search

BernardLesley / pe

0 stars 0 forks source link

Duplicated items can be inserted from the .json file #6

Open BernardLesley opened 1 year ago

BernardLesley commented 1 year ago

Describe The Bug

Duplicated items can be displayed when we modify the .json file, which should be prevented according to User Guide

Screenshots

image.png

image.png

nus-se-script commented 1 year ago

Team's Response

This is achieved through malicious tampering of our data files.

While there are constraints of requiring data to be stored locally and that they should be in a human editable text file, there are no constraints in the tp that require us to check for the integrity of the file that has been intentionally broken by a professional user (such as you).

The target audience of our application is made up of mostly non-tech savvy people, and the only people who would tamper with such data files are developers. With that in mind, we did not prioritize integrity checking as we'd rather focus on implementing the other parts of our application.

With that being said, it is a good function, but not necessary to have. Perhaps in future iterations of the product, this feature could be implemented.

The 'Original' Bug

[The team marked this bug as a duplicate of the following bug]

bug: negative price restriction for additem can be circumvented by modifying json file

Negative price restriction for additem can be circumvented by modifying json file

image.png

[original: nus-cs2113-AY2223S2/pe-interim#2671] [original labels: type.FunctionalityBug severity.Low]

Their Response to the 'Original' Bug

[This is the team's response to the above 'original' bug]

This is achieved through malicious tampering of our data files.

While there are constraints of requiring data to be stored locally and that they should be in a human editable text file, there are no constraints in the tp that require us to check for the integrity of the file that has been intentionally broken by a professional user (such as you).

The target audience of our application is made up of mostly non-tech savvy people, and the only people who would tamper with such data files are developers. With that in mind, we did not prioritize integrity checking as we'd rather focus on implementing the other parts of our application.

With that being said, it is a good function, but not necessary to have. Perhaps in future iterations of the product, this feature could be implemented.

Items for the Tester to Verify

:question: Issue duplicate status

Team chose to mark this issue as a duplicate of another issue (as explained in the Team's response above)

Reason for disagreement: [replace this with your explanation]

## :question: Issue response Team chose [`response.NotInScope`] - [ ] I disagree **Reason for disagreement:** [replace this with your explanation]
## :question: Issue severity Team chose [`severity.Low`] Originally [`severity.Medium`] - [ ] I disagree **Reason for disagreement:** [replace this with your explanation]