management System....................................................19
2.5.1 Advantages of Electronic Document Management Systems..................19
2.6 Review of the Literature and Research Related to the Project.....................20
v
CHAPTER THREE...............................................................................................................
SYSTEM ANALYSIS AND DESIGN..................................................................................
3.0 Introduction......................................................................................................22
3.1 Solution Overview............................................................................................22
3.2 System Requirements......................................................................................25
3.2.1 Functional Requirement...............................................................................26
Functional Requirements:........................................................................................26
3.2.2 Non-Functional Requirements:....................................................................26
3.3 Design Specification.........................................................................................27
3.4 Design Methodology.........................................................................................28
3.4.1 Data Collection..........................................................................................30
3.4.2 System Architecture..................................................................................30
3.4.3 Unified Modeling Language (UML)........................................................31
3.4.4 Use Cases Diagram....................................................................................31
3.4.5 Data Flow Diagrams.................................................................................35
3.4.7 System Testing......................................................................................................................
3.4.8 System Implementation........................................................................................................
3.4.9 System Maintenance.............................................................................................................
3.5 System Requirements......................................................................................38
3.5.1. Hardware Requirements:........................................................................38
3.5.2. Software Requirements:..........................................................................39
3.5.3 User Interface Requirements:..................................................................39
3.5.5 Non-Functional Requirements.................................................................40
CHAPTER FOUR..................................................................................................................
PROGRAM DEVELOPMENT....................................................................................................
4.0 Introduction......................................................................................................40
4.1 Program Development Tools and Structure..................................................41
4.1.2 Programming Languages.........................................................................41
4.1.3 Development Frameworks and Libraries................................................44
4.1.4 Development Environment.......................................................................46
4.1.5 Security Mechanisms................................................................................48
2.0 System Testing..................................................................................................51
4.2.1 Testing Process..........................................................................................52
vi
4.2.2 Unit Testing...............................................................................................52
4.2.3 Integration Testing....................................................................................52
4.2.4 Sub-System Testing...................................................................................53
4.2.5 System Testing...........................................................................................53
4.2.6 Acceptance Testing....................................................................................54
4.2.7 User Interface Design................................................................................54
4.3 System Deployment..........................................................................................61
4.3.1 Deployment Architecture:........................................................................62
4.3.2 Environment and Tools Required for Deployment:...............................63
4.3.3 Deployment Type......................................................................................64
CHAPTER FIVE....................................................................................................................
SUMMARY, CONCLUSION AND RECOMMENDATION.....................................................
5.1 Summary.....................................................................................................65
5.2 Conclusion..................................................................................................66
5.3 Recommendations......................................................................................67
References...............................................................................................................................
APPENDEX............................................................................................................................
vii
LIST OF FIGURES
Figure 3. 1................................................................................................................................................
viii
ACCROYMS
JHS.-------------------------------------------------------------------------------------------------------------
ST: Saint-------------------------------------------------------------------------------------------------------
ix
UML: Unified Modeling language----------------------------------------------------------------------
x
ABSTRACT
This paper presents a files and documents management system that incorporates
documents, allowing users to easily upload, organize, and search for files. Real-
time SMS notifications are sent to users whenever new files are added, modified,
or deleted, ensuring that users are always informed about changes to their
flexibility to choose their preferred frequency and specific events for receiving
SMS alerts. The system prioritizes the security and privacy of files and user
interface that is intuitive and easy to navigate, enabling users to quickly find and
allowing the system to handle many files and users with minimal downtime or
technical issues. Analytics and reporting features are included to track file
history. Overall, the files and documents management system with SMS
Xi
CHAPTER ONE
INTRODUCTION
1.0 Background Study
Almost all information stored on a computer must be in a file or a document. Each document
is stored in the computer individually by name in what is called a file. A file is a collection of
reading list, a simple letter etc. There are many different types of files, data files, text files,
program files, directory files and so on. Different types of file stores different types of
information. For example, program file stores programs whereas text files store text.
(Abdulahi, 2014)
In today’s information age, where every success is dependent on fast storage, access control
and retrieval of information. Computer file and filing techniques have gained more attention.
Files in a programming sense are not very different from other forms of files or other
applications. The biggest difference is that in a program you access the file sequentially (you
read one line at a time starting at the beginning) and also when you can write by creating a
new file from scratch (or overwriting an existing one) or by appending to an existing one.
(Oparah, 2013)
and updating files when it comes to file sharing and access control. The structure of a file is
known to the software that manipulates it. For example, database files are made up of a series
of records, and word processing files contain the flow of text. (Oparah, 2013) Except for
ASCII text files which contain only raw text other files have proprietary structures.
Formatting and other types of information are contained in headers or interspersed throughout
the file. Most file sharing and access is carried out in storage devices like magnetic disks,
flash drives and hand disks. Optical disks are also available, and it is usually faster to access.
Software manufacturers store their software for sale on optical disks because they are
essentially preferred for applicants requiring large volumes of reference data. (Sean, 2015)
There is still a significant amount of file processing carried out using a file stored on magnetic
tape, but it is often done on mainframes computers in large commercial industries or financial
institutions. Magnet tape continues to be a backup medium, especially in its cartridge forms.
When using files, the entry of data is separated from the processing of data. Hence a file can
be created at one time and processed or used later. In fact, a file is designed to store data that
It is important also for an enterprise to develop a security system that secures the information
information system is the creation of a high-level model, independent from the software,
satisfying the needs for the protection and security of a system. One of the basic concepts of
protection models is access control. The purpose of access control to data in an information
system is to limit actions or operations that the system’s users can execute. The access control
(Discretionary Access Control) type or MAC (Mandatory Access Control) type. RBAC (Role-
Based Access Control) model based on a role concept defines the user’s access to information
based on activities that the user can perform in a system. (Gramlich, n.d.)
3
1.2 Statement of The Problem
Junior high schools face challenges in managing files and documents efficiently and securely.
The absence of an organized system leads to lost documents and potential data breaches.
Existing manual and digital solutions are inadequate. There's a need for a user-friendly file
management system with role-based access control to address these issues and enhance
accessibility, efficiency, and data security within the school environment. Some of the
1. Limited control over who can access and modify files, posing a potential risk.
The objective of the study implies, creating a system that allows for organized
storage and retrieval of files and documents with Role-based access control to ensure
that only authorized individuals have access to specific files based on their roles or
enhance security, and streamline the overall file management process at the school.
The general objective of our study is to design and implement a file and document
management system with role-based access control for a junior high school. This system aims
to improve accessibility, enhance security, and streamline the overall file management
4
process. By achieving these objectives, we can create a more efficient and secure environment
From the general objectives, the following specific objectives were derived. The study
sought to:
1. Creating a system that helps organize and manage files and documents in a more
3. Developing a system that will send a SMS notification to users whenever a new file is
shared.
2. The system will promote and protect the confidentiality, integrity and availability of
4.[5.] This research work will be equally valuable for students who may carry out similar
Every research work has its challenges. Consequently, this research had its limitations. The
major limitation of this project work was the challenge is gathering requirements for the
5
requirements were unsuccessful, as such most of the analysis and interpretations, made for this
report are based on secondary data obtained. The data could have some inherent mistakes and
errors.
Limitations of the study refer to the factors or constraints that may have influenced the
research or implementation of the File Sharing Management System with Role-Based Access
study's findings and conclusions. Here are some potential limitations to consider:
Time Constraints: The study has been conducted within a limited timeframe, which could
impact the depth and breadth of the research. The time constraints may have prevented us
from exploring all relevant aspects or conducting long-term evaluations of the system's
Technological Limitations: The study has been conducted using specific technologies,
software versions, or hardware configurations. These technological choices can influence the
User Adoption and Behavior: The success of a file sharing management system heavily
relies on user adoption and behavior. The study does not fully explore the factors influencing
user acceptance, satisfaction, and engagement with the system. User behaviors and
preferences can significantly impact the system's effectiveness and usage patterns.
Security and Privacy Considerations: While the File Sharing Management System is
designed with role-based access control and security measures, there may be inherent security
risks or vulnerabilities that were not fully explored or addressed in the study. It is essential to
6
recognize that the system's security and privacy aspects may require ongoing monitoring and
updates.
Scalability and Performance: The study may not have extensively tested the system's
scalability and performance under high user loads or increased file sizes. The system's ability
to handle a growing number of users and files, as well as its performance in resource-intensive
The main objective of this study is to identify a better way of designing and implementing a
computerized File and Document system and Role-based access control that will reduce the
problems faced by the existing system. The study is narrowed down to exams and records of
the ST. Thomas JHS School for the computation of the student database. It was the range of
perception or understanding which gave rise to the action taken in implementing the desired
The research work is organized into five chapters. Chapter one focuses primarily on the
background of the project, the objective of the study, the scope of the project, the limitation of
Chapter two concerns itself with what other researchers have done concerning the topic under
study. It reveals theories and concepts that have been generated. It focuses on the various
7
Chapter three focuses on the analysis and design of the proposed system. It recommends basic
aims that the proposed system ought to accomplish and designs how the components of the
Chapter four implements the various algorithms generated in the third chapter. It discusses
GUI design principles, design concepts, program structure, system implementation, system
testing and test results. It ensures that all objectives of the proposed systems are achieved.
Chapter five ends the study with a summary and discussions of various findings. It also
focuses on reviewing the strengths and limitations of the implemented system. Finally, it also
provides direction into the future by stating research areas associated with the study.
CHAPTER TWO
LITERATURE REVIEW
2.0 Overview
This chapter reviews some related works various scholars and researchers have postulated to
outline and explain the history of File Management Systems plus Access Control.
2.1 History of File & Document Management System Plus Role-based Access Control
File management has traditionally been split between file owners and file system
administrators manage file system configuration, backup and recovery, hardware and
performance, disk space, etc. As file systems grow in size, complexity, and criticality,
8
managing them has become increasingly complex both for file owners and file system
together information from a variety of sources, in several formats, around a specific to meet
A user can create an electronic document on a personal computer without creating a paper
document. An electronic document can be identified, taken, and stored for the internet,
intranet, and External in an electronic manner. A single electronic document can be processed
and transmitted to others on networks at the same workplace or even by users around the
One advantage of electronic documents or files is that every user doesn't need to have the
same media. An electronic file can be delivered in any format that meets the needs of the user.
Retrieving files and documents may often, as a last resort, require asking a person to deliver
them. The most sophisticated method currently applied is to use file management systems
(FMS), where the documents are stored centrally on a server and users interact with this
central repository through interfaces implemented using standard web browsers. (Egan, 2015)
Currently, it’s nearly 20 years after the beginning of the mass commercialization of the
Access control in a Document Management System (DMS) enables project managers and
system administrators to assign different access levels to users or groups. This allows them to
restrict access to specific documents or parts of the DMS to certain users or groups only.
9
To implement access control, system administrators first create user roles. These roles define
the level of access that a user or group has to the DMS. For example, a project manager may
have full access to all documents and the ability to edit them, while an engineer may only
After creating user roles, system administrators assign permissions to them. These permissions
determine the actions that a user or group can take within the DMS, such as viewing, editing,
Additionally, access control in a DMS includes measures such as password protection and
encryption. These measures ensure that only authorized users can access sensitive information
1. Data security
Access control ensures that only authorized users have access to sensitive information,
reducing the risk of data breaches or unauthorized access and maintaining data security.
2. Improved collaboration
Project managers can assign different levels of access to different users or groups. This
ensures that all team members have the right level of access to the right documents at the
By controlling who can access sensitive information, businesses can ensure compliance
with regulations such as HIPAA or GDPR. This reduces the risk of legal action.
4. Better organization
10
Access control helps to keep the DMS organized and easy to navigate. This feature
enables users to easier retrieve the documents they need. Less document retrieval and
Access control allows tracking and auditing the access to the documents, enabling the
organization to know who accesses the documents, when and what changes they made.
Summarizing
Role Base Access control is an important feature of a DMS that ensures data security and
compliance with regulations by controlling who can access sensitive information. In complex
engineering projects, access control ensures the security and organization of electronic
The concept of role-based access control (RBAC) began with multi-user and multiapplication
online systems pioneered in the 1970s. The central notion of RBAC is that permissions are
associated with roles, and users are assigned to appropriate roles. This greatly simplifies the
management of permissions. Roles are created for the various job functions in an organization
and users are assigned roles based on their responsibilities and qualifications. Users can be
easily reassigned from one role to another. Roles can be granted new permissions as new
applications and systems are incorporated, and permissions can be revoked from roles as
needed. A role is properly viewed as a semantic construct around which access control policy
is formulated. The collection of users and permissions brought together by a role is transitory.
The role is more stable because an organization's activities or functions usually change less
11
The RBAC user assignment maps the users to roles in a user session, subject to the static and
dynamic separation of duty constraints. The roles available to a user are specified by an
administrator in an RBAC policy, while roles are activated by users in a session. Permission
assignment defines the privileges associated with roles for each operation on an object in the
system. Permissions are defined as an access control matrix for all operation-object pairs
documents reside when the user has finished with them. Most users bypass or ignore the
organizational rules about filing documents with the records Centre file rooms. Once the user
has obtained the document important to their activity, they tend to hoard the information. At
most, they will wrap up all the records associated with a project after the activity. There is no
value added in request, receipt, and disposition systems for documents in file folders that are
traceability, possible loss, information fragmentation, and not accessibility of the information.
Furthermore, the increased volume of document production and its distribution through
electronic mail systems have aggravated problems in document security, control, tracking and
retrieval.
The following features of the current document management system attempt to restructure this
12
Practically all the information shared in an individual organization is expressed in
documents.
Most of the newly created documents are in digital formats, and in many cases, older
The concept of role-based access control (RBAC) began with multi-user and multiapplication
online systems pioneered in the 1970s. The central notion of RBAC is that permissions are
associated with roles, and users are assigned to appropriate roles. This greatly simplifies the
management of permissions. Roles are created for the various job functions in an organization
and users are assigned roles based on their responsibilities and qualifications. Users can be
easily reassigned from one role to another. Roles can be granted new permissions as new
applications and systems are incorporated, and permissions can be revoked from roles as
According to the recently proposed NIST RBAC standard, the basic concept of RBAC is that
users and permissions are assigned to roles, and users acquire permissions by being members
of roles. The same user can be a part of multiple roles and a role may have multiple users.
Therefore, there is a many-to-many relationship between users and roles. Hierarchical RBAC
adds requirements for supporting role hierarchies, whereby senior roles acquire the
permissions of the juniors, and junior roles acquire the user membership of seniors. The
13
RBAC user assignment maps the users to roles in a user session, subject to the static and
dynamic separation of duty constraints. The roles available to a user are specified by an
administrator in an RBAC policy, while roles are activated by users in a session. Permission
assignment defines the privileges associated with roles for each operation on an object in the
system. Permissions are defined as an access control matrix for all operation-object pairs
commercially successful access control systems for mainframes implement roles for security
administration. For example, an operator role could access all resources but not change access
permissions, a security-officer role could change permissions but have no access to resources,
and an auditor role could access audit trails. This administrative use of roles is also found in
modern network operating systems, e.g., Novell's NetWare and Microsoft Windows NT.
(Shettar, n.d.)
A recent resurgence of interest in RBAC has focused on general support of RBAC at the
application level. In the past, and today, specific applications have been built with RBAC
encoded within the application itself. Existing operating systems and environments provide
little support for the application-level use of RBAC. Such support is beginning to emerge in
flexible, yet simple to implement and use, to support a wide range of applications with
Access control refers to the practice of regulating and managing access to resources, systems,
14
that only authorized individuals or entities can access and perform specific actions on
resources.
In the context of a file sharing management system with role-based access control, access
control mechanisms are implemented to control user access to files and system functionalities.
attempting to access the system. It involves the use of credentials, such as usernames and
passwords, biometric data, or cryptographic keys. By authenticating users, the system ensures
perform once they are authenticated. It involves assigning specific permissions or privileges to
users based on their roles, responsibilities, or other attributes. Authorization ensures that users
can only perform actions that are appropriate for their level of access.
Role-Based Access Control (RBAC): RBAC is a widely used access control model that
organizes users into roles and assigns permissions to those roles. Users are then assigned
specific roles, and their access rights are determined by the permissions associated with their
roles. RBAC simplifies access control management by grouping users with similar access
requirements.
Access Control Lists (ACLs): ACLs are a mechanism for defining access permissions on a
per-user or per-resource basis. They list the permissions associated with each user or resource
and dictate what actions can be performed. ACLs are commonly used for fine-grained control
15
Privilege Escalation: Privilege escalation refers to the process of gaining higher levels of
access or permissions than initially granted. Systems should have safeguards in place to
prevent unauthorized privilege escalation and ensure that users can only access resources or
Least Privilege Principle: The least privilege principle states that users should be granted the
minimum level of access required to perform their tasks. This principle reduces the risk of
principle, organizations can limit the potential damage caused by compromised accounts or
insider threats.
Access Revocation: Access revocation involves removing or modifying a user's access rights
when they no longer require them or when their roles or responsibilities change. It is
important to promptly revoke access to ensure that former users or employees cannot continue
to access resources.
Audit and Monitoring: Access control systems should incorporate logging and monitoring
mechanisms to track user access and activities. This enables organizations to detect and
investigate any suspicious or unauthorized access attempts and maintain an audit trail for
compliance purposes.
confidentiality, integrity, and availability of their resources while mitigating the risks
16
2.4.1 How others have used the access control.
One common use of access control in Snapchat is setting up a password or authentication for
in-app purchases. This allows users to control who has permission to make purchases within
Another use of access control in Snapchat is the "Restrict Sensitive Content" feature, which
allows parents in the Family Center program to limit the content their teens see in the Stories
and Spotlight sections of Snapchat. This feature helps to ensure that young users are not
Snapchat also provides options for users to control who can contact them, depending on their
age and preferences. For example, users can choose to only receive messages from friends, or
they can set up a "Quick Add" feature to allow others to easily add them as a friend.
Overall, access control is an important aspect of Snapchat that helps users to control who has
access to their content and what content they can access. By implementing strong access
controls, Snapchat can help to protect the privacy and security of its users.
Any company will one day feel a need for some kind of electronic document plus a Role-
based Access Control system (DRBACS) to control their ever-increasing number of various
Companies often resist ‘this urge’ and are deterred by the costs and complexity involved in
practices, although most technical aspects are resolved by the adoption of low-cost databases
and easier integration with the Windows environment. A useful DRBACS should not only
17
control documents but also provides access to them throughout the company and even to
clients or ether participants of the project via the Internet or Extranet. A DRBACS should also
centralize data in an easily accessible environment, allowing users or admins to store, access,
Furthermore, the task of managing all the information needed to design and construct any
major facility is a real challenge, and many believe that more efficient information
management is a primary mechanism for the construction industry to increase its productivity.
(Egan, 2015)
Management Systems.
Many companies use EDMS to standardize the way information is for anybody with correct
privileges to find and access the document they want. An EDMS helps users to perform their
work easier and provides the company with security, data reliability, and work process
management. Many of these features eventually save time, simplify work, protect the
investment made in creating these documents, enforce quality standards, enable an audit trail
18
Provision of document editing and mark-up tools.
In terms of literature and research related to file and document management systems with
role-based access control, there are several studies that have been conducted on this topic.
Many of these studies have focused on the benefits of implementing such a system, including
increased efficiency, improved security, and better collaboration among team members.
One study, published in the International Journal of Computer Science and Mobile
Computing, found that implementing a role-based access control system in a file and
document management system helped to improve security and reduce the risk of data
breaches. Another study, published in the Journal of Information Science and Technology,
found that implementing a file and document management system with role-based access
control helped to improve collaboration among team members and increase productivity.
Other studies have focused on the technical aspects of such a system, including the design and
implementation of the access control model. For example, a study published in the Journal of
Computer Science and Technology found that a hybrid access control model, which combines
mandatory access control and role-based access control, was effective in controlling access to
sensitive data.
Overall, the literature and research on file and document management systems with role-based
access control suggest that these systems are effective in improving security, collaboration,
and productivity. However, it's important to carefully design and implement the system to
ensure that it meets the needs of the users and the requirements of the organization.
19
CHAPTER THREE
3.0 Introduction
This chapter discusses the requirement capture analysis which includes fact-finding, the
functional requirement. The minimum requirements required for the project are also spelled
out. Fact-finding will discuss the information gathered to develop the system.
