# Document Deposit Assistant
The *Document Deposit Assistant* (DDA) is a web application which is able to import massive amounts of content and their metadata from a variety of data sources into a target repository.
To accomplish this aim, DDA consists of two complementary services:
* a web-based interface, where content providers (e.g. publishers, libraries, repository managers) are guided through a wizard, answering easily understandable questions to their content management infrastructure (e.g. which software they use, such as the DSpace institutional application).
* a service which uses the answers elicited from the wizard in order to connect to the content management infrastructure or process uploaded datadumps, harmonize metadata, and finally import it into the target repository.

## DDA and DSpace
Currently, one DDA installation supports one target DSpace 5+ repository installation. As a DDA installation is interacting with its target repository via REST, both can be deployed and restarted independently.

Once a content provider has successfully used DDA to import a batch of content to the target DSpace repository, this content will land in the importing collection's  *XMLWorkflow* task pool, where that collection's editors and reviewers will have the chance to do their usual business of validating and improving each submission before archiving (or rejecting) it.

## Initial setup
DDA is currently focused on working with a DSpace 5+ installation. In particular, it requires a running [DSpace REST endpoint](https://wiki.duraspace.org/display/DSDOC5x/REST+API) with [additional endpoints](https://git.gesis.org/dspace/rest-additions). DSpace must be running with [XMLWorkflow](https://wiki.duraspace.org/display/DSDOC5x/Configurable+Workflow) (not the XML-less *Workflow*).

### Creating a *Document Deposit Assistant* DSpace user
DDA will import documents to DSpace as a registered DSpace user. To create a new DDA user account within DSpace, first log in with administrator privileges. Then select *Access Control* -> *People*. Click *Click here to add a new E-Person*. Provide a valid and unique e-mail address, provide as first name "Document", as last name "Deposit Assistant", and have *Can Log In* selected. Click *Create E-Person*. Back in the *E-person management* interface, search for e-people with a string "Deposit Assistant", select the correct *Document Deposit Assistant* e-person from the results, and click *Login as E-Person* (in case it is available) or *Reset Password* in order to provide this user a password.


### Creating a *Document Deposit Assistant* DSpace collection
DDA needs to know about a DSpace *collection* to which it can import its processed new items to.

In your DSpace installation, we suggest to create a new DSpace collection exclusively for DDA imports. This allows you to easily wipe DDA-supplied imports in case something went wrong.
While being logged in as a DSpace administrator, click on *Browse* -> *Communities & Collections* in order to get the *community list* overview. Either create a new community or select a community which you want the *Document Deposit Assistant* collection to be part of, and click *create Collection*. Provide a meaningful name such as *Document Deposit Assistant* and click *Create*.
You will get into the *Edit Collection* dialog. On the *Assign Roles* tab, within the *submitters* section, click *Create...*. This will create a new group which is granted submitter rights to this collection; and you will be brought to the membership dialog for this group. Within this dialog, have a look at the headline. It should be of the form: `Group Editor: COLLECTION_XXX_SUBMIT (id: YYY)`. Keep note of the `XXX` part, as this is the collection *ID* (not collection *handle*) that we will require later. On this submitter group membership dialog, search for e-people with a string "Deposit Assistant", identify the correct *Document Deposit Assistant* e-person from the results, click on its *Add* button, and click *Save* to finalize this step.

### *Document Deposit Assistant* service daemon installation
DDA is a Java-based webservice. It also serves out a web browser user interface (using HTML and AngularJS).
Besides starting DDA directly from the command line (by running `mvn` from DDA's source code root directory), it is possible to setup DDA as a long running service daemon that persists transactional application data (user accounts, settings, in-transit publication metadata, etc.) to a database - in short, follow these steps to set up your own "production-ready" DDA instance.

In the following subsections, we will install DDA on an Ubuntu Linux machine. We will first setup the MySQL database, then prepare the filesystem, and finally install DDA as a Unix service which will automatically start up and shut down your DDA instance during Linux boot-up and shutdown, respectively.

