Zzzz/Book-management-system
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
Book-management-system/.trellis/spec/backend/quality-guidelines.md
T
Zzzz d917a6247c trellis元数据更改
2026-04-27 23:42:38 +08:00

71 lines
2.3 KiB
Markdown
Raw Permalink Blame History

# Quality Guidelines
> Backend quality constraints for the JSP + Servlet + MySQL application.
---
## Overview
No application source code exists yet, but the developer has established the
backend stack and layered design. Future backend work should preserve those
decisions and update these specs with real file paths once code exists.
---
## Required Patterns
- Keep strict layer boundaries: Servlet -> Service -> DAO -> MySQL.
- Use JSP/CSS only for presentation; JSPs must not contain SQL or business
workflow logic.
- Validate request parameters in Servlet controllers before calling services.
- Enforce permission checks in filters/services for administrator, librarian,
and reader roles.
- Keep inventory status updates inside service workflows so borrow, return,
renew, overdue handling, and book intake remain consistent.
- Use primary keys and foreign keys for core entity relationships.
- Record key operations and exceptions according to the logging spec.
---
## Forbidden Patterns
- Do not introduce React, Vue, SPA routing, ORM conventions, or non-Servlet
backend frameworks unless the developer explicitly changes the stack.
- Do not place SQL in JSP files or directly in presentation helpers.
- Do not put business workflows in DAO classes.
- Do not rely on client-side validation as the only validation for protected
operations.
- Do not expose stack traces, raw SQL errors, or sensitive personal data to end
users.
---
## Checks And Testing
When Java source exists, document and run the actual compile/test commands for
the chosen IDEA/Tomcat project structure. Until then, documentation-only
changes should run Trellis validation, Python compile checks for Trellis
scripts when relevant, and placeholder scans for scaffold markers.
For this workspace, Maven is available at:
```bash
/home/sjy/.sdkman/candidates/maven/current/bin/mvn
```
Use the explicit path when `mvn` is not on `PATH`:
```bash
/home/sjy/.sdkman/candidates/maven/current/bin/mvn clean package
```
---
## Review Checklist
- Does the change preserve JSP + Servlet + MySQL + Tomcat assumptions?
- Are Servlet, service, DAO, and JSP responsibilities separated?
- Are book, category, reader, borrowing, administrator, permission, and log
data flows covered where relevant?
- Are role permissions and operation logs handled for protected workflows?
Reference in New Issue View Git Blame Copy Permalink