The File & Document Management System with Role-Based Access Control is designed to
provide a secure and efficient platform for managing files and documents within an
organization. It offers a centralized repository for file storage, collaboration, and controlled
access based on user roles and permissions. The solution aims to streamline file manag
20
ANTWI KINGSFORD
KUMI CHARLES
YEBOAH EVANS
June, 2023
21
FILE MANAGEMENT SYSTEM WITH ROLE-BASED ACCESS CONTROL
ANTWI KINGSFORD
06201076
06201198
KUMI CHARLES
06201166
YEBOAH EVANS
06201229
JUNE, 2023
22
DECLARATION
We hereby declare that, except for reference for other people’s work which has been duly
acknowledged, this project work consists of our own work produced from research undertaken
under the supervision and that no part has been presented from any degree elsewhere.
i
CERTIFICATION
This is to certify that the project report entitled “FILE MANAGEMENT SYSTEM WITH
submitted in partial fulfilment of the requirement for the HIGHER NATIONAL DIPLOMA in
ii
ACKNOWLEDGEMENT
We are grateful to everyone who in different phases of this project work contributed toward
making it a dream come true. First and foremost, thanks be to the Almighty God for His
guidance, and protection throughout the period. We are also grateful to our supervisor for his
iii
DEDICATION
We, first of all, dedicate this project to the almighty God for the knowledge, guidance and
protection throughout our tertiary education, not forgetting our parents for their motivation
and assistance, to all our loved ones who proved to be supportive and resourceful throughout
this period. Finally, our special dedication goes to our project supervisor Mr. John Tengviel
for his patience and guidance throughout our course. We pray that the Lord will supply every
iv
TABLE OF CONTENTS
DECLARATION.......................................................................................................................i
CERTIFICATION...................................................................................................................ii
ACKNOWLEDGEMENT......................................................................................................iii
DEDICATION.........................................................................................................................iv
LIST OF FIGURES..............................................................................................................viii
ABSTRACT.....................................................................................................................................ix
CHAPTER ONE.......................................................................................................................1
1 INTRODUCTION............................................................................................................1
1.1 Background Study...............................................................................................................1
1.2 Statement of The Problem...................................................................................................2
1.3 The Objective of The Study.................................................................................................3
1.3.1 The General Objectives.................................................................................................3
1.3.2 The Specific Objectives.................................................................................................3
1.4 Significance of The Study....................................................................................................4
1.5 Limitations and Delimitations of The Study......................................................................4
1.6 Scope of The Study..............................................................................................................6
1.7 Organization of Work.........................................................................................................6
CHAPTER TWO.....................................................................................................................8
2 LITERATURE REVIEW................................................................................................8
2.1 Overview...............................................................................................................................8
2.2 History of File Management System Plus Role-based Access Control.............................8
2.3 The Failure of Traditional Document and File Management.........................................11
2.4 Role-Based Access Control................................................................................................12
2.5 Access Control....................................................................................................................14
2.5.1 How others have used the access control...................................................................16
2.6 Electronic Document Management System.....................................................................17
2.6.1 Advantages of Electronic Document Management Systems....................................17
2.7 Review of the Literature and Research Related to the Project......................................18
CHAPTER THREE...............................................................................................................20
3 SYSTEM ANALYSIS AND DESIGN...........................................................................20
3.1 Introduction.......................................................................................................................20
v
3.2 Solution Overview..............................................................................................................20
3.3 System Requirements........................................................................................................23
3.3.1 Functional Requirement.............................................................................................23
3.3.2 Functional Requirements:..........................................................................................23
3.3.3 Non-Functional Requirements:..................................................................................23
3.4 Design Specification...........................................................................................................24
3.5 Design Methodology..........................................................................................................25
3.5.1 Data Collection............................................................................................................27
3.5.2 System Architecture....................................................................................................27
3.5.3 Unified Modeling Language (UML)...........................................................................28
3.5.4 Use Cases Diagram......................................................................................................28
3.5.5 Data Flow Diagrams....................................................................................................31
3.5.6 System Testing.............................................................................................................33
3.5.7 System Implementation..............................................................................................33
3.5.8 System Maintenance...................................................................................................34
3.6 System Requirements........................................................................................................34
3.6.1 Hardware Requirements:...........................................................................................34
3.6.2 Software Requirements:.............................................................................................34
3.6.3 User Interface Requirements:....................................................................................35
3.6.4 Security Requirements:..............................................................................................35
3.6.5 Non-Functional Requirements...................................................................................35
CHAPTER FOUR..................................................................................................................36
4 SYSTEM DEVELOPMENT, TESTING AND DEPLOYMENT...............................36
4.1 Introduction.......................................................................................................................36
4.2 Program Development Tools and Structure....................................................................36
4.2.1 Programming Languages............................................................................................37
4.2.2 Development Frameworks and Libraries..................................................................39
4.2.3 Development Environment.........................................................................................41
4.2.4 Security Mechanisms..................................................................................................43
4.3 System Testing...................................................................................................................45
4.3.1 Testing Process............................................................................................................46
4.3.2 Unit Testing.................................................................................................................46
4.3.3 Integration Testing......................................................................................................46
vi
4.3.4 Sub-System Testing.....................................................................................................47
4.3.5 System Testing.............................................................................................................47
4.3.6 Acceptance Testing......................................................................................................48
4.3.7 User Interface Design..................................................................................................48
4.4 System Deployment............................................................................................................54
4.4.1 Deployment Architecture:..........................................................................................54
4.4.2 Environment and Tools Required for Deployment:.................................................55
4.4.3 Deployment Type........................................................................................................56
CHAPTER FIVE....................................................................................................................58
5 SUMMARY, CONCLUSION AND RECOMMENDATION.....................................58
5.1 Summary..........................................................................................................................58
5.2 Conclusion.......................................................................................................................58
5.3 Recommendations...........................................................................................................59
References...............................................................................................................................60
6 APPENDIX......................................................................................................................61
vii
LIST OF FIGURES
Figure 3. 1 Rapid Application Development (RAD)..............................................................................25
Figure 3. 2 Tier Architecture System....................................................................................................28
Figure 3. 3 Use case function for the User...........................................................................................30
Figure 3. 4 Use case Function for the Administrators..........................................................................31
Figure 3. 5 Data flow of the system.....................................................................................................32
Figure 3. 6 Flowchart diagram of the system......................................................................................33
viii
ABSTRACT
This project presents a file management system that incorporates SMS notification alerts to
improve the organization and accessibility of files. The system aims to provide efficient and
convenient management of files and documents, allowing users to easily upload, organize, and
search for files. Real-time SMS notifications are sent to users whenever new files are added,
modified, or deleted, ensuring that users are always informed about changes to their
documents. Customizable notification settings are provided, giving users the flexibility to
choose their preferred frequency and specific events for receiving SMS alerts. The system
prioritizes the security and privacy of files and user information, implementing robust security
communication channels, such as email or instant messaging, is also supported. The system
features a user-friendly interface that is intuitive and easy to navigate, enabling users to
quickly find and manage their files. Scalability and reliability are important considerations,
allowing the system to handle many files and users with minimal downtime or technical
issues. Analytics and reporting features are included to track file management activities,
providing insights into usage patterns and document history. Overall, the file management
ix
CHAPTER ONE
INTRODUCTION
3.5.1 Background Study
program, a database, a desertion, a reading list, a simple letter etc. There are many
different types of files, data files, text files, program files, directory files and so
on. Different types of file stores different types of information. For example,
program files store programs whereas text files store text. (Abdulahi, 2014)
control and retrieval of information. Computer file and filing techniques have
gained more attention. Files in a programming sense are not very different from
program you access the file sequentially (you read one line at a time starting at the
beginning) and you can write by creating a new file from scratch (or overwriting
creating, editing, and updating files when it comes to file sharing and access
control. The structure of a file is known to the software that manipulates it. For
example, database files are made up of a series of records, and word processing
files contain the flow of text. (Oparah, 2013) Except for ASCII text files which
contain only raw text other files have proprietary structures. Formatting and other
i
types of information are contained in headers or interspersed throughout the file.
Most file sharing and access is carried out in storage devices like magnetic disks,
flash drives and hand disks. Optical disks are also available, and it is usually
faster to access. Software manufacturers store their software for sale on optical
disks because they are essentially preferred for applicants requiring large volumes
There is still a significant amount of file processing carried out using a file stored
backup medium, especially in its cartridge forms. When using files, the entry of
data is separated from the processing of data. Hence a file can be created at one
time and processed or used later. In fact, a file is designed to store data that can
It is important also for an enterprise to develop a security system that secures the
independent from the software, satisfying the needs for the protection and security
of a system. One of the basic concepts of protection models is access control. The
operations that the system’s users can execute. The access control based on role
2
RBAC (Role-Based Access Control) model based on a role concept defines the
user’s access to information based on activities that the user can perform in a
Junior high schools face challenges in managing files and documents efficiently
and securely. The absence of an organized system leads to lost documents and
potential data breaches. Existing manual and digital solutions are inadequate.
There's a need for a user-friendly file management system with role-based access
control to address these issues and enhance accessibility, efficiency, and data
security within the school environment. Some of the challenges associated with
5. Limited control over who can access and modify files, posing a potential risk.
disorganized system.
The objective of the study implies, creating a system that allows for organized
storage and retrieval of files and documents with Role-based access control to
ensure that only authorized individuals have access to specific files based on their
3
accessibility, enhance security, and streamline the overall file management
The general objective of our study is to develop a file management system with
role-based access control for a junior high school. This system aims to improve
process. By achieving these objectives, we can create a more efficient and secure
From the general objectives, the following specific objectives were derived. The
4. Creating a system that helps organize and manage files and documents
5.[6.] It will help to solve the problem faced by the administrative department.
6.[7.] The system will promote and protect the confidentiality, integrity and
4
7.[8.] To reduce the workload or pile of files in the administrative sector.
9.[10.] This research work will be equally valuable for students who may
Every research work has its challenges. Consequently, this research had its
limitations. The major limitation of this project work was the challenge is
gathering requirements for the system. Several attempts to reach the administrator
of the analysis and interpretations, made for this report are based on secondary
data obtained. The data could have some inherent mistakes and errors.
Limitations of the study refer to the factors or constraints that may have
a balanced perspective on the study's findings and conclusions. Here are some
Time Constraints: The study has been conducted within a limited timeframe,
which could impact the depth and breadth of the research. The time constraints
may have prevented us from exploring all relevant aspects or conducting long-
5
choices can influence the system's functionality, performance, and security. It is
User Adoption and Behavior: The success of a file management system heavily
relies on user adoption and behavior. The study does not fully explore the factors
influencing user acceptance, satisfaction, and engagement with the system. User
behaviors and preferences can significantly impact the system's effectiveness and
usage patterns.
designed with role-based access control and security measures, there may be
inherent security risks or vulnerabilities that were not fully explored or addressed
in the study. It is essential to recognize that the system's security and privacy
Scalability and Performance: The study may not have extensively tested the
system's scalability and performance under high user loads or increased file sizes.
The system's ability to handle a growing number of users and files, as well as its
The main objective of this study is to identify a better way of developing a File
management system and Role-based access control that will reduce the problems
faced by the existing (Manual) system. The study is narrowed down to exams and
records of the ST. Thomas JHS School for the computation of the student
6
database. It was the range of perception or understanding that gave rise to the
files.
The research work is organized into five chapters. Chapter one focuses primarily
on the background of the project, the objective of the study, the scope of the
project, the limitations of the project, and the goals and significance of the project.
Chapter two concerns itself with what other researchers have done concerning the
topic under study. It reveals theories and concepts that have been generated. It
Chapter three focuses on the analysis and design of the proposed system. It
recommends basic aims that the proposed system ought to accomplish and
designs how the components of the system interact to carry out the system's
functions.
Chapter four implements the various algorithms generated in the third chapter. It
implementation, system testing and test results. It ensures that all objectives of the
Chapter five ends the study with a summary and discussions of various findings.
system. Finally, it also provides direction into the future by stating research areas
7
CHAPTER TWO
LITERATURE REVIEW
3.5.8 2.0 Overview
This chapter reviews some related works various scholars and researchers have
postulated to outline and explain the history of File Management Systems plus
Access Control.
