Please refer to NFR Scorecard practice for detailed information

Status	COMPLETED
Date-time	20 Nov 2023
Dev Team	Volaris
Architect	Kalibek Turgumbayev
Team Lead	Gurleen Kaur1
Scrum Master	Tetiana Gusar
Product Owner	Tim Auger
Prod Ticket	UXPROD-36 - Getting issue details... STATUS
Arch Ticket	ARCH-116 - Getting issue details... STATUS
Tech Design	UXPROD-36 Profile pictures
Release	Quesnelia (R1 2024)

	Quality Attribute	NFR ID	Non-Functional Requirement	Preliminary Analysis (Before feature started)- Date and Status	Final Analysis (After feature completed) - Date and Status	Notes and Comments
1	Availability	NFR.Baseline.Availability.1	Modules are designed and implemented following the Stateless principle	20 Nov 2023 COMPLIANT	04 Apr 2024 COMPLIANT
2	Availability	NFR.Baseline.Availability.2	Load/performance testing must be conducted for at least 2 instances	20 Nov 2023 NOT VERIFIED	04 Apr 2024 COMPLIANT	Uploading Patron profile picture
3	Manageability	NFR.Baseline.Manageability.1	Application logs are collected in a unified form and location	20 Nov 2023 COMPLIANT	04 Apr 2024 COMPLIANT
4		NFR.Baseline.Manageability.2	All custom configuration values are placed in the settings, not in the program code	20 Nov 2023 COMPLIANT	04 Apr 2024 COMPLIANT	https://github.com/folio-org/mod-users?tab=readme-ov-file#example-request-1
		NFR.ProfilePictures.Manageability.1	Enabling/disabling the profile pictures feature for the tenant Storage type for pictures should be configurable (e.g. database, S3-like storage)	20 Nov 2023 NOT VERIFIED	04 Apr 2024 COMPLIANT
5	Performance	NFR.Baseline.Performance.1	Components are performance tested and compared to the prior release baseline; performance may not degrade more than 5