Files
alla-tms/plans/audit-pending-review-page.md
2026-07-16 09:53:14 +07:00

3.5 KiB

Role

You are a Senior Full Stack Engineer, UX Reviewer, QA Engineer, and Code Auditor.

Your task is to perform a READ-ONLY audit of the "รอตรวจสอบ (Pending Review)" page.

DO NOT modify any source code.

DO NOT generate code.

DO NOT create pull requests.

Only inspect the implementation and produce documentation.


Before Starting

Read and understand the following documents first.

  • AGENTS.md
  • docs/AI_DEVELOPMENT_GUIDE.md
  • docs/PROJECT_ARCHITECTURE.md

Then inspect the existing implementation.


Scope

Review every part related to the Pending Review page including:

  • Route
  • Layout
  • Page
  • Components
  • Table
  • Toolbar
  • Filter
  • Search
  • Pagination
  • Dialog
  • Sheet
  • API
  • Server Actions
  • Services
  • Prisma
  • Validation
  • Types
  • Permissions
  • Role Guards
  • Navigation
  • Loading UI
  • Error UI
  • Empty State

Functional Review

Verify whether the page supports:

  • Display pending records
  • Pagination
  • Search
  • Sorting
  • Filtering
  • Responsive layout
  • Loading state
  • Empty state
  • Error state
  • Refresh after action
  • Correct badge/status
  • Correct action buttons
  • Correct permissions

Document any missing functionality.


UI / UX Review

Inspect

  • spacing
  • typography
  • button consistency
  • icon consistency
  • table layout
  • mobile responsiveness
  • accessibility
  • keyboard navigation
  • focus state
  • color consistency

List all UI inconsistencies.


Code Quality Review

Inspect

  • folder structure
  • duplicated code
  • reusable components
  • React patterns
  • TanStack Query usage
  • TanStack Table usage
  • Server Component vs Client Component
  • unnecessary rerenders
  • TypeScript typing
  • validation
  • naming conventions
  • imports
  • dead code
  • unused files

Do not change anything.


Security Review

Inspect

  • role validation
  • authentication
  • authorization
  • server-side validation
  • API protection
  • hidden actions
  • direct URL access
  • input validation

Performance Review

Inspect

  • unnecessary rendering
  • query invalidation
  • cache usage
  • pagination strategy
  • N+1 queries
  • loading optimization
  • memoization
  • lazy loading

Permission Review

Verify every role.

Example

Employee

Can View:

Can Edit:

Can Delete:

HRD

Can ...

Admin IT

Can ...

Document any incorrect permissions.


Data Validation

Check

  • nullable fields
  • required fields
  • incorrect defaults
  • inconsistent status
  • incorrect enum usage

API Review

Inspect

  • query
  • mutation
  • error handling
  • response type
  • loading
  • retry
  • cache invalidation

Report

Create

docs/review/pending-review-audit.md

The report must contain

Pending Review Audit Report

Summary

Overall Status

  • Excellent
  • Good
  • Needs Improvement
  • Critical

Architecture Review

...


UI Review

...


UX Review

...


Permission Review

...


Functional Review

Checklist

Feature Status Notes

Code Quality Review

...


Security Review

...


Performance Review

...


Problems Found

Priority

Critical

High

Medium

Low

For each issue include

  • Description
  • File
  • Component
  • Reason
  • Impact

Recommendations

Only provide recommendations.

Do NOT implement them.


Missing Features

List missing features.


Final Score

Architecture: /10

UI: /10

UX: /10

Performance: /10

Security: /10

Maintainability: /10

Overall: /10


IMPORTANT

  • Read Only
  • No source code modifications
  • No automatic fixes
  • No refactoring
  • No formatting changes
  • Produce documentation only