8
3.5.9 2.1 History of File Management System Plus Role-based Access Control
File management has traditionally been split between file owners and file system
and performance, disk space, etc. As file systems grow in size, complexity, and
criticality, managing them has become increasingly complex both for file owners
and file system administrators. (Anders & Hejlsberg Mads Torgersen, Scott
Wiltamuth, 2015)
a paper document. An electronic document can be identified, taken, and stored for
workplace or even by users around the world via the Internet. (Sun’s & Aouad’s,
2014)
One advantage of electronic documents or files is that every user doesn't need to
have the same media. An electronic file can be delivered in any format that meets
Retrieving files and documents may often, as a last resort, require asking a person
to deliver them. The most sophisticated method currently applied is to use file
9
management systems (FMS), where the documents are stored centrally on a server
and users interact with this central repository through interfaces implemented
Currently, it’s nearly 20 years after the beginning of the mass commercialization
groups. This allows them to restrict access to specific documents or parts of the
To implement access control, system administrators first create user roles. These
roles define the level of access that a user or group has to the DMS. For example,
a project manager may have full access to all documents and the ability to edit
them, while an engineer may only have access to certain documents and the
After creating user roles, system administrators assign permissions to them. These
permissions determine the actions that a user or group can take within the DMS,
protection and encryption. These measures ensure that only authorized users can
access sensitive information and that the data is protected from external threats.
10
6. Data security
Access control ensures that only authorized users have access to sensitive
7. Improved collaboration
groups. This ensures that all team members have the right level of access to
the right documents at the right time, which enables them to work together
more efficiently.
compliance with regulations such as HIPAA or GDPR. This reduces the risk
of legal action.
9. Better organization
Access control helps to keep the DMS organized and easy to navigate. This
feature enables users to retrieve the documents they need. Less document
Access control allows tracking and auditing the access to the documents,
enabling the organization to know who accesses the documents, when and
Summarizing
11
Role Base Access control is an important feature of a DMS that ensures data
security and compliance with regulations by controlling who can access sensitive
The concept of role-based access control (RBAC) began with multi-user and
RBAC is that permissions are associated with roles, and users are assigned to
are created for the various job functions in an organization and users are assigned
reassigned from one role to another. Roles can be granted new permissions as new
applications and systems are incorporated, and permissions can be revoked from
Dheya, 2015)
The RBAC user assignment maps the users to roles in a user session, subject to
the static and dynamic separation of duty constraints. The roles available to a user
roles for each operation on an object in the system. Permissions are defined as an
12
access control matrix for all operation-object pairs where RBAC is applied. (Of &
Applications, 2011)
where documents reside when the user has finished with them. Most users bypass
or ignore the organizational rules about filing documents with the records Centre
file rooms. Once the user has obtained the document important to their activity,
they tend to hoard the information. At most, they will wrap up all the records
associated with a project after the activity. There is no value added in request,
receipt, and disposition systems for documents in file folders that are not
expressed in documents.
13
Most of the newly created documents are in digital formats, and in many
enterprise.
The concept of role-based access control (RBAC) began with multi-user and
RBAC is that permissions are associated with roles, and users are assigned to
are created for the various job functions in an organization and users are assigned
reassigned from one role to another. Roles can be granted new permissions as new
applications and systems are incorporated, and permissions can be revoked from
According to the recently proposed NIST RBAC standard, the basic concept of
RBAC is that users and permissions are assigned to roles, and users acquire
permissions by being members of roles. The same user can be a part of multiple
roles and a role may have multiple users. Therefore, there is a many-to-many
relationship between users and roles. Hierarchical RBAC adds requirements for
supporting role hierarchies, whereby senior roles acquire the permissions of the
14
juniors, and junior roles acquire the user membership of seniors. The RBAC user
assignment maps the users to roles in a user session, subject to the static and
dynamic separation of duty constraints. The roles available to a user are specified
session. Permission assignment defines the privileges associated with roles for
control matrix for all operation-object pairs where RBAC is applied. (Shettar,
n.d.)
roles for security administration. For example, an operator role could access all
resources but not change access permissions, a security-officer role could change
permissions but have no access to resources, and an auditor role could access
audit trails. This administrative use of roles is also found in modern network
operating systems, e.g., Novell's NetWare and Microsoft Windows NT. (Shettar,
n.d.)
at the application level. In the past, and today, specific applications have been
built with RBAC encoded within the application itself. Existing operating systems
and environments provide little support for the application-level use of RBAC.
15
implement and use, to support a wide range of applications with minimal
information security and ensures that only authorized individuals or entities can
In the context of a file management system with role-based access control, access
control mechanisms are implemented to control user access to files and system
or entities attempting to access the system. It involves the use of credentials, such
authenticating users, the system ensures that only authorized individuals can
attributes. Authorization ensures that users can only perform actions that are
model that organizes users into roles and assigns permissions to those roles. Users
16
are then assigned specific roles, and their access rights are determined by the
Access Control Lists (ACLs): ACLs are a mechanism for defining access
associated with each user or resource and dictate what actions can be performed.
ACLs are commonly used for fine-grained control over access to individual files
or directories.
users can only access resources or perform actions that are explicitly authorized.
Least Privilege Principle: The least privilege principle states that users should be
granted the minimum level of access required to perform their tasks. This
resources. By following the least privilege principle, organizations can limit the
access rights when they no longer require them or when their roles or
17
Audit and Monitoring: Access control systems should incorporate logging and
authentication for in-app purchases. This allows users to control who has
spending.
feature, which allows parents in the Family Center program to limit the content
their teens see in the Stories and Spotlight sections of Snapchat. This feature helps
Snapchat also provides options for users to control who can contact them,
depending on their age and preferences. For example, users can choose to only
receive messages from friends, or they can set up a "Quick Add" feature to allow
Overall, access control is an important aspect of Snapchat that helps users control
who has access to their content and what content they can access. By
18
implementing strong access controls, Snapchat can help to protect the privacy and
Any company will one day feel a need for some kind of electronic document plus
Companies often resist ‘this urge’ and are deterred by the costs and complexity
major change in working practices, although most technical aspects are resolved
by the adoption of low-cost databases and easier integration with the Windows
environment. A useful DRBACS should not only control documents but also
provide access to them throughout the company and even to clients or ether
participants of the project via the Internet or Extranet. A DRBACS should also
Furthermore, the task of managing all the information needed to design and
construct any major facility is a real challenge, and many believe that more
19
2.5.1 Advantages of Electronic Document Management Systems
Many companies use EDMS to standardize the way information is for anybody
with correct privileges to find and access the document they want. An EDMS
helps users perform their work more easily and provides the company with
security, data reliability, and work process management. Many of these features
eventually save time, simplify work, protect the investment made in creating these
format.
based access control, several studies have been conducted on this topic. Many of
team members.
in a file and document management system helped to improve security and reduce
20
the risk of data breaches. Another study, published in the Journal of Information
Science and Technology, found that implementing a file management system with
Other studies have focused on the technical aspects of such a system, including
the design and implementation of the access control model. For example, a study
published in the Journal of Computer Science and Technology found that a hybrid
access control model, which combines mandatory access control and role-based
Overall, the literature and research on file management systems with role-based
access control suggest that these systems are effective in improving security,
implement the system to ensure that it meets the needs of the users and the
21
CHAPTER THREE
SYSTEM ANALYSIS AND DESIGN
3.5.14 3.1 Introduction
This chapter discusses the requirement capture analysis which includes fact-
the project are also spelled out. Fact-finding will discuss the information gathered
provide a secure and efficient platform for managing files and documents within
and controlled access based on user roles and permissions. The solution aims to
User Management: The system allows users to register and create accounts with
22
File Upload and Storage: Users can upload files to the system, which are
where each user is assigned specific roles and associated permissions. Access to
ensuring that users only have access to relevant files and actions.
File Sharing and Collaboration: Users can share files with other users or groups
within the system. Permissions can be assigned to control the level of access
(read, write, delete) for shared files. Collaboration features such as commenting,
version control, and real-time editing may be available to facilitate teamwork and
document collaboration.
Search and Retrieval: The system provides robust search capabilities, allowing
users to search for files based on various criteria such as file name, tags, or
metadata. This ensures quick and efficient retrieval of files, even in large
repositories.
Notifications and Alerts: Users receive notifications and alerts for relevant
system events, such as file updates, shared file invitations, or access attempts.
This keeps users informed and helps them stay up to date with file activities and
23
control policies. User access is monitored and audited to identify any suspicious
Performance and Scalability: The system is designed to handle many users and
Usability: The user interface of the system is designed to be intuitive and user-
friendly, requiring minimal training for users to navigate and perform tasks
efficiently.
Benefits:
Improved File Organization: The system provides a centralized location for
storing and organizing files, eliminating the need for manual file management,
ensure that files are accessed only by authorized users, minimizing the risk of data
Time and Cost Savings: The system streamlines file management processes,
reducing the time spent searching for files and enabling efficient document
sharing and collaboration. This leads to increased productivity and cost savings.
24
Compliance and Auditability: The system maintains an audit trail of user
can enhance productivity, improve data security, and streamline their file
management processes.
This section discusses the system requirements. This includes both the functional
2. File Sharing: The system should allow users to share files with other users.
3. Access Control: The system should enforce access control policies to ensure
that users can only access files that they are authorized to access.
5. Audit Logs: The system should generate audit logs to track user activity,
25
6. Encryption: The system should encrypt files during transmission and storage to
7. SMS notification alert: The system should alert the user/receiver when a file is been
shared
protect against unauthorized access, data breaches, and other security threats.
and operating systems to ensure that users can access the system from any device.
6. Usability: The system should be easy to use, with an intuitive user interface
To build a system that best meets the specific user requirements, prototyping is
One of the key benefits of RAD is that it allows developers to quickly build and
test working prototypes of the system, which can help identify issues and bugs
early in the development process. This can save time and money compared to
RAD also emphasizes user involvement, which can help to ensure that the system
meets the needs of its users. By getting feedback from users early and often,
developers can make sure that the system is meeting user needs throughout the
development process.
Another benefit of RAD is that it allows for a more flexible and adaptable
approach to development. The iterative nature of RAD means that the system can
27
Figure 3. 1 Rapid Application Development (RAD)
3.5.18 3.5 Design Methodology
prototype is reached. It also establishes a base to produce the final system. There
because it is the proper method mostly used for web development. Extreme
high level, it divides web development into three distinct phases. The first stage is
the static prototype, which consists of HTML pages and possibly a logical data
model that supports those pages. The second stage is a coding process in your
chosen web framework where the screens are fully functional using an emulation
services layer. The third stage is where the services are performed. When
designing our system using extreme prototyping methodology, it may follow the
28
The prototyping model begins with the requirements analysis. In this phase, the
system requirements were defined in detail. During the process, a select group of
users of the system were involved to find out what their expectations of the
The second phase is a preliminary design or a quick design. In this stage, a simple
design of the
system was created which will give a brief idea of the system.
In this phase, an actual prototype was designed based on the information gathered
from the rapid design which was a small work model of the requirement.
At this stage, the proposed system was tested and evaluated. This made it possible
to discover the strengths and weaknesses of the working model. Comments and
Based on the user’s satisfaction, we refined the prototype according to the user's
feedback and suggestions. This phase was not over until all the requirements
Once the final system was developed based on the final prototype, it was
29
3.5.1 Data Collection
Survey analysis was done for which future ten (10) users will be using the
application, and a set of survey interviews was carried out to study their opinions
In other words, its purpose is to create a technical solution that satisfies the
system's functional requirements. The various models will be designed along with
their respective detailed diagrams and flow charts. The system design implements
the client, server, and Database all reside on the same machine. A simple one-tier
architecture example would be anytime you install a Database in your system and
production.
30
3.5.3 Unified Modeling Language (UML)
UML (Unified Modeling Language) is a standard notation for the modeling of
methodology. They were used to develop the mobile hospital record management
system.
Actors: User
Description: The user creates a new account in the system by providing the
User Authentication:
Actors: User
Actors: User
Use Cases:
View File: Enables users to view files and documents stored in the system.
Folder Management:
31
Actors: User
Use Cases:
Create Folder: Allows users to create new folders to organize their files.
Delete Folder: Allows users to remove folders and their contents from the system.
Actors: User
Use Cases:
Share File/Folder: Allows users to share files or folders with other users.
Set Permissions: Enables users to set access permissions for shared files or
folders.
Role Management:
Actors: Administrator
Use Cases:
Create Role: Enables administrators to create new roles with specific permissions.
responsibilities.
Remove Role: Allows administrators to delete roles that are no longer needed.
Register Account
Collaborate
Login
Upload files32
View files
Edit files
Figure 3. 3 Use case function for the User
System Administration:
Actors: Administrator
Use Cases:
Audit Trail: Provides administrators with the ability to track and review user
Create role
Administrators
Assign role
Update role
Remove role
User Management
Permission management
-
Audit trail
33
Figure 3. 4 Use case Function for the Administrators
In this use case diagram, the main actors are the "User" and "Administrator." The
User actor can perform actions such as registering an account, logging in,
data within a system or process. They illustrate how data moves from one process
entities. DFDs are useful for understanding the system's data flow and identifying
In this high-level DFD, the User interacts with the System, which represents the
System.
+-----------------+
| User |
+--------+--------+
+--------v--------+
| System |
34
+--------+--------+
+--------v--------+
| Data Store |
+--------+--------+
The Data Store represents the storage of files, documents, user information, roles,
and permissions.
35
Figure 3. 6 Flowchart diagram of the system
3.6 System Testing
This phase allows individual units and modules to be tested to determine if the
system solution meets the set of business goals and if it performs as exported. The
researchers first tested each module for its functionality and later brought together
all components and subsystems of the development modules and made the whole
System Implementation
This stage concludes the product into a productive environment after it is given
the green light from the System tester. During this stage, the project is released to
This is the final phase of the SDLC where the end-user fine-tunes the system as
new requirements brought to the table by the client or user. The researcher must
to ensure the smooth functioning of the system. Here are the key system
requirements:
36
3.6.1 Hardware Requirements:
better performance).
efficiency).
being managed.
Network: Stable network connectivity to enable user access and data transfer.
Web Server: Install a web server (e.g., Apache, Nginx) to host the system.
Database: A suitable database for the system is MySQL, for data storage and
retrieval.
Web Browser Compatibility: Ensure that the system supports major web
browsers (e.g., Chrome, Firefox, Safari, Edge) and their latest versions.
37
3.6.4 Security Requirements:
ensure data integrity and establish a recovery plan in case of data loss.
should possess rather than specific functionalities. They are often related to
performance, usability, reliability, security, and other aspects that impact the
38
CHAPTER FOUR
SYSTEM DEVELOPMENT, TESTING AND
DEPLOYMENT
4.1 Introduction
for organizations of all sizes and domains. The need to maintain order, security,
and accessibility of critical data has never been more essential. In this section, we
delve into the intricacies of our system's approach to file and document
(RBAC). This chapter throws light on the description of the Program design and
structure which includes modules, forms etc.), the real implementation of the
Evaluation of the software product and showing how it arises from the design,
illustrating examples from the output, and some snapshots from the system. The
system will be successful if it delivers the expectations and functions that have
components are client-side and server-side. These two major components contain
various modules and components that communicate with each other to make the
chat application work. The client-side also known as the front-end component is
responsible for all the technologies and frameworks that make up the graphical
39
user interface (GUI) with which the user sees and interacts with. The other major
responsible for all the backend processes and protocols that will facilitate the
JavaScript) for your project, you can specify their roles as follows:
1. PHP (Server-Side):
PHP served as the core server-side scripting language for our project. Its
40
Community Support: PHP benefits from a vibrant developer
2. JavaScript (Client-Side):
dynamic and interactive elements in the system's web-based interface. Its role
included:
system's features.
inputs, enhancing data integrity, and reducing the need for unnecessary
server requests.
41
Integration with Libraries and Frameworks: JavaScript was leveraged
UI.
streamline the development process and enhance system efficiency. Each of these
1. PHP:
ensured data security and reliability, aligning with our project's core
requirements.
Choice Rationale: React.js was selected for its ability to create dynamic
43
components. It enhanced the system's performance through virtual DOM
interface.
engaging user interface. Their selection was based on their suitability for specific
development needs, ultimately enhancing the efficiency and success of our file
maximize productivity, collaboration, and code quality. Our chosen tools were
44
instrumental in facilitating efficient development and ensuring code consistency
and reliability.
primary code editor due to its versatility, extensive extension support, and
writing code. Its built-in support for PHP, JavaScript, and various other
code reviews.
control system (VCS). Git's distributed nature and GitHub's collaboration features
made them an obvious choice for managing our project's source code.
the project while maintaining code integrity. We could track changes, merge
45
platform for hosting our code repository, enabling efficient collaboration, issue
Choice Rationale: For local development and testing, we utilized Apache as our
web server and MySQL as our database server. These choices mirrored our
operating systems. This approach supported a broader user base and ensured the
46
the success and reliability of our file and document management system with
RBAC.
sensitive data and ensure authorized access. The chosen security mechanisms and
manage and control user access to files within our system. This choice was driven
by the need to enforce granular access permissions based on user roles, ensuring
Contributions: RBAC allowed us to define roles (e.g., admin, manager, user) and
by the user's role, making it a versatile and effective mechanism for regulating
access.
2. Encryption:
Choice Rationale: Encryption was implemented to protect data both at rest and
47
Contributions: By encrypting data, we added an extra layer of security. For data
at rest, file contents and user credentials were encrypted within the database. For
encrypt data transferred between the client and ser ver. Encryption measures
3. Authentication Mechanisms:
authentication mechanisms. This choice was made to ensure that only legitimate
provide a second factor, such as a one-time code from a mobile app or a hardware
4. Access Controls:
Choice Rationale: Access controls, including access control lists (ACLs), were
This approach allowed fine-grained control over who could access, modify, or
Contributions: Access controls ensured that users could only interact with files
and documents they were explicitly authorized to access. ACLs defined which
48
users or roles had permission to perform specific actions on each file, ensuring
5. Audit Trails:
trails or logging mechanisms. This decision was crucial for identifying security
Contributions: Audit trails recorded important events, such as login attempts, file
access, and changes in user roles or permissions. These logs were invaluable for
were enforced.
provide a secure and trustworthy file and document management system with
RBAC, safeguarding user data and maintaining the integrity of our system.
The goal of testing was to demonstrate that the system under control contains
bugs and is at the stage of implementation which is aimed at ensuring that the
49
Testing must not be confused with debugging, which is the process of detecting
and reducing the number of existing errors, but testing is the process of executing
the program with the intent of finding errors and missing operations and a
complete verification to determine whether the objectives are met, and the user
Testing can never prove that a code is an error but rather verify that errors exist,
therefore, the need to consider the fact that the error might come from the test
itself, while the tested code might be correct. One must know what the results of
The one who is responsible for doing the testing has to be able to define what the
outcome should be, if not this will lead to bugs in either the program or the test or
The good thing about system testing is that it can be carried out without any prior
knowledge about the program design and can thus be performed by "outsiders".
detecting, and fixing the errors in a system is known as one of the main objectives
Testing of the application went through five distinct states: Unit, Integration, Sub-
50
4.3.2 Unit Testing
The software units in a system are modules and routines that are assembled and
This enables us to detect errors in coding and logic that are contained within each
module. This testing includes entering data and ascertaining if the value matches
the type and size supported and the various controls are tested to ensure that each
Data can be lost across any interface, one module can have an adverse effect on
another, and sub-functions, when combined may not produce the desired major
with the interface. The objective is to take unit-tested modules and build a
program structure. All modules are combined and tested as a whole, here the
server module and the client module options are integrated and tested.
The testing assures that the application is a well-integrated functional unit with a
At this stage, the modules are integrated and tested. The modules are a collection
of components. The subsystems that were tested were the business rules, User
Business rules are the laws, regulations, policies, and procedures that are encoded
51
This test was carried out to ensure that the system responded to the business rules
encoded in it. The test on the user interface was to ensure that the user-interface
The database access test was to ensure that the centralized database could operate
without errors to the working data; it was also to ensure that changes to the
The system is made up of sub-systems. The system is tested to check for how the
sub-systems interact with each other. Of utmost importance was to test if the
This is the final stage of the testing process before the system is put into
operation. In this test process, the data used was not simulated data but actual data
The test revealed errors relating to the maximum length of names. Acceptance
testing may reveal errors and omissions in the system requirements definition
because the real data exercises the system in different ways from the test data.
Acceptance testing may also reveal requirements problems where the system's
facilities do not meet the user's needs, or the system performance is unacceptable.
The following snapshots were captured from the application using the Windows
print screen function. The screenshots are grouped into two, pages on the client
side, that is, the home page and the administrator side.
52
1. Login Interface/form
2. Database Structure
53
3. Main Dashboard
4. Home Interface
5. My Drive
54
Figure 4. 5. Drive of The System.
My drive form displays a list of drive files on the system as shown in Figure 4.5.
the system as presented in Figure 4.6. Files can be downloaded and can be
deleted.
55
7. Archives
Figure 4.7. The files can be deleted permanently from the archives form.
8. Reports
on the system. The admin/user can filter to generate reports. The form allows
users to search and generate reports from either My Drive or Shared files.
56
9. Roles and Permissions
system as displayed in Figure 4.9. The admin can assign roles and permission to a
as presented in Figure 4.10. The form displaces activities such as the time and
date a user logs in, the task he/she performed, files uploaded, and files shared.
