UXPROD-4070 NFR Scorecard

Status

IN PROGRESS

Date-time

 

Dev Team

Volaris

Architect
Product Owner
Scrum Master
Team Lead
Prod Ticket

UXPROD-4070 - Getting issue details... STATUS

Arch Ticket

ARCH-177 - Getting issue details... STATUS

Tech DesignReading Room Access
ReleaseRamsons (R2 2024)

Quality Attribute

NFR ID

Non-Functional Requirement

Preliminary Analysis (Before feature started)- Date and Status

Final Analysis (After feature completed) - Date and StatusNotes and Comments
1

Availability

NFR.Baseline.Availability.1

Modules are designed and implemented following the Stateless principle

  COMPLIANT



2

NFR.Baseline.Availability.2

Load/performance testing must be conducted for at least 2 instances




3

Manageability

NFR.Baseline.Manageability.1

Application logs are collected in a unified form and location

 COMPLIANT


This is implemented in the folio-spring-base library.
4

NFR.Baseline.Manageability.2

All custom configuration values are placed in the settings, not in the program code

 COMPLIANT



5

Performance

NFR.Baseline.Performance.1

Components are performance tested and compared to the prior release baseline; performance may not degrade more than 5% in exceptional cases

 NOT VERIFIED


Opening/editing a profile should not degrade.

NFR.ReadingRoom.Performance.1The solution should support a maximum of 25 simultaneous requests to reading rooms API (admit/deny access) in LoC. The single request should be completed in under 1.5 seconds. NOT VERIFIED

Use approach: Performance Testing With Karate Framework

gatling_report

6

Security

NFR.Baseline.Security.1

Tenant data must be isolated from other tenants

 COMPLIANT


Based on the assumption: RR and patron data in the central tenant of LoC
7

NFR.Baseline.Security.2

Secrets (such as usernames, passwords, API keys, and/or their combinations) are not stored in source repositories (i.e. Github)

 COMPLIANT


Check the results of the sonar security scan after implementation is done.
8

NFR.Baseline.Security.3

No sensitive information in logs (logins, passwords, API keys)

 COMPLIANT


9NFR.ReadingRoom.Security.1
  • The solution should allow permission-based access to reading rooms for patrons

  • The solution should allow security officers read-only access to patron records.

 COMPLIANT
List all the fields that are present in read-only API for patron records and confirm with LoC that it can be accessed by the role of Security Officer
10

Testability

NFR.Baseline.Testability.1

Unit-test coverage for new code created/changed during the implementation of the feature >= 80%

 COMPLIANT



11

NFR.Baseline.Testability.2

E2E-test coverage - # of automated test cases from test rail to # of all test cases at a particular feature

 COMPLIANT



12

NFR.Baseline.Testability.3

Karate-test coverage - # of test to # of new endpoints that were created (or existing endpoints that were changed) in the feature scope

 COMPLIANT



13AccessibilityNFR.MarcValidation.Accessibility.1Automated tests for WCAG 2.1 AA compliance COMPLIANT
Provide the link with the results of the accessibility tests
14MaintainabilityNFR.ReadingRoom.Maintainability.1The solution should be independent and loosely coupled as the FOLIO core modules do not include the feature COMPLIANT
The implementation will be done as a separate module (microservice). This will provide a loose coupling of the solution.
15

Extensibility

NFR.ReadingRoom.Extensibility.1

The solution should allow extending the room access feature’s capability with additional functionality

 COMPLIANT

LEGEND: Enumeration of possible statuses


COMPLIANT Compliance checked and confirmed

NOT VERIFIED Compliance not checked

NON COMPLIANT Compliance checked, and non-compliance found

NOT APPLICABLE Сompliance not required, requirement not applicable