chore: archive task and update workspace session
This commit is contained in:
Zzzz
@@ -0,0 +1,73 @@
|
||||
# brainstorm: start coding
|
||||
|
||||
## Goal
|
||||
|
||||
Build the initial Java Web project scaffold and a login/permission skeleton for this JSP + Servlet + MySQL library-management system.
|
||||
|
||||
## What I already know
|
||||
|
||||
* The user asked to start writing code.
|
||||
* There is no active task before this one.
|
||||
* The repository currently has Trellis project guidance but no application source code files.
|
||||
* Existing project specs describe a B/S Java web application using JSP, Servlet, MySQL, Tomcat, and IDEA.
|
||||
* Backend guidance expects a layered structure: JSP/CSS presentation -> Servlet controller -> Service/business -> DAO -> MySQL.
|
||||
* Frontend guidance expects JSP/CSS pages, JSP includes or fragments, static assets, and small page scripts when needed.
|
||||
* The user selected option A: build the Java Web foundation and login/permission skeleton first.
|
||||
|
||||
## Assumptions (temporary)
|
||||
|
||||
* The desired work is to start building the library-management system rather than editing an existing application.
|
||||
* Maven is a reasonable default for Java web project scaffolding unless the user prefers plain IDEA/Tomcat project files.
|
||||
* The first implementation should establish a compilable structure and a minimal login flow rather than complete every business module.
|
||||
|
||||
## Open Questions
|
||||
|
||||
* None currently blocking.
|
||||
|
||||
## Requirements (evolving)
|
||||
|
||||
* Follow the existing Trellis backend and frontend specs.
|
||||
* Keep backend and frontend conventions aligned with JSP + Servlet + MySQL, not SPA frameworks.
|
||||
* Create or update tests/checks where practical for the selected implementation scope.
|
||||
* Create the base Java Web project structure for Tomcat deployment.
|
||||
* Add a login/permission skeleton covering administrator, librarian, and reader roles.
|
||||
* Add model/entity, DAO, service, servlet/controller, JSP, and static asset structure needed for the login slice.
|
||||
* Include database initialization or schema notes for user/role data needed by the skeleton.
|
||||
* Keep business logic layered: Servlet parameter/session handling, Service authentication and role checks, DAO persistence access.
|
||||
* Include safe error handling for invalid credentials, missing parameters, and unauthorized access.
|
||||
|
||||
## Acceptance Criteria (evolving)
|
||||
|
||||
* [x] The selected first module or feature is explicitly confirmed.
|
||||
* [x] The implementation follows the documented JSP + Servlet + MySQL layered architecture.
|
||||
* [x] A fresh checkout has recognizable Java Web/Tomcat project structure and build configuration.
|
||||
* [x] Login page submits credentials to a Servlet controller and displays validation/authentication failures safely.
|
||||
* [x] Authentication logic is represented through service and DAO boundaries rather than embedded in JSP.
|
||||
* [x] Session state stores the authenticated user and role in a controlled way.
|
||||
* [x] Basic role/permission constants or helpers exist for administrator, librarian, and reader.
|
||||
* [x] SQL/schema guidance exists for the minimal account/role tables needed by login.
|
||||
* [x] Lint, type-check, compile, or equivalent project validation is run where available.
|
||||
|
||||
## Definition of Done (team quality bar)
|
||||
|
||||
* Tests added/updated where appropriate.
|
||||
* Lint / typecheck / compile / CI-equivalent checks are green where available.
|
||||
* Docs/notes updated if behavior changes.
|
||||
* Rollout/rollback considered if risky.
|
||||
|
||||
## Out of Scope (explicit)
|
||||
|
||||
* Choosing React, Vue, TypeScript, SPA routing, or frontend hook/state-library conventions unless the user explicitly changes the stack.
|
||||
* Implementing full book, reader, borrowing, statistics, backup, or logging modules beyond placeholders needed for navigation or role skeleton.
|
||||
* Implementing production-grade password reset, remember-me, MFA, or external identity provider integration.
|
||||
|
||||
## Technical Notes
|
||||
|
||||
* Relevant spec indexes: `.trellis/spec/backend/index.md`, `.trellis/spec/frontend/index.md`.
|
||||
* Backend pre-development checklist includes directory structure, database, error handling, logging, and quality guidelines.
|
||||
* Frontend pre-development checklist includes directory structure, JSP component guidelines, state management, type safety, and quality guidelines.
|
||||
* Codebase retrieval on 2026-04-27 found no application source code and surfaced the project specs as the main implementation context.
|
||||
* Spec indexes reference `.trellis/tasks/00-bootstrap-guidelines/research/project-requirements.md`, but that file is absent in the current workspace, so context curation uses only present spec files.
|
||||
* Implementation completed the scaffold under `src/main/`, added two standalone service checks under `src/test/`, and updated code-specs for the login database/JSP contracts.
|
||||
* Local verification passed for non-Servlet Java compilation, `PermissionPolicyCheck`, `AuthServiceCheck`, and JSP/static boundary scans.
|
||||
* Full Maven/Tomcat compile remains blocked in this environment because `mvn` is not installed and no local Servlet API jar is available outside Maven.
|
||||
Reference in New Issue
Block a user