57
11. SMS Notification.
be sent to the receiver whom the user shared the file with. It will prompt the
receiver that, he/she has received a new shared file from the system.
In this section, we'll delve into the deployment phase of our file and document
deployment is essential to ensure that our system operates reliably and securely in
a production environment.
58
Contributions: By structuring our deployment in this manner, we
achieved modularity and flexibility. The front end, responsible for the user
interface, interacted with the backend, which hosted the core application
2. Deployment Diagram:
operations teams.
servers, and load balancers. It highlighted the flow of data and user
1. Web Servers:
59
Contributions: Apache provided a stable environment for hosting our
PHP application, ensuring that users could access our system with
minimal downtime.
3. Operating System:
and maintenance.
4. Deployment Tools:
60
Contributions: Ansible and Docker contributed to the efficiency of our
ensured that our application and its dependencies were consistent and isolated,
1. Parallel Deployment:
disruption during the transition from the old system to the new one. This approach
allowed both systems (old and new) to run concurrently for a transitional period.
the system without interruption while the new system was gradually rolled out. It
provided a safety net, allowing for thorough testing and data migration before full
adoption.
ensure a smooth transition of our file and document management system with
deployment type were all selected to optimize performance, reliability, and user
61
CHAPTER FIVE
SUMMARY, CONCLUSION AND RECOMMENDATION
2.4 Summary
notification alert is a system that allows users to easily share files with others
while also receiving SMS notifications for important updates. This system
62
With this system, users can upload files to a central repository, which can be
for easy navigation and retrieval. Users can also set permissions and access
levels to ensure that only the intended recipients can view or edit the files.
One of the key features of this system is the SMS notification alert. Users can
receive SMS notifications for an event, such as when a file is shared. This helps
users stay updated and informed about the latest activities and changes in the
shared files.
as the name of the file, the user who made the update, and a brief description of
the changes.
2.5 Conclusion
File management with a role-based access control system with SMS notification
allows users to easily share files, set permissions, and receive timely SMS
notifications for important updates. This system streamlines the file sharing
process and keeps users informed about the latest activities and changes. By
utilizing this system, teams and clients can work together more efficiently and
effectively.
63
2.6 Recommendations
Based on the benefits and features of file management with a role-based access
control system allows for easy collaboration among team members or clients. It
users stay updated and informed about important updates and changes. This
page.
control system, users can easily find and access the files they need, eliminating
the time wasted searching for documents. The SMS notifications also help to
prioritize tasks and ensure that important updates are not missed.
4. Security and control: The system allows users to set permissions and access
levels, ensuring that only authorized individuals can view or edit files. This
suit their preferences and needs. They can choose the events they want to be
notified about and configure the frequency and timing of the notifications.
64
References
Abdulahi, J. . (2014). Introduction to Computer a Management Tool. Nigeria,
Victory Publishers.
Adam, & Freeman. (2014). Beginning CSS: Cascading Style Sheets for Web
November. https://doi.org/10.14445/22312803/IJCTT-V29P106
By, P., & Publishing, W. (n.d.). HTML, XHTML, and CSS Bible,. Fifth Edit.
Fan, J., Han, F., & Liu, H. . (2014). Challenges of Big Data analysis. In National
Science Review.
257.
65
Kumar, B. D., & Kareemulla, S. (2017). Smart Mobile Attendance System for
Kumar, N., Bansal, A., Singhal, K., & Sharma, P. (2020). File-Management-
Press.
Shettar, I. M. (n.d.). Codes in Libraries : Case study on the use of QR codes in the
66
APPENDIX
PROGRAM SOURCE CODES
<?php
session_start();
include('config/dbcon.php');
if(!isset($_SESSION['auth']))
{
$_SESSION['message'] = "Login to Access Dashboard";
header("Location: ../login.php");
exit(0);
}
else
{
}
?>
<?php
include('authentication.php');
include("ActivityLog.php");
if(isset($_POST['share_file_btn']))
{
$filename = $_POST['filename'];
$file_size = $_POST['file_size'];
$file_type = $_POST['file_type'];
$shared_id = $_POST['shared_id'];
$date = $_POST['date_created'];
$uploader = $_POST['user_id'];
67
$query = "INSERT INTO sharedfile (filename, file_size, file_type,
shared_id, uploader, date_created)VALUES('$filename', '$file_size', '$file_type',
'$shared_id', '$uploader', '$date')";
$query_run = mysqli_query($con, $query);
if($query_run)
{
$sender_id = "St-Thomass";
$phone = "$shared_id";
$key="Yc2NrM9uzJkogvvYLvbKaXsu7";
$message = "Hi Staff, A new file with the name $filename, has been shared
with you on your portal. Kindly login to access it." ;
$url="https://apps.mnotify.net/smsapi?
key=$key&to=$phone&msg=$message&sender_id=$sender_id";
$result=file_get_contents($url); //call url and store result;*/
// log activity
$logger::log(
"(SHARED FILE) $filename was shared with this user (ID) $shared_id",
$filename,
'sharedfile'
);
68
header('Location: mydrive.php');
exit(0);
}}
if(isset($_POST['rst_btn'])) // delete file
{
$rst_btn = $_POST['rst_btn'];
$check_img_query = "SELECT * FROM archives WHERE id='$rst_btn'
LIMIT 1";
$img_res = mysqli_query($con, $check_img_query);
$res_data = mysqli_fetch_array($img_res);
$image = $res_data['image'];
$query = "DELETE FROM archives WHERE id ='$rst_btn' LIMIT 1";
$query_run = mysqli_query($con, $query);
if($query_run)
{
if(file_exists('../uploads/posts/'.$image)){
unlink("../uploads/posts/".$image);
}
/* log activity
$logger::log(
"(Delete) User was deleted",
$userid,
'users'
);*/
$_SESSION['message'] = "Deleted Successfully";
header('Location: archieves.php');
exit(0);
} else
{
69
$_SESSION['message'] = "Something Went Wrong.!";
header('Location: archieves.php');
exit(0);
} }
if(isset($_POST['delete_btn'])) // delete file
{
$userid = $_POST['userid'];
$filename = $_POST['filename'];
$file_size = $_POST['file_size'];
$file_type = $_POST['file_type'];
$user_id = $_POST['user_id'];
$check_img_query = "SELECT * FROM d_files WHERE id='$userid' LIMIT
1";
$img_res = mysqli_query($con, $check_img_query);
$res_data = mysqli_fetch_array($img_res);
$image = $res_data['image'];
$query = "DELETE FROM d_files WHERE id ='$userid' LIMIT 1";
$query2 = "DELETE FROM sharedfile WHERE uploader= '$user_id'";
$query1 = "INSERT INTO archives (file_id, filename, file_size, file_type,
user_id)VALUES ( '$userid','$filename', '$file_size', '$file_type', '$user_id')";
$query_run = mysqli_query($con, $query);
$query_run2= mysqli_query($con, $query2);
$query_run1 = mysqli_query($con, $query1);
if($query_run)
{
if(file_exists('../uploads/posts/'.$image)){
unlink("../uploads/posts/".$image);
}
// log activity
70
$logger::log(
"(Delete) File was deleted",
$userid,
'd_files'
);
else
{
$_SESSION['message'] = "Something Went Wrong.!";
header('Location: mydrive_delete.php');
exit(0);
}
}
if(!empty($_GET['file']))
{
$image = basename($_GET['file']);
$filepath = "../uploads/posts/".$image;
if(!empty($image) && file_exists($filepath)){
header("Cache-Control: public");
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=$image");
header("Content-Type: application/zip");
header("Content-Transfer-Encoding: binary");
71
//readfile
// log activity
$logger::log(
"(DOWNLOAD) $image was Downloaded",
$image,
'd_files'
);
readfile($filepath);
exit;
}
else{
echo"file not exit";
}}
if(isset($_POST['upload_file'])){
//echo'<pre>';
//print_r($_FILES);
$image = $_FILES['image']['name'];
$fileTmpName = $_FILES['image']['tmp_name'];
$image_size = $_FILES['image']['size'];
$image_type = $_FILES['image']['type'];
$user_id = $_POST['user_id'];
$upload_dir = "../uploads/posts/";
$destination = $upload_dir.basename($_FILES['image']['name']);
if
($_FILES['image']['size'] > 100000000){
die("File too Large");
$_SESSION['message'] = "File too Large";
72
header('Location: mydrive_upload.php');
exit(0);
}
// log activity
$logger::log(
"(UPLOADED) $filetype File was Uploaded",
$image,
'd_files'
);
73
header('Location: mydrive.php');
exit(0);
}
}
/*if(isset($_POST['upload_file'])) // upload file
{
$image = $_FILES['image']['name'];
$fileTmpName = $_FILES['file']['tmp_name'];
$path = "../uploads/posts/".$image;
$query = "INSERT INTO d_files (filename)VALUES ( '$image')";
$query_run = mysqli_query($con, $query);
if($query_run)
{
move_uploaded_file($_FILES['image']['tmp_name'], '../uploads/posts/'.
$image);
/* log activity
$logger::log(
"(CREATE) User was created",
$fname . " ". $lname,
'users'
);
$_SESSION['message'] = "Successfully Uploaded";
header('Location: mydrive.php');
exit(0);
}
else
{
}
74
}
*/
// logged
if(isset($_POST['delete_user'])) // delete user
{
$userid = $_POST['userid'];
User Management: The system allows users to register and create accounts with
File Upload and Storage: Users can upload files to the system, which are
where each user is assigned specific roles and associated permissions. Access to
ensuring that users only have access to relevant files and actions.
File Sharing and Collaboration: Users can share files with other users or groups
within the system. Permissions can be assigned to control the level of access
(read, write, delete) for shared files. Collaboration features such as commenting,
version control, and real-time editing may be available to facilitate teamwork and
document collaboration.
76
Search and Retrieval: The system provides robust search capabilities, allowing
users to search for files based on various criteria such as file name, tags, or
metadata. This ensures quick and efficient retrieval of files, even in large
repositories.
Notifications and Alerts: Users receive notifications and alerts for relevant
system events, such as file updates, shared file invitations, or access attempts.
This keeps users informed and helps them stay up to date with file activities and
control policies. User access is monitored and audited to identify any suspicious
Performance and Scalability: The system is designed to handle many users and
Usability: The user interface of the system is designed to be intuitive and user-
friendly, requiring minimal training for users to navigate and perform tasks
efficiently.
Benefits:
Improved File Organization: The system provides a centralized location for
storing and organizing files, eliminating the need for manual file management,
77
Enhanced Collaboration: File sharing and collaboration features facilitate
ensure that files are accessed only by authorized users, minimizing the risk of data
Time and Cost Savings: The system streamlines file management processes,
reducing the time spent searching for files and enabling efficient document
sharing and collaboration. This leads to increased productivity and cost savings.