#### Database setup
DDA uses MySQL for persisting data. Assuming a MySQL server is running, and the `mysql` client tool exists, run the following commands in order to set up the DDA MySQL database in a state as expected by DDA's `staging` profile:

```
# The following command creates a new database called "dda" within your MySQL database engine.
# When prompted with *Enter password:* the mysql command expects you to provide the password of MySQL user *root*.

mysql --user=root --password --host=localhost --port=3306 --protocol=TCP --verbose --execute="create database if not exists dda character set utf8 collate utf8_general_ci;"


# The following command creates a new user called "dda". Replace ${MYSQL_USER_DDA_PASSWORD} with a secret password and remember it.
# When prompted with *Enter password:* the mysql command expects you to provide the password of MySQL user *root*.

mysql --user=root --password --host=localhost --port=3306 --protocol=TCP --verbose --execute="create user 'dda'@'localhost' identified by '${MYSQL_USER_DDA_PASSWORD}';"


# The following command grants the new user "dda" all database privileges on the "dda" database.
# When prompted with *Enter password:* the mysql command expects you to provide the password of MySQL user *root*.

mysql --user=root --password --host=localhost --port=3306 --protocol=TCP --verbose --execute="grant all privileges on dda.* to 'dda'@'localhost'; flush privileges;"
```

#### Linux user and filesystem setup
Create a `dda` Linux user:

```
adduser --system --no-create-home --disabled-login --group dda

# Created this way, the `dda` user will have no login shell in order to increase security
# You will still be able to gain a shell for this user, by running the following command
# sudo -u dda bash 
```

Now build a DDA production release. Run the following command:
```
mvn clean package -Pprod -DskipTests
```

This will create the executable web application artifact located at `target/dda-wizard.war`.

Next, create a directory where the DDA binary will reside:

```
sudo sh -c "mkdir /srv/dda"
```

Copy
* `target/dda-wizard.war` to `/srv/dda/dda-wizard.war`, 
* `etc/conf-files/prod/dda-wizard.conf` to `/srv/dda/dda-wizard.conf`, and
* `etc/conf-files/prod/application-prod.yml` to `/srv/dda/application-prod.yml`

Update file `/srv/dda/application-prod.yml` to reflect your production environment - that file has further helpful comments inside. In particular, provide correct values for the following keys:
* `spring.datasource.password`: this is the password of MySQL user `dda`.
* `spring.mail.(host, port, username, password`: these are settings for an SMTP mail server. Events such as user registration will send out e-mails using these settings.
* `server.port`: a TCP port that this DDA instance will listen on. Use a port which is not in use yet on your machine (e.g. 8081, if so).
* `ingester.endpoint`: your DSpace installation's REST endpoint, e.g. `https://www.example.com/rest`
* `ingester.email`: the e-mail address of the DSpace DDA user which you created in step [*Creating a Document Deposit Assistant DSpace user*](#creating-a-document-deposit-assistant-dspace-user)
* `ingester.password`: the password of aforementioned DSpace user
* `ingester.targetCollection`: the DSpace collection *ID* (not collection *handle*) of DDA's import collection which you created in step [*Creating a Document Deposit Assistant DSpace collection*](#creating-a-document-deposit-assistant-dspace-collection).

Set correct directory and file permissions:

```
sudo sh -c "chown -R dda:dda /srv/dda/ && chmod -R u=rx,g=,o= /srv/dda"
# This will set ownership of directory /srv/dda and all its content to user and group `dda`
# and set minimally required access rights in order to further increase security.
```

#### Service registration
Assuming you want to install DDA as a *SystemV init.d* service, first create a symlink from `/etc/init.d/dda-wizard` to the executable WAR file:

```
sudo ln -s /srv/dda/dda-wizard.war /etc/init.d/dda-wizard
```

Second, register DDA to start up and shut down during appropriate Linux lifecycle phases:

```
sudo update-rc.d dda-wizard defaults

# if you later want to deactivate DDA from starting automatically, run
# sudo update-rc.d -f dda-wizard remove
```

Now start up DDA:

```
sudo service dda-wizard start

# to shut down DDA, run `sudo service dda-wizard stop`
```

Start following the DDA log:
```
sudo tail -F /var/log/dda-wizard.log
```

The logs will let you know about the local and external IP addresses and ports on which DDA is listening, e.g. `http://127.0.0.1:8081` and `http://192.0.2.1:8081`, respectively.

* Try curling the local address: `curl http://127.0.0.1:8081`. You should get DDA's landing page HTML content returned on `stdout`.
* Try visiting the external address with your browser.

#### Reverse proxy configuration
TODO Apache configuration, tracked in issue #32.

#### DDA user passwords
TODO how to change passwords, tracked in issue #33.


# Technical overview

This application was generated using [JHipster 2.27.1](https://jhipster.github.io/v2-documentation/).

Before you can build this project, you must go through the following steps once.

DDA uses [Node.js](https://nodejs.org/) to build the project and run a development web server. Depending on your system, you can install Node.js either from source or as a pre-packaged bundle.

DDA was generated with jHipster 2.27.1. If you want to extend the DDA source code base with additional jHipster entities, you will need exactly that version:

    npm install -g yo
    npm install -g generator-jhipster@2.27.1

[Grunt](http://gruntjs.com/) is DDA's front-end build system. Install the grunt command-line tool globally with:

    npm install -g grunt-cli bower

After installing Node, run the following command to install front-end development tools such as [Bower](http://bower.io/) and [BrowserSync](http://www.browsersync.io/). You will only need to run this command whenever front-end dependencies change in file `package.json`:

    npm install

Run the following commands in two separate terminals to create a blissful development experience where your browser auto-refreshes whenever DDA project files change in your filesystem.

    mvn && grunt

Bower is used to manage CSS and JavaScript dependencies. You can upgrade dependencies by specifying a newer version in file `bower.json`. You can also run `bower update` and `bower install` to manage dependencies.
Add the `-h` flag on any command to see how you can use it. For example, `bower update -h`.

## Staging
### Initial setup
The staging environment shall be as close as possible to the production environment. Therefore, run the same commands as listed in the [Database setup][#database-setup] chapter.

### Debugging staging environment
The staging environment is set up in such a way that it allows connecting a remote Java debugger (see file `etc/conf-files/staging/dda-wizard.conf`). You can connect to it like so:
* First, ssh tunnel port-forward the remote debugger port with `ssh -L 8002:localhost:8002 svko-dda-test.gesis.intra`.
* Then, from Eclipse, create a new debug configuration with parameters `localhost` and port `8002`. Click connect.

### Running DDA with the `staging` profile on a development machine
To build a staging version on your development machine, run `mvn package -Pstaging -DskipTests=true`. To run this staging version on your development machine, run `java -jar target/dda-wizard.war --spring.profiles.active=staging`.

# Building for production

To optimize the DDA client for production, run:

    mvn -Pprod clean package

This will concatenate and minify CSS and JavaScript files. It will also modify `index.html` so it references
these new files.

To ensure everything worked, run:

    java -jar target/*.war --spring.profiles.active=prod

Then navigate to [http://localhost:8080](http://localhost:8080) in your browser.

## Testing
Unit tests are run by [Karma](http://karma-runner.github.io/) and written with [Jasmine](http://jasmine.github.io/2.0/introduction.html). They are located in `src/test/javascript` and can be run with:

    grunt test
    
To only test the wizard, you can run:

    mvn test -Dtest=org.gesis.dda.wizard.**.*Test

## Development
### Development methodology
##### Fixing bugs and building features on dedicated branches
It is a best practice to fix a bug and develop a new feature on a dedicated git branch, then, after finishing that task, merging the made changes back into the *master* branch.
* For the whole development group, this helps in maintaining a working DDA Wizard version in the *master* branch - it will never contain a half-baked version.
* For the individual developer(s) working on the branch, it helps to develop on their task with a known DDA Wizard git project state, and changes on the *master* made concurrently by others won't interfere with their work.
* The finalizing merge into master allows to see the *set of changes* made to the whole DDA Wizard git project that are required to show *what* had to be changed in order to fulfill the feature/bugfix.

Follow the following steps in order to work with branches:

```
cd ~/git/dda-wizard/

git checkout master

# get the current DDA Wizard repository state into your local repository
git pull

# create a new FEATURE or BUGFIX branch and give it a meaningful name
git checkout -b FEATURE-fancy-feature

# ... make modifications on this branch FEATURE-fancy-feature
# commit these changes,
# and in case a work-in-progress at the end of the day leaves your branch in an inconsistent, nonworking state,
# then add a 'WIP' work in progress prefix for references.
git add X Y Z
git commit -m "WIP foo"

# save those changes also on the upstream branch
git push
# maybe on first branch push, git will ask you to set the upstream branch... 
# ... in that case, just copy and paste the set-upstream command as provided by git

# make some more edits, adds and commits on the local branch...

# you now think you have finished all work on this branch, git push your branch a final time ...
# DDA Wizard's Jenkins will deploy your branch to dda-wizard.svko-dda-test.gesis.intra ...
# Have all feature/bugfix stakeholders (e.g. Agathe) play with the svko-dda-test instance and give you feedback

# Assuming now that you and all others are happy with what this branch provides, merge that branch into master ...
# First you checkout your local master branch
git checkout master

# fetch and merge latest origin/master commits into your local master branch:
git pull

# now local master branch is up-to-date

# now merge local FEATURE-fancy-feature into your local master:
git merge --no-ff FEATURE-fancy-feature
# in case of merge conflicts, resolve the conflicts (hint: `git mergetool`)
git commit # that's right, don't provide a commit message. Git will generate one for you.

# assuming "merge --no-ff ..." worked, push this commit to remote repository...

git push

# make a final quality assurance test on svko-dda-test, and make sure that both your new changes and all previously developed features and bugfixes work smoothly together...
```

### In-memory database
You can interact with the h2 in-memory database by visiting its web interface at [http://localhost:8080/h2-console](http://localhost:8080/h2-console). As *JDBC URL*, provide `jdbc:h2:mem:dda`. As *User Name*, provide DDA. Keep *Password* empty.

### Debugging
The `dev` profile activates Java debugging capability. You can connect a client debugger by pointing it to `localhost:5005`.

### Project source filesystem layout
    /       <--- development- and build- relevant files, including this README.MD, pom.xml, package.json, Gruntfile.js ... not part of the final build artifact
    |- src/
        |- main/
            |- java/      <--- dda-wizard Java source files
            |- resources/ <--- in the final build artifact, its content will land in /WEB-INF/classes/. This content won't be served out as files via HTTP.
            |- scss/      <--- Gruntfile.js configures the grunt-sass task to process SASS stylesheets in this directory
            |- webapp/    <--- in the final build artifact, its content will land in /. This content will be served out as files via HTTP!

### Build process
DDA is built with Maven. `pom.xml` configures the default `mvn` behavior to run the `spring-boot:run` goal and use the `dev` Maven profile.

#### Building with the default Maven `dev` profile
For the default maven `dev` profile, during the `generate-resources` phase, the `yeoman-maven-plugin` runs the following commands in *this* project's root directory: `npm install && bower install --no-color && grunt sass:server --force`. Let's take a look at each of these frontend-specific build steps:

##### `npm install`
`npm install` investigates file `/package.json` and downloads all (transitive) `dependencies` and `devDependencies` to directory `/node_modules`

##### `bower install --no-color`
`bower install --no-color` investigates file `/bower.json` and sees `appPath` configured to be `src/main/webapp`. Therefore, bower downloads all (transitive) `dependencies` and `devDependencies` to directory `/src/main/webapp/bower_components`

