Info |
---|
Please , refer to NFR Scorecard practice for detailed information |
...
Page Properties | |||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...
Quality Attribute | NFR ID | Non-Functional Requirement | Preliminary Analysis (Before feature started)- Date and Status | Final Analysis (After feature completed) - Date and Status | Notes and Comments | |||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
1 | Availability | NFR.Baseline.Availability.1 | Modules are designed and implemented following the Stateless principle |
|
| |||||||||||||||||||||||||||
2 | NFR.Baseline.Availability.2 | Load/performance testing must be conducted for at least 2 instances |
|
| Uploading Patron profile picture | |||||||||||||||||||||||||||
3 | Manageability | NFR.Baseline.Manageability.1 | Application logs are collected in a unified form and location |
|
| |||||||||||||||||||||||||||
4 | NFR.Baseline.Manageability.2 | All custom configuration values are placed in the settings, not in the program code |
|
| https://github.com/folio-org/mod-users?tab=readme-ov-file#example-request-1 | |||||||||||||||||||||||||||
NFR.ProfilePictures.Manageability.1 |
|
|
| |||||||||||||||||||||||||||||
5 | Performance | NFR.Baseline.Performance.1 | Components are performance tested and compared to the prior release baseline; performance may not degrade more than 5% in exceptional cases |
|
| Profile opening /saving should not degrade from existing values for more than 5%. | ||||||||||||||||||||||||||
NFR.ProfilePictures.Performace.1 | The system can process ~70K profile pictures per year |
|
| Uploading Patron profile picture | ||||||||||||||||||||||||||||
6 | Security | NFR.Baseline.Security.1 | Tenant data must be isolated from other tenants |
|
|
| ||||||||||||||||||||||||||
7 | NFR.Baseline.Security.2 | Secrets (such as usernames, passwords, API keys, and/or their combinations) are not stored in source repositories (i.e. Github) |
|
| https://sonarcloud.io/summary/new_code?id=org.folio%3Amod-users&pullRequest=344 | |||||||||||||||||||||||||||
8 | NFR.Baseline.Security.3 | No sensitive information in logs (logins, passwords, API keys) |
|
| ||||||||||||||||||||||||||||
NFR.ProfilePictures.Security.1 | Only authorized library staff can view and manage (upload, view, update, delete) photos for patron accounts |
|
| Reuse of previously existing mechanism of permissions | ||||||||||||||||||||||||||||
NFR.ProfilePictures.Security.2 | Patron photos should be securely stored with proper encryption and access controls to protect sensitive information. |
|
| Tech Debt: need to address change encryption key and related data. | ||||||||||||||||||||||||||||
9 | Testability | NFR.Baseline.Testability.1 | Unit-test coverage for new code created/changed during the implementation of the feature >= 80% |
|
| https://sonarcloud.io/summary/new_code?id=org.folio%3Amod-users&pullRequest=344 | ||||||||||||||||||||||||||
10 | NFR.Baseline.Testability.2 | E2E-test coverage - # of automated test cases from test rail to # of all test cases at a particular feature |
| |||||||||||||||||||||||||||||
11 | NFR.Baseline.Testability.3 | Karate-test coverage - # of test to # of new endpoints that were created (or existing endpoints that were changed) in the feature scope |
|
| Report |
Info | ||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||||||||||||||||
|
...