source: main/waeup.kofa/trunk/docs/source/userdocs/applicants/browser.rst @ 13194

Last change on this file since 13194 was 13108, checked in by Henrik Bettermann, 10 years ago

Rename button.

Reorganize applicants section docs.

File size: 4.0 KB
Line 
1.. _applicant_registration:
2
3Registration
4============
5
6The `ApplicantRegistrationPage` allows to register in create or in
7update mode, depending on the
8:ref:`mode of its context<application_mode>`, i.e. the applicants
9container.
10
11In create mode, `firstname`, `middlename`, `lastname`, `email` and
12`phone` are requested. A new record is being created.
13
14In update mode, only `reg_number`, `lastname` and `email` have to be
15entered. Kofa searches for an applicant record with matching
16registration number and lowercased lastname. If the search does not
17yield a result, the flash message: 'No application record found' is
18returned. The anonymous user will not know, if the registration
19number does not exist or the provided lastname does not match.
20Another ``if`` statement checks whether the password has already
21been set and used, i.e. the the application has already been
22started. If so, the anonymous user can't register again and is being
23requested to proceed to the login page.
24
25In both registration modes a randomly generated password is set and
26the email address is saved. An email with login credentials is sent
27to this address. Finally, the browser is redirected to a landing
28page. Depending on the portals configuration, the landing page tells
29the user that an email has been send to her/his mailbox, or even
30discloses additionally the login credentials. The disclosure of
31credentials has two substantial drawbacks: (1) The login credentials
32can be misused by web crawlers for bulk account creation, which may
33cause the system to crash. (2) The email address provided by the
34user is not being verified and there is no guarantee that the
35address belongs to the user or that a mailbox with such an address
36exists. Therefore, we strongly recommend to only send credentials to
37email addresses.
38
39
40.. _application_form_locking:
41
42Form Locking
43============
44
45We mentioned regular :ref:`page_locking` mechanisms. The
46`ApplicantEditFormPage` has two additional locks. One is the same
47named applicant attribute `locked`. Applicants can only enter the
48edit page if their record is 'unlocked'. Locking and unlocking is
49automatically done by workflow event handlers. By default, the
50record is unlocked. Only when the applicant submits the record, it
51is being locked, which means the attribute is set ``True`` and the
52data can no longer be edited.
53
54The reader may wonder why Kofa is not using the workflow state
55instead. The additional locking mechanism allows officers to unlock
56and lock forms without triggering workflow transitions. A transition
57is always a major, and sometimes inappropriate intervention which is
58also recorded in the application history.
59
60Use case: An applicant has made a mistake and requests a change of
61submitted data. An officer accepts the change, temporarily unlocks
62the form to allow editing the data. Unlocking and re-locking is
63logged in ``applicants.log`` but not shown on pages or the
64application slip.
65
66The second lock is induced by the application deadline. If the
67application period has expired and the applicants container's
68`strict_deadline` attribute is set, the applicant is also not
69allowed to edit or even submit the form.
70
71.. note::
72
73  A locked-out applicant can still login and access the display pages
74  of the recod and also download payment and application slips. To
75  expell an applicant from the portal, the account has to be suspended
76  by setting the same-named attribute.
77
78
79.. _applicant_payment_tickets:
80
81Payment
82=======
83
84In contrast to the students section, there is no
85`PaymentsManageFormPage` to handle payment tickets separately.
86Payment tickets can be viewed, added and removed directly on the
87applicant manage and edit form pages. Officers can remove all
88payment tickets, applicants only those without a response code
89(`r_code`) and, if the form is unlocked, so that they are allowed to
90edit their data.
91
92As already mentioned in the workflow chapter, making a payment and
93redeeming a payment is done in one step. When the payment was
94successful or has been approved, also the applicant is automatically
95set to state ``paid``. There is no need to redeem the ticket
96manually.
97
Note: See TracBrowser for help on using the repository browser.