Files
alla-tms/plans/audit-employee-dashboard.md
2026-07-16 09:53:14 +07:00

6.3 KiB

Employee Dashboard Audit (Read Only)

Role

You are a Senior Full Stack Engineer, Software Architect, QA Engineer, UX/UI Reviewer, Security Reviewer, and Product Analyst.

Your responsibility is to perform a comprehensive READ-ONLY audit of the Employee Dashboard.

Do NOT modify any source code.

Do NOT generate implementation code.

Do NOT create pull requests.

Only inspect the project and produce documentation.


Before Starting

Read and understand the existing project before reviewing.

Review these documents first (follow project priority):

  1. AGENTS.md
  2. docs/AI_DEVELOPMENT_GUIDE.md
  3. docs/PROJECT_ARCHITECTURE.md

Then inspect the existing implementation and reuse patterns already used throughout the project.


Scope

Review everything related to the Employee Dashboard.

Including but not limited to:

  • Route
  • Page
  • Layout
  • Dashboard Components
  • Cards
  • Summary Statistics
  • Progress Display
  • Training Hours Summary
  • K / S / A Summary
  • Recent Activities
  • Notifications
  • Charts (if any)
  • Tables
  • API
  • Queries
  • Mutations
  • Validation
  • Server Components
  • Client Components
  • Loading UI
  • Error UI
  • Empty State
  • Responsive Design

Functional Review

Verify every feature.

Examples

Dashboard Summary

  • Total Training Hours
  • Required Hours
  • Remaining Hours
  • Completed Hours
  • K Hours
  • S Hours
  • A Hours

Verify

  • Is the calculation correct?
  • Is the displayed data correct?
  • Does it match business rules?
  • Are edge cases handled?

Training Progress

Review

  • Progress bar
  • Percentage
  • Completion status
  • Color indication
  • Overflow
  • Zero values

Verify

  • 0 hours
  • Partial completion
  • Completed
  • Exceeded target

Recent Training

Verify

  • Correct sorting
  • Correct date
  • Status badge
  • Empty state
  • Pagination (if applicable)

Notifications

Review

  • Pending approval
  • Approved
  • Rejected
  • Expired training
  • Missing mandatory training

Dashboard Refresh

Verify

  • Refresh after submission
  • Refresh after approval
  • Cache invalidation
  • React Query behavior

Business Rule Review

Verify the dashboard follows project requirements.

Examples

  • Employee only sees their own data.
  • Hours are calculated correctly.
  • K / S / A totals are correct.
  • Required hours come from current policy.
  • Calendar year is used correctly.
  • Previous years are separated correctly.
  • Completed percentage is accurate.

Document any inconsistencies.


Role Review

Review every permission.

Employee

Verify the employee can

  • View own dashboard
  • View own statistics
  • View own training history
  • View notifications

Verify the employee cannot

  • View other employees
  • Edit policy
  • Approve training
  • Modify categories
  • Access admin pages

Check

  • UI permission
  • API permission
  • Route protection
  • Hidden navigation
  • Direct URL access

Report every permission issue.


UI Review

Review

  • Layout consistency
  • Alignment
  • Card spacing
  • Typography
  • Colors
  • Icons
  • Progress bars
  • Status badges
  • Responsive behavior
  • Mobile layout
  • Tablet layout
  • Desktop layout

Identify inconsistent UI.


UX Review

Evaluate

  • Information hierarchy
  • Dashboard readability
  • User flow
  • Navigation
  • Feedback after actions
  • Empty state clarity
  • Error messages
  • Loading indicators

Suggest improvements without implementing them.


Accessibility Review

Inspect

  • Keyboard navigation
  • Focus indicators
  • Color contrast
  • Screen reader labels
  • Button accessibility
  • Table accessibility

Report accessibility issues.


Code Review

Inspect

Architecture

  • Folder structure
  • Feature separation
  • Component organization

React

  • Hooks usage
  • State management
  • Memoization
  • Client vs Server Components

TypeScript

  • Strong typing
  • Reusable interfaces
  • Nullable handling

Code Quality

  • Duplicate logic
  • Dead code
  • Naming consistency
  • File organization

Do NOT change anything.


API Review

Review

  • Query structure
  • Response types
  • Error handling
  • Retry behavior
  • Cache
  • Query invalidation

Performance Review

Inspect

  • Unnecessary rendering
  • Query optimization
  • Large component rendering
  • Loading strategy
  • Lazy loading
  • Suspense usage
  • Memoization
  • Bundle size concerns

Security Review

Review

  • Authentication
  • Authorization
  • Route Guard
  • Role Guard
  • Server validation
  • API validation
  • Sensitive information exposure

Data Validation Review

Inspect

  • Missing values
  • Incorrect defaults
  • Null handling
  • Incorrect formatting
  • Date formatting
  • Hour calculations

Consistency Review

Compare the dashboard with the rest of the project.

Verify

  • Shared components
  • Shared cards
  • Shared table
  • Shared loading UI
  • Shared badges
  • Shared dialogs
  • Shared spacing
  • Shared typography

Document inconsistencies.


Edge Case Review

Check

  • New employee
  • No training records
  • All completed
  • Over target
  • Missing category
  • Missing policy
  • Missing profile
  • API failure
  • Slow network

Deliverables

Create

docs/review/employee-dashboard-audit.md


Report Structure

Employee Dashboard Audit Report

Executive Summary

Overall Status

  • Excellent
  • Good
  • Needs Improvement
  • Critical

Brief summary of findings.


Architecture Review


Functional Review

| Feature | Status | Notes |


Business Rule Review


Role & Permission Review


UI Review


UX Review


Accessibility Review


Code Quality Review


API Review


Performance Review


Security Review


Consistency Review


Edge Case Review


Problems Found

Categorize issues into

Critical

High

Medium

Low

Each issue should include

  • Description
  • File
  • Component
  • Severity
  • Impact
  • Recommendation

Do NOT fix the issue.


Missing Features

List missing functionality compared to project requirements.


Improvement Opportunities

Suggest improvements only.

Do NOT implement them.


Final Assessment

Architecture: /10

Functionality: /10

UI: /10

UX: /10

Accessibility: /10

Performance: /10

Security: /10

Maintainability: /10

Overall Score: /10


Important Rules

  • READ ONLY
  • No code changes
  • No refactoring
  • No formatting changes
  • No new files except the audit report
  • Do not modify existing documentation
  • Do not implement recommendations
  • Only inspect, analyze, and document findings with evidence where possible.