forked from fa/breadcrumb-the-shire
Make the core-primitive-end-to-end rule for Grid.js list exports binding instead of advisory — so future consumers (and reviewers) cannot quietly drift back into inline fputcsv / hand-rolled headers / bespoke click listeners / lurl() for query-carrying URLs. - CLAUDE.md: new UI Patterns bullet + two "Never Do This" entries spelling out the server/view/client contract in one place. - .agents/checks/guard-catalog.json: new GR-UI-EXPORT entry describing the end-to-end requirement (exportRequireGetRequest + exportCapLimit + exportSendCsv + ExportColumn + shared filter-schema + dropdown partial + endpointUrl() + initListExport). - .agents/checks/guard-enforcement-map.json: wire the new guard to tests/Architecture/ListExportContractTest.php as the automated evidence source. - .agents/checks/guard-checklist.md & .agents/prompts/reviewer-code.md: add GR-UI-EXPORT so the Code Reviewer prompt and the checklist flag violations alongside GR-UI-LIST. - tests/Architecture/ListExportContractFiles: registry of every list export (currently helpdesk-domains, admin/users, audit/system-audit). Adding a new list = one entry, contract test covers the rest. - tests/Architecture/ListExportContractTest: six checks per registered entry — endpoint uses the primitive, no hand-rolled output, data and export share the same filter-schema, template includes the dropdown partial and uses endpointUrl(), page module imports and invokes initListExport, and the shared dropdown partial stays zero-config. - pages/admin/users/export().php: align with the new contract by switching from ad-hoc requestInput()->queryAll() reads to gridParseFiltersFromSchemaFile(__DIR__ . '/filter-schema.php'), same as the data endpoint — eliminates the last place Grid and export could disagree on what "the current filter" means. Gates: PHPUnit 1900 OK (+6 contract checks), PHPStan 0 errors. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2.7 KiB
2.7 KiB
Code Review Checklist
Use this checklist for the Code Reviewer role.
Guard IDs live in .agents/checks/guard-catalog.json (guards where reviewer = code).
Architecture & Conventions
GR-CORE-003request input via requestInput(); no $_POST/$_GET/$_FILESGR-CORE-007OpenAPI updated when API endpoints changedGR-CORE-010DB schema changes shipped as idempotent scripts in db/updates/GR-CORE-011new settings in DB settings table, not config filesGR-CORE-012successful mutating POSTs use PRG pattern; flash before redirect
Testing
GR-TEST-001new/changed Service/Gateway logic has PHPUnit tests (happy + edge case)GR-TEST-002new code uses constructor injection; no hidden global state
UI (skip if backend-only)
GR-UI-014new views/components handle loading, empty, error, success statesGR-UI-LISTlist/grid standards preserved (row actions, page size, initStandardListPage)GR-UI-EXPORTlist exports go through the core primitive: server uses exportRequireGetRequest + exportCapLimit + exportSendCsv + ExportColumn, shares filter-schema.php with the data endpoint; view usesapp-list-export-dropdown.phtmlpartial andendpointUrl()(neverlurl()) for the exportUrl; JS callsinitListExportfrom/js/core/app-list-export.js. Add the new list totests/Architecture/ListExportContractFiles.php.GR-UI-DETAILdetail page contracts, shared partials, no inline confirm, layout systemGR-UI-A11Yno a11y regression; new components use semantic HTML, keyboard-operableGR-UI-I18Nall visible text uses t(); keys present in all language filesGR-UI-REUSEexisting JS/CSS checked before adding new functions/rules
Quality Gates
- required always (per
enforcement-policy.json):QG-001,QG-002,QG-003,QG-006,QG-008,QG-009 QG-004structural checks reported when relevantQG-005JS smoke for JS-touching changesQG-007composer-unused is periodic / non-blocking
Security Review Checklist
Use this checklist for the Security Reviewer role.
Guard IDs live in .agents/checks/guard-catalog.json (guards where reviewer = security).
Security
GR-SEC-001CSRF token verified on every POST before processingGR-SEC-002no PII or secrets in logs/audit metadataGR-SEC-003all SQL via Repository with prepared statementsGR-SEC-004no external CDN or remote asset loadingGR-SEC-005encryption only via core/Support/Crypto.phpGR-SEC-006file uploads in storage/ only; authz-gated serving; MIME validatedGR-SEC-007API requests do not start sessionsGR-SEC-008authorization enforced server-sideGR-SEC-009tenant scope enforced server-side; tenant_id filtering on all scoped queries