Skip to content
/ DevChecklist Public

List of things to check before marking a piece of code as 'complete'

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

oneillci/DevChecklist

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

17 Commits
README.md
README.md
 
 

Repository files navigation

#Dev Checklist

##Things to check before code is 'complete'

###Client-side

  1. Has javascript been unit tested?
  2. Test page in various browsers (support back to IE8) for UI bugs
  3. All html forms (think POST) should have @Html.AntiForgeryToken()
  4. All form headers should be driven from t_WebContent
  5. CSS should be in css file, not inline
  6. To add red asterisks to required fields use the required class on the containing div like the following (this utilises our .label-left.required:before pseudo selector):
<div class="label-left required">							
    @Html.LabelFor(m => m.FieldName)
</div>
  1. Submits that are expected to take time should display the spinning gif
  2. All fields should have maxlength applied (expecially those with Regex)
  3. JavaScript should not subscribe to any events at a global level - should always be scoped to a function definition
  4. Test double-clicking of submit buttons
  5. Test page behaviour with slow sql server responses
  6. Check page against webdevchecklist.com (install chrome extension)
  7. Achieve good score in Google PageSpeed (install chrome extension)
  8. Achieve good score in Yahoo! YSlow (install chrome extension)

###Server-side

  1. Have unit tests been written?
  2. Code defensively -- assume all javascript logic/validation has been bypassed
  3. Code defensively -- use FirstOrDefault or SingleOrDefault() and if null log it, then redirect instead of waiting for exception
  4. All GET's that take parameters should cater for that parameter not being included
  5. All POST actions should be decorated with [ValidateAntiForgeryToken]
  6. POST actions should use PRG pattern (like Report an Issue). See http://en.wikipedia.org/wiki/Post/Redirect/Get
  7. Methods should be small - refactor repeating code into methods
  8. All possible logic should be contained in Domain Logic class rather than controller
  9. Use enum instead of magic strings where possible
  10. If can't use enums use const or readonly string variables
  11. Actions that require you to be logged in should be decorated with [Authorize]
  12. Action that return JSON that require you to be logged in should be decorated with [AjaxAuthorize]
  13. Check your local ELMAH log to see if your code is generating any errors that are being swallowed
  14. DB columns should have sensible column lengths & indexes specified
  15. Mitigate querystring tampering. If loading data based on a querystring parameter, ensure that the logged on user has is the owner of the the requested data

##WCAG

  1. Run the Squiz labs html code sniffer on each page and fix errors. http://squizlabs.github.io/HTML_CodeSniffer/ - copy bookmarklet to bookmark bar in Chrome

###Database

  1. All changes of database schemas are to be applied to database projects and and checked the in TFS
  2. All changes of database schemas are to be applied to relevant staging tables in external and internal databases
  3. All changes of database schemas are to be applied to OBC_MBC as well.
  4. Change of schemas normally indicates new records are to be added to t_ads_dictionary table and rebuild of view table in SQL server for datasync processing
  5. A new baseline of every database schema is required for every release

About

List of things to check before marking a piece of code as 'complete'

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •