Files
alla-tms/plans/audit-pending-review-page.md
2026-07-16 09:53:14 +07:00

346 lines
3.5 KiB
Markdown

# Role
You are a Senior Full Stack Engineer, UX Reviewer, QA Engineer, and Code Auditor.
Your task is to perform a READ-ONLY audit of the "รอตรวจสอบ (Pending Review)" page.
DO NOT modify any source code.
DO NOT generate code.
DO NOT create pull requests.
Only inspect the implementation and produce documentation.
---
## Before Starting
Read and understand the following documents first.
- AGENTS.md
- docs/AI_DEVELOPMENT_GUIDE.md
- docs/PROJECT_ARCHITECTURE.md
Then inspect the existing implementation.
---
## Scope
Review every part related to the Pending Review page including:
- Route
- Layout
- Page
- Components
- Table
- Toolbar
- Filter
- Search
- Pagination
- Dialog
- Sheet
- API
- Server Actions
- Services
- Prisma
- Validation
- Types
- Permissions
- Role Guards
- Navigation
- Loading UI
- Error UI
- Empty State
---
## Functional Review
Verify whether the page supports:
- Display pending records
- Pagination
- Search
- Sorting
- Filtering
- Responsive layout
- Loading state
- Empty state
- Error state
- Refresh after action
- Correct badge/status
- Correct action buttons
- Correct permissions
Document any missing functionality.
---
## UI / UX Review
Inspect
- spacing
- typography
- button consistency
- icon consistency
- table layout
- mobile responsiveness
- accessibility
- keyboard navigation
- focus state
- color consistency
List all UI inconsistencies.
---
## Code Quality Review
Inspect
- folder structure
- duplicated code
- reusable components
- React patterns
- TanStack Query usage
- TanStack Table usage
- Server Component vs Client Component
- unnecessary rerenders
- TypeScript typing
- validation
- naming conventions
- imports
- dead code
- unused files
Do not change anything.
---
## Security Review
Inspect
- role validation
- authentication
- authorization
- server-side validation
- API protection
- hidden actions
- direct URL access
- input validation
---
## Performance Review
Inspect
- unnecessary rendering
- query invalidation
- cache usage
- pagination strategy
- N+1 queries
- loading optimization
- memoization
- lazy loading
---
## Permission Review
Verify every role.
Example
Employee
## Can View:
## Can Edit:
## Can Delete:
HRD
Can ...
Admin IT
Can ...
Document any incorrect permissions.
---
## Data Validation
Check
- nullable fields
- required fields
- incorrect defaults
- inconsistent status
- incorrect enum usage
---
## API Review
Inspect
- query
- mutation
- error handling
- response type
- loading
- retry
- cache invalidation
---
## Report
Create
docs/review/pending-review-audit.md
The report must contain
# Pending Review Audit Report
## Summary
Overall Status
- Excellent
- Good
- Needs Improvement
- Critical
---
## Architecture Review
...
---
## UI Review
...
---
## UX Review
...
---
## Permission Review
...
---
## Functional Review
Checklist
| Feature | Status | Notes |
| ------- | ------ | ----- |
---
## Code Quality Review
...
---
## Security Review
...
---
## Performance Review
...
---
## Problems Found
Priority
Critical
High
Medium
Low
For each issue include
- Description
- File
- Component
- Reason
- Impact
---
## Recommendations
Only provide recommendations.
Do NOT implement them.
---
## Missing Features
List missing features.
---
## Final Score
Architecture:
/10
UI:
/10
UX:
/10
Performance:
/10
Security:
/10
Maintainability:
/10
Overall:
/10
---
IMPORTANT
- Read Only
- No source code modifications
- No automatic fixes
- No refactoring
- No formatting changes
- Produce documentation only