The File & Document Management System with Role-Based Access Control
This section discusses the system requirements. This includes both the functional
78
3.2.1 Functional Requirement
Functional Requirements:
1. User Management: The system should allow the administrator to manage user
2. File Sharing: The system should allow users to share files with other users.
3. Access Control: The system should enforce access control policies to ensure
that users can only access files that they are authorized to access.
5. Audit Logs: The system should generate audit logs to track user activity,
6. Encryption: The system should encrypt files during transmission and storage to
7. SMS notification alert: The system should alert user/receiver when a file is been shared
1. Performance: The system should be able to handle many users and files
protect against unauthorized access, data breaches, and other security threats.
79
4. Scalability: The system should be scalable, able to handle increasing numbers
and operating systems to ensure that users can access the system from any device.
6. Usability: The system should be easy to use, with an intuitive user interface
To build a system that best meets the specific user requirements, prototyping is
One of the key benefits of RAD is that it allows developers to quickly build and
test working prototypes of the system, which can help to identify issues and bugs
early in the development process. This can save time and money compared to
80
RAD also emphasizes user involvement, which can help to ensure that the system
meets the needs of its users. By getting feedback from users early and often,
developers can make sure that the system is meeting user needs throughout the
development process.
Another benefit of RAD is that it allows for a more flexible and adaptable
approach to development. The iterative nature of RAD means that the system can
Figure 3. 7
3.4 Design Methodology
prototype is reached. It also establishes a base to produce the final system. There
81
In developing this system, we chose the method of extreme prototyping. That's
because it is the proper method mostly used for web development. Extreme
high level, it divides web development into three distinct phases. The
first stage is the static prototype, which consists of HTML pages and possibly a
logical data model that supports those pages. The second stage is a coding process
in your chosen web framework where the screens are fully functional using an
emulation services layer. The third stage is where the services are performed.
The prototyping model begins with the requirements analysis. In this phase, the
system requirements were defined in detail. During the process, a select group of
users of the system were involved to find out what their expectations of the
The second phase is a preliminary design or a quick design. In this stage, a simple
design of the
system was created which will give a brief idea of the system.
82
In this phase, an actual prototype was designed based on the information gathered
from the rapid design which was a small work model of the requirement.
At this stage, the proposed system was tested and evaluated. This made it possible
to discover the strengths and weaknesses of the working model. Comments and
Based on the user’s satisfaction, we refined the prototype according to the user's
feedback and suggestions. This phase was not over until all the requirements
Once the final system was developed based on the final prototype, it was
A survey analysis was done for which future ten (10) users will be using the
application, a set of survey interviews was carried out to study their opinion in
At this stage beings the decision-making on how to build and operate the system.
In the other words, its purpose is to create a technical solution that satisfies the
system's functional requirements. The various models will be designed along with
their respective detailed diagrams and flow charts. The system design implements
83
1 Tier Architecture in DBMS is the simplest architecture of a database in which
the client, server, and Database all reside on the same machine. A simple one-tier
architecture example would be anytime you install a Database in your system and
production.
methodology. They were used to develop the mobile hospital record management
system.
User Registration:
Actors: User
Description: The user creates a new account in the system by providing the
84
User Authentication:
Actors: User
Actors: User
Use Cases:
View File: Enables users to view files and documents stored in the system.
Folder Management:
Actors: User
Use Cases:
Create Folder: Allows users to create new folders to organize their files.
Delete Folder: Allows users to remove folders and their contents from the system.
Actors: User
Use Cases:
Share File/Folder: Allows users to share files or folders with other users.
85
Set Permissions: Enables users to set access permissions for shared files or
folders.
Role Management:
Actors: Administrator
Use Cases:
Create Role: Enables administrators to create new roles with specific permissions.
responsibilities.
Remove Role: Allows administrators to delete roles that are no longer needed.
System Administration:
Actors: Administrator
Use Cases:
Audit Trail: Provides administrators with the ability to track and review user
Register Account
Collaborate
Login
Upload files86
View files
Edit files
Figure 3. 9 Use case function for the User
Create role
Administrators
Assign role
Update role
Remove role
User Management
Permission management
-
Audit trail
In this use case diagram, the main actors are the "User" and "Administrator." The
User actor can perform actions such as registering an account, logging in,
Data Flow Diagrams (DFDs) are graphical representations that depict the flow of
data within a system or process. They illustrate how data moves from one process
entities. DFDs are useful for understanding the system's data flow and identifying
87
In this high-level DFD, the User interacts with the System, which represents the
System.
+-----------------+
| User |
+--------+--------+
+--------v--------+
| System |
+--------+--------+
+--------v--------+
| Data Store |
+--------+--------+
The Data Store represents the storage of files, documents, user information, roles,
and permissions.
88
Figure 3. 12 Flowchart diagram of the system
3.4.7 System Testing
This phase allows individuals units and modules to be tested to determine if the
system solution meets the set of business goals and if it performs as exported. The
researchers first tested each module for its functionality and later brought together
all components and subsystems of the development modules and made the whole
89
3.4.8 System Implementation
This stage concludes the product into productive environment after it is given a
green light from System tester. During this stage, the project is released to be used
This is the final phase of the SDLC where end user fine-tunes the system as
new requirements brought to the table by the client or user. The researcher must
Before implementing the File & Document Management System with Role-Based
to ensure the smooth functioning of the system. Here are the key system
requirements:
better performance).
efficiency).
being managed.
Network: Stable network connectivity to enable user access and data transfer.
90
3.5.2. Software Requirements:
Web Server: Install a web server (e.g., Apache, Nginx) to host the system.
Database: A suitable database for the system is MySQL, for data storage and
retrieval.
Web Browser Compatibility: Ensure that the system supports major web
browsers (e.g., Chrome, Firefox, Safari, Edge) and their latest versions.
91
Backup and Recovery: Setting up regular backups of files and documents to
ensure data integrity and establish a recovery plan in case of data loss.
should possess rather than specific functionalities. They are often related to
performance, usability, reliability, security, and other aspects that impact the
92
CHAPTER FOUR
PROGRAM DEVELOPMENT
4.0 Introduction
for organizations of all sizes and domains. The need to maintain order, security,
and accessibility of critical data has never been more essential. In this section, we
delve into the intricacies of our system's approach to file and document
(RBAC) This chapter throws light on the description of the Program design and
structure this includes modules, forms etc.), the real implementation of the
Evaluation of the software product and showing how it arises from the design,
then the researcher will demonstrate some of the interesting elements of the
system, illustrating examples from the output, and some snapshots from the
system. The system will be successful if it delivers the expectations and functions
components are client-side and server-side. These two major components contain
various modules and components that communicate with each other to make the
chat application work. The client-side also known as the front-end component is
responsible for all the technologies and frameworks that make up the graphical
93
user interface (GUI) with which the user sees and interacts with. The other major
responsible for all the backend processes and protocols that will facilitate the
sending and receiving of user messages and handling the video streaming
processes.
JavaScript) for your project, you can specify their roles as follows:
2. PHP (Server-Side):
PHP served as the core server-side scripting language for our project. Its
94
retrieval, and management of user profiles, file metadata, access control
2. JavaScript (Client-Side):
dynamic and interactive elements in the system's web-based interface. Its role
included:
system's features.
inputs, enhancing data integrity and reducing the need for unnecessary
server requests.
95
asynchronous communication with the server, improving the system's
UI.
I see, thank you for the clarification. If you didn't use the Laravel PHP framework
and instead used PHP for your project, you can adjust your description
In the development of our file and document management system with Role-
96
technologies to streamline the development process and enhance system
efficiency. Each of these tools played a crucial role in different aspects of our
project:
3. PHP:
ensured data security and reliability, aligning with our project's core
requirements.
97
experience. jQuery simplified specific DOM tasks and cross-browser
Choice Rationale: React.js was selected for its ability to create dynamic
interface.
98
These development libraries and technologies collectively expedited our project's
engaging user interface. Their selection was based on their suitability for specific
development needs, ultimately enhancing the efficiency and success of our file
In the development of our file and document management system with Role-
primary code editor due to its versatility, extensive extension support, and
writing code. Its built-in support for PHP, JavaScript, and various other
99
development team to maintain code consistency and facilitate efficient
code reviews.
control system (VCS). Git's distributed nature and GitHub's collaboration features
made them an obvious choice for managing our project's source code.
the project while maintaining code integrity. We could track changes, merge
platform for hosting our code repository, enabling efficient collaboration, issue
Choice Rationale: For local development and testing, we utilized Apache as our
web server and MySQL as our database server. These choices mirrored our
100
Choice Rationale: Our development team used a combination of Windows and
operating systems. This approach supported a broader user base and ensured
the success and reliability of our file and document management system with
RBAC.
In the development of our file and document management system with Role-
Based Access Control (RBAC), robust security mechanisms were a top priority to
safeguard sensitive data and ensure authorized access. The chosen security
manage and control user access to files and documents within our system. This
101
choice was driven by the need to enforce granular access permissions based on
user roles, ensuring that only authorized users could perform specific actions.
Contributions: RBAC allowed us to define roles (e.g., admin, manager, user) and
by the user's role, making it a versatile and effective mechanism for regulating
access.
2. Encryption:
Choice Rationale: Encryption was implemented to protect data both at rest and
at rest, file contents and user credentials were encrypted within the database. For
encrypt data transferred between the client and ser ver. Encryption measures
3. Authentication Mechanisms:
authentication mechanisms. This choice was made to ensure that only legitimate
102
Contributions: User authentication required valid username-password
provide a second factor, such as a one-time code from a mobile app or a hardware
4. Access Controls:
Choice Rationale: Access controls, including access control lists (ACLs), were
This approach allowed fine-grained control over who could access, modify, or
Contributions: Access controls ensured that users could only interact with files
and documents they were explicitly authorized to access. ACLs defined which
users or roles had permission to perform specific actions on each file, ensuring
5. Audit Trails:
trails or logging mechanisms. This decision was crucial for identifying security
Contributions: Audit trails recorded important events, such as login attempts, file
access, and changes in user roles or permissions. These logs were invaluable for
103
post-incident analysis, compliance auditing, and ensuring that security policies
were enforced.
provide a secure and trustworthy file and document management system with
RBAC, safeguarding user data and maintaining the integrity of our system.
The goal of testing was to demonstrate that the system under control contains
bugs and is the stage of implementation which is aimed at ensuring that the
Testing must not be confused with debugging, which is the process of detecting
and reducing the number of existing errors, but test is the process of executing the
program with intent of finding errors and missing operations and also a complete
verification to determine whether the objectives are met, and the user
Testing can never prove that a code is error but rather verify that errors exist
therefore need to consider the fact that the error might come from the test itself,
while the tested code might be correct. One must know what the results of the test
The one who is responsible for doing the testing has to be able to define what the
outcome should be, if not this will lead to bugs in either the program or the test or
104
The good thing about system testing is that it can be carried out without any prior
knowledge about the program design and can thus be performed by "outsiders".
testing, detecting and fixing the errors in a system is known as one of the main
Testing of the application went through five distinct states: Unit testing,
Integration testing, Sub- system testing, System testing and Acceptance testing.