##### `grunt sass:server --force`
`grunt sass:server --force`: grunt interprets file `Gruntfile.js`. It uses [`load-grunt-tasks`](https://github.com/sindresorhus/load-grunt-tasks) to automatically find and register all grunt tasks in /node_modules/* by looking for the default `grunt-*` pattern, including the `sass` task. `Gruntfile.js` configures the `sass` task to have a [target](http://gruntjs.com/api/grunt.task#grunt.task.registermultitask) `sass:server`, which configures `grunt-sass` to find *DDA*'s source Sass stylesheets at `/src/main/scss/`, to find referenced `@imports` in `/src/main/webapp/bower_components/` (using underlying [`node-sass` option `includePaths`](https://github.com/sass/node-sass#options), and to put the generated `.css` output files to `/src/main/webapp/assets/styles/`.

Having this configured, grunt executes this Sass generation.

#### Building with the Maven `staging` profile
For the staging environment DDA is built with the Maven `staging` profile. Let's have a look what is happening when running `mvn clean package -Pstaging`.

The`yeoman-maven-plugin` runs the following commands in *this* project's root directory: `npm install && bower install --no-color && grunt test --no-color && grunt build --no-color`.

##### `grunt test --no-color`
`Gruntfile.js` registers a task `test`. It depends on the following subtasks:
* `clean:server`: this `grunt-contrib-clean` task will delete the [`.tmp` directory](http://stackoverflow.com/q/25621410/923560)
* `wiredep:test`: the `grunt-wiredep` task will update file `src/test/javascript/karma.conf.js` to include all Bower components for Karma tests.
* `ngconstant:dev`: this `grunt-ng-constant` task will create a file `/src/main/webapp/scripts/app/app.constants.js` which acts as an Angular module providing two constants: `ENV=dev` and `VERSION=${POM_VERSION}`.
* `sass:server`. See the discussion earlier in *this* documentation. This task will take all SASS stylesheets from `/src/main/scss/` (and their transitive @import Bower dependencies), convert them to CSS, and place these CSS files into `src/main/webapp/assets/styles/`.
* `karma`: this `grunt-karma` task will use the previously updated configuration file `src/test/javascript/karma.conf.js` to configure Karma JavaScript tests:
  * it loads the following [Karma plugins](https://karma-runner.github.io/1.0/config/plugins.html): `karma-script-launcher, karma-chrome-launcher, karma-html2js-preprocessor, karma-jasmine, karma-requirejs, karma-phantomjs-launcher, karma-coverage, karma-jenkins-reporter`.
  * it activates [Coverage](https://karma-runner.github.io/0.8/config/coverage.html).
  * it uses [Jasmine](https://jasmine.github.io/) as the testing framework
  * it configures as reporters: [`dots`, `progress`](http://stackoverflow.com/a/25601443/923560), [`jenkins` for XML JUnit format reports](https://www.npmjs.com/package/karma-jenkins-reporter), and `Publish JUnit test result report`.
  * it provides to the testing browser all of the following [`files`](http://karma-runner.github.io/1.0/config/files.html): all bower components, all AngularJS frontend files, and almost all files in `/src/test/javascript/**`
`karma-jasmine` will start up the AngularJS application, will additionally set up all Jasmine helpers (located in `/src/test/javascript/spec/helpers/**`) and then run all Jasmine `describe(..)` tests. These tests are located in `/src/test/javascript/spec/**`.