The software units in a system are modules and routines that are assembled and
This enables us to detect errors in coding and logic that are contained within each
module. This testing includes entering data and ascertaining if the value matches
the type and size supported and the various controls are tested to ensure that each
Data can be lost across any interface, one module can have an adverse effect on
another, sub-functions, when combined may not produce the desire major
within the interface. The objective is to take unit tested modules and build a
program structure. All modules are combined and tested as a whole, here the
server module and the client module options are integrated and tested.
105
The testing provides the assurance that the application is well integrated
At this stage the modules are integrated and tested. The modules are the collection
of components. The subsystems that were tested were the business rules, User
Business rules are the laws, regulations, policies, and procedures that are encoded
This test was carried out to ensure that the system responded to the business rules
encoded in it. The test on the user interface was to ensure that the user-interface
components could undergo changes without damaging the rest of the program.
The database access test was to ensure that the centralized database could operate
without errors to the working data; it was also to ensure that change to the
The system is made up of sub-systems. The system is tested to check for how the
sub-systems interact with each other. Of utmost importance was to test if the
requirement.
This is the final stage of the testing process before the system is put into
106
data used was not simulated data but actual data from selected users who were
The test revealed errors relating to the maximum length of names. Acceptance
testing may reveal errors and omissions in the system requirements definition
because the real data exercise the system in different ways from the test data.
Acceptance testing may also reveal requirements problems where the system's
facilities do not really meet the user's needs, or the system performance is
unacceptable.
The following snapshots were captured from the application using the windows
print screen function. The screen shots are grouped into two, pages on the client
107
13. Database Structure
108
15. Home interface
16. My Drive
109
17. All Files Interface/Form
system as presented in Figure 4.6. Files can be downloaded and can be deleted.
18. Archives
Figure 4.7. The files can be deleted permanently from the archives form.
110
19. Reports
on the system. The admin/user can filter to generate reports. The form allows
users to search and generate reports from either My Drive or Shared files.
111
The Roles and Permissions form allows only admin to add person into the system
as displayed in Figure 4.9. The admin can assign roles and permission to a person
presented in Figure 4.10. The form displaces activities such as, the time and date a
user logs in, task he/she performed, files uploadted and files shared.
112
22. SMS Notification Alert.
SMS notification has been implanted into the system. A quick notification will
be sent to the receiver whom the user shared the file with. It will prompt the
receiver that, he/she has received a new shared file from the system.
In this section, we'll delve into the deployment phase of our file and document
113
deployment is essential to ensure that our system operates reliably and securely in
a production environment.
achieved modularity and flexibility. The frontend, responsible for the user
interface, interacted with the backend, which hosted the core application
2. Deployment Diagram:
operations teams.
servers, and load balancers. It highlighted the flow of data and user
114
requests, aiding in the understanding of how different parts of the system
1. Web Servers:
PHP application, ensuring that users could access our system with
minimal downtime.
3. Operating System:
115
Contributions: Linux provided a robust platform for hosting our system.
and maintenance.
4. Deployment Tools:
ensured that our application and its dependencies were consistent and isolated,
1. Parallel Deployment:
disruption during the transition from the old system to the new one. This approach
allowed both systems (old and new) to run concurrently for a transitional period.
the system without interruption while the new system was gradually rolled out. It
provided a safety net, allowing for thorough testing and data migration before full
adoption.
116
By carefully planning and implementing our deployment strategy, we aimed to
ensure a smooth transition of our file and document management system with
deployment type were all selected to optimize performance, reliability, and user
117
CHAPTER FIVE
10.1 Summary
The file sharing system with SMS notification alert is a system that allows users
to easily share files with others while also receiving SMS notifications for
With this system, users can upload files to a central repository, which can be
for easy navigation and retrieval. Users can also set permissions and access
levels to ensure that only the intended recipients can view or edit the files.
One of the key features of this system is the SMS notification alert. Users can
receive SMS notifications for an event, such as when a file shared. This helps
users stay updated and informed about the latest activities and changes in the
shared files.
as the name of the file, the user who made the update, and a brief description of
the changes.
10.2 Conclusion
The file sharing system with SMS notification alert is a valuable tool for
set permissions, and receive timely SMS notifications for important updates.
118
This system streamlines the file sharing process and keeps users informed about
the latest activities and changes. By utilizing this system, teams and clients can
10.3 Recommendations
Based on the benefits and features of the file sharing system with SMS
repository for files, making it convenient to share, access, and edit files in real-
time.
users stay updated and informed about important updates and changes. This
page.
3. Increased productivity: With the file sharing system, users can easily find
and access the files they need, eliminating the time wasted searching for
documents. The SMS notifications also help to prioritize tasks and ensure that
4. Security and control: The system allows users to set permissions and access
levels, ensuring that only authorized individuals can view or edit files. This
119
5. Customizable notifications: Users can customize the SMS notifications to
suit their preferences and needs. They can choose the events they want to be
notified about and configure the frequency and timing of the notifications.
120
References
Victory Publishers.
Adam, & Freeman. (2014). Beginning CSS: Cascading Style Sheets for Web
November. https://doi.org/10.14445/22312803/IJCTT-V29P106
By, P., & Publishing, W. (n.d.). HTML, XHTML, and CSS Bible,. Fifth Edit.
Fan, J., Han, F., & Liu, H. . (2014). Challenges of Big Data analysis. In National
Science Review.
251–257.
121
Kumar, B. D., & Kareemulla, S. (2017). Smart Mobile Attendance System for
Kumar, N., Bansal, A., Singhal, K., & Sharma, P. (2020). File-Management-
Press.
Shettar, I. M. (n.d.). Codes in Libraries : Case study on the use of QR codes in the
122
APPENDEX
session_start();
include('config/dbcon.php');
if(!isset($_SESSION['auth']))
{
$_SESSION['message'] = "Login to Access Dashboard";
header("Location: ../login.php");
exit(0);
}
else
{
}
?>
<?php
include('authentication.php');
include("ActivityLog.php");
if(isset($_POST['share_file_btn']))
{
$filename = $_POST['filename'];
123
$file_size = $_POST['file_size'];
$file_type = $_POST['file_type'];
$shared_id = $_POST['shared_id'];
$date = $_POST['date_created'];
$uploader = $_POST['user_id'];
$query = "INSERT INTO sharedfile (filename, file_size, file_type,
shared_id, uploader, date_created)VALUES('$filename', '$file_size', '$file_type',
'$shared_id', '$uploader', '$date')";
$query_run = mysqli_query($con, $query);
if($query_run)
{
$sender_id = "St-Thomass";
$phone = "$shared_id";
$key="Yc2NrM9uzJkogvvYLvbKaXsu7";
$message = "Hi Staff, A new file with the name $filename, has been shared
with you on your portal. Kindly login to access it." ;
$url="https://apps.mnotify.net/smsapi?
key=$key&to=$phone&msg=$message&sender_id=$sender_id";
$result=file_get_contents($url); //call url and store result;*/
// log activity
$logger::log(
"(SHARED FILE) $filename was shared with this user (ID) $shared_id",
$filename,
'sharedfile'
);
124
header('Location: mydrive.php');
exit(0);
}
else{
$_SESSION['message'] = "Something Went Wrong";
header('Location: mydrive.php');
exit(0);
}}
if(isset($_POST['rst_btn'])) // delete file
{
$rst_btn = $_POST['rst_btn'];
$check_img_query = "SELECT * FROM archives WHERE id='$rst_btn'
LIMIT 1";
$img_res = mysqli_query($con, $check_img_query);
$res_data = mysqli_fetch_array($img_res);
$image = $res_data['image'];
$query = "DELETE FROM archives WHERE id ='$rst_btn' LIMIT 1";
$query_run = mysqli_query($con, $query);
if($query_run)
{
if(file_exists('../uploads/posts/'.$image)){
unlink("../uploads/posts/".$image);
}
/* log activity
$logger::log(
"(Delete) User was deleted",
$userid,
'users'
);*/
125
$_SESSION['message'] = "Deleted Successfully";
header('Location: archieves.php');
exit(0);
} else
{
$_SESSION['message'] = "Something Went Wrong.!";
header('Location: archieves.php');
exit(0);
} }
if(isset($_POST['delete_btn'])) // delete file
{
$userid = $_POST['userid'];
$filename = $_POST['filename'];
$file_size = $_POST['file_size'];
$file_type = $_POST['file_type'];
$user_id = $_POST['user_id'];
$check_img_query = "SELECT * FROM d_files WHERE id='$userid' LIMIT
1";
$img_res = mysqli_query($con, $check_img_query);
$res_data = mysqli_fetch_array($img_res);
$image = $res_data['image'];
$query = "DELETE FROM d_files WHERE id ='$userid' LIMIT 1";
$query2 = "DELETE FROM sharedfile WHERE uploader= '$user_id'";
$query1 = "INSERT INTO archives (file_id, filename, file_size, file_type,
user_id)VALUES ( '$userid','$filename', '$file_size', '$file_type', '$user_id')";
$query_run = mysqli_query($con, $query);
$query_run2= mysqli_query($con, $query2);
$query_run1 = mysqli_query($con, $query1);
if($query_run)
126
{
if(file_exists('../uploads/posts/'.$image)){
unlink("../uploads/posts/".$image);
}
// log activity
$logger::log(
"(Delete) File was deleted",
$userid,
'd_files'
);
else
{
$_SESSION['message'] = "Something Went Wrong.!";
header('Location: mydrive_delete.php');
exit(0);
}
}
if(!empty($_GET['file']))
{
$image = basename($_GET['file']);
$filepath = "../uploads/posts/".$image;
if(!empty($image) && file_exists($filepath)){
127
header("Cache-Control: public");
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=$image");
header("Content-Type: application/zip");
header("Content-Transfer-Encoding: binary");
//readfile
// log activity
$logger::log(
"(DOWNLOAD) $image was Downloaded",
$image,
'd_files'
);
readfile($filepath);
exit;
}
else{
echo"file not exit";
}}
if(isset($_POST['upload_file'])){
//echo'<pre>';
//print_r($_FILES);
$image = $_FILES['image']['name'];
$fileTmpName = $_FILES['image']['tmp_name'];
$image_size = $_FILES['image']['size'];
$image_type = $_FILES['image']['type'];
$user_id = $_POST['user_id'];
$upload_dir = "../uploads/posts/";
128
$destination = $upload_dir.basename($_FILES['image']['name']);
if
($_FILES['image']['size'] > 100000000){
die("File too Large");
$_SESSION['message'] = "File too Large";
header('Location: mydrive_upload.php');
exit(0);
}
// log activity
$logger::log(
"(UPLOADED) $filetype File was Uploaded",
129
$image,
'd_files'
);
}
}
*/
// logged
if(isset($_POST['delete_user'])) // delete user
{
$userid = $_POST['userid'];
132