##### `grunt build --no-color`
`Gruntfile.js` registers a task `build`. It depends on the following subtasks:
* `clean:dist`: the `grunt-contrib-clean` task will delete the [`.tmp/`](http://stackoverflow.com/q/25621410/923560) and `/src/main/webapp/dist/` directories.
* `wiredep:app`: this `grunt-wiredep` task will update `/src/main/webapp/index.html` to include Bower JavaScript and Bower CSS dependencies. And will update `/src/main/scss/main.scss` to include Bower SCSS dependencies.
* `ngconstant:prod`: this `grunt-ng-constant` task will create a file `.tmp/scripts/app/app.constants.js` which acts as an Angular module providing two constants: `ENV=prod` and `VERSION=${POM_VERSION}`.
* `useminPrepare`: this [`grunt-usemin`](https://github.com/yeoman/grunt-usemin#the-useminprepare-task) task takes file `/src/main/webapp/index.html` and examines all its `build:js` and `build:css` blocks. It will then dynamically add to the Grunt configuration additional tasks targets, `concat:generated`, `uglifyjs:generated`, `cssmin:generated` and `autoprefixer:generated`.
* `ngtemplates`: this [`grunt-angular-templates`](https://github.com/ericclemmons/grunt-angular-templates) task takes all jHipster- and DDA-specific HTML files and generates a n HTML-minified, JavaScript-based templates file from it to location `/.tmp/templates/templates.js`.
* `sass:server`: See the discussion earlier in *this* documentation. This task will take all SASS stylesheets from `/src/main/scss/` (and their transitive `@import` Bower dependencies), convert them to CSS, and place these CSS files into `src/main/webapp/assets/styles/`.
* `imagemin`: this [`grunt-contrib-imagemin`](https://github.com/gruntjs/grunt-contrib-imagemin) task will take all JPEG images from directory `/src/main/webapp/assets/images/**`, minify them, and copy the results to `/src/main/webapp/dist/assets/images/`
* `svgmin`: this [`grunt-svgmin`](https://github.com/sindresorhus/grunt-svgmin) behaves identical to aforementioned `imagemin` task, but for SVG images.
* `concat`: this [`grunt-contrib-concat`](https://github.com/gruntjs/grunt-contrib-concat) task will execute the previously generated `concat:generated` target (generated by `useminPrepare`). This target bundles all DDA-specific JavaScript files into a single temporary file `/.tmp/concat/scripts/app.js` ... and all Bower JavaScript dependencies in a single temporary file `/.tmp/concat/scripts/vendor.js`.
* `copy:fonts`: this [`grunt-contrib-copy`](https://github.com/gruntjs/grunt-contrib-copy) target copies all Bootstrap fonts to `/src/main/webapp/dist/assets/fonts/`
* `copy:dist`: this `grunt-contrib-copy` target copies from `/src/main/webapp/` all HTML files, all images, and all fonts verbatim to `/src/main/webapp/dist/`.
* `ngAnnotate`: the [grunt-ng-annotate](https://github.com/mgol/grunt-ng-annotate) task allows for expressing [AngularJS dependency annotations](https://docs.angularjs.org/guide/di#dependency-annotation) [differently](https://www.npmjs.com/package/ng-annotate).
* `cssmin`: this [`grunt-contrib-cssmin`](https://github.com/gruntjs/grunt-contrib-cssmin) task will execute the previously generated `cssmin:generated` target (generated by `useminPrepare`). `useminPrepare`'s `/src/main/webapp/index.html` analysis will have `cssmin:generated` take file `/src/main/webapp/assets/styles/main.css` (previously generated during the `sass:server` target), css-minify it, and place it to `/.tmp/cssmin/assets/styles/main.css`... Also, the `index.html` analysis will take all Bower CSS dependencies, concatenate them to one bundle, minify that bundle, and place that minified bundle in and place it to `/.tmp/cssmin/assets/styles/vendor.css`.
* `autoprefixer`: this [grunt-autoprefixer](`https://github.com/nDmitry/grunt-autoprefixer`) task will execute the previously generated `autoprefixer:generated` target (generated by `useminPrepare`). This target takes the outputs from the previous usemin-css step target `cssmin:generated` and prefixes CSS properties with vendor prefixes. As `autoprefixer` is the last step in the usemin CSS pipeline, the final usemin CSS artifacts will land in the paths as specified with `useminPrepare.options.dest + $(build:css-annotations-found-in-index.html)`: `/src/main/webapp/dist/assets/styles/main.css` and `/src/main/webapp/dist/assets/styles/vendor.css`.
* `uglify`: this [`grunt-contrib-uglify`](https://github.com/gruntjs/grunt-contrib-uglify) task will execute the previously generated `uglify(js):generated` target (generated by `useminPrepare`). This target takes the output from the previous usemin-js step target `concat:generated` and uglify-js-minifies it. As `uglify` is the last step in the usemin JS piepline, the final usemin JS artifacts will land in the paths as specified with `useminPrepare.options.dest + $(build:js-annotations-found-in-index.html)`: `/src/main/webapp/dist/scripts/app.js` and `/src/main/webapp/dist/scripts/vendor.js`.
* `rev`: this [grunt-rev](https://github.com/sebdeckers/grunt-rev) task uses *revving* to rename JS, CSS, image, and font files in the `/src/main/webapp/dist/` directory.
* `usemin`: this [grunt-usemin](https://github.com/yeoman/grunt-usemin#the-usemin-task) task investigates all HTML files within the `/src/main/webapp/dist/` directory (previously copied there during the `copy:dist` target execution). The task will find references to unconcatenanted, unrevved assets (JS, CSS, images), then replace these references with the concatenated single-bundles-and-revved filenames.
* `htmlmin`: this [`grunt-contrib-htmlmin`](https://github.com/gruntjs/grunt-contrib-htmlmin) task takes all `/src/main/webapp/dist/*.html` files and html-minifies them in-place.

# Walkthroughs and architectures

## Front-end AngularJS walkthrough
The Spring backend serves out, via HTTP, either the unprocessed or the Grunt-processed (i.e., minified, concatenated, revved, etc.) frontend artifacts. Whether unprocessed or processed artifacts are served out depends on which Spring profile is active: among other things, `@Configuration` class `org.gesis.dda.wizard.config.WebConfigurer` checks for an active `prod` Spring profile. If the `prod` profile is active, `WebConfigurer` will add an additional servlet filter called `StaticResourcesProductionFilter` to the filter chain. That filter forwards (server-side and therefore opaque to the visiting user) any frontend artifact request to the same address prefixed with `/dist` (see *Servlet 3.1* specification, *10.5 Directory Structure* for more information on how static Servlet directory content gets served out). During the Grunt build phase, processed frontend artifacts were put into directory `/dist/`.

If the `prod` profile is not active, requests for frontend artifacts will be served out normally, i.e. relative to the servlet's root directory.

Either way, an HTTP request for `/` will serve out the corresponding `index.html` artifact. `index.html` in turn references all JavaScript assets, including file `app.js`.

### `app.js`
`app.js` creates a new module, `ddaApp`, and provides all of its dependent modules. The `ddaApp` module:
* configures the *cache buster* service and *$httpProvider*'s CSRF token name.
* configures the abstract *root* state named `site`.
* configures the AngularUI view `navbar@` for the [root unnamed template `index.html`](https://github.com/angular-ui/ui-router/wiki/Multiple-Named-views#view-names---relative-vs-absolute-names). Also, `$stateProvider` is configured in such a way to `resolve`-inject a dependency named `authorize` - an alias for `Auth` service's `authorize()` method.
* configures `$httpProvider` interceptors which
  * in error conditions emit an error event on `$rootScope` (`errorhandler.interceptor.js`);
  * redirect to login and retry on CSRF-missing responses (`auth.interceptor.js`); and
  * trigger the `AlertService` if an `X-ddaApp-alert` response header is present (`notification.interceptor.js`).

Once all these modules have been loaded and configured, it runs an initialization function:
It sets `$rootScope`s `ENV` and `VERSION` (as generated to file `app.constants.js`).
It registered an AngularUI state change listener, which sets the requested `toState` in the `$rootScope` and introduces a router hook for further AngularUI route manipulation: The hook will check if the user is authenticated or not, probably route the user differently (e.g., redirecting a logged-in user from requested `login` state to `home` state), and possibly routing the user to `accessdenied` state in case they are missing the required authorization. Also, the application's routing behavior is augmented so that the window's title reflects the current route's `data.pageTitle`; and unknown routes get redirected to `/`.

AngularUI's router is configured by configuring the `$stateProvider`. The jHipster convention is to have a single `x.js` file for each unique state `x`. That `x.js` file then calls module `ddaApp` `config(..)` injector to set up this state.

This convention is used for example in file `main.js`: it configures a state `home` (inheriting from state `site`).
As state `home` configures its `url` to be `/` (or synonymously `index.html`), this state is the initial state.
`index.html` provides two AngularUI view placeholders: `navbar` and `content`. The `home` state fills the `content` view with `main.html` and uses the `MainController`. This controller adds to its `$scope` the user's account data promise and the `isAuthenticated()` method. All children scopes will inherit these properties.

`main.html` provides an *a href* to `#/login`. Clicking this link will command the AngularUI to go to state `login`. Also this route is conventionally configured in file `login.js`.

State `login`'s ancestors are `account -> site`. State `login` adds as [*custom state data*](https://github.com/angular-ui/ui-router/wiki#attach-custom-data-to-state-objects) an empty `authorities` array and a custom `pageTitle`. Also, the `login` state fills into the `content` view `login.html` with the `LoginController`.

What's up with that `authorities` array?
In jHipster's convention, each state can have as state data an array `data.authorities`, containing entries for all authority roles that each is permitted to access this state. This rule got activated when `app.js` configured the AngularUI router to call `Auth.authorize()` whenever an `$stateChangeStart` event is received. If the `data.authorities` array is empty, then this means that no authorities are required - therefore `login` can always be accessed for unauthenticated visitors.

Let's assume we have successfully logged in and we are back at the route `/`. The `main` state configures for the `content@` view `templateUrl=main.html`; and (transitively via the parent `site` (`app.js`) state) for the `navbar@` view `templateUrl=navbar.html`.

Let's have a look at `navbar.html`: `NavbarController` provides to its scope the methods for checking `Principal.isAuthenticated()` and `Auth.logout()`. Therefore, these methods can be referenced within `navbar.html`, e.g. with the attributes `ng-click="logout()"` or `ng-switch="isAuthenticated()"`. Depending on the `isAuthenticated()` result, specific DOM elements are added or removed from the DOM. So for instance, only if `isAuthenticated()` evaluates to `false` will the *Sign in* and *Register* entries appear in the *Account* navbar section.

When logged in, the *Entities* navbar section will show only those entity types for which the currently logged-in user has permissions to interact with. This behavior is defined by the `has-authority` attribute directive (file `authority.directive.js`). That directive registers a listener (`scope.$watch(..)`). That listener is fired everytime a *digest cycle* is triggered by the AngularJS framework. Whenever `Principal.isAuthenticated()`'s evaluation result changes between two consecutive *digest cycles* (so either going from `true` to `false`; or from `false` to `true`) will that directive's behavior be executed (i.e., add or remove the `hidden` class).

Let's now assume we are logged in, we are currently on the root `home` state, then are about to select the *Bundles source* entry. Let's further assume we have a valid access-granting authority.

`navbar.html` has for the *Bundles source* declared the attribute `ui-sref="bundlesSource"`. That means that as soon as we click on *Bundles source*, the AngularUI router will start moving the router to state `bundlesSource`.

State `bundlesSource` is defined in file `bundlesSource.js`, with a `url=/bundlesSources`. The state hierarchy is `bundlesSource -> entity -> site`. Also this state fills the `content@` view with its own template `bundlesSources.html` and controller `BundlesSourceController`. That controller interacts with the `BundlesSource` $resource REST service (`bundlesSource.service.js`) - e.g., everytime this controller is activated, it will call `$scope.loadAll()`, concurrently populating the `$scope.bundlesSources` array with data returned from the remote REST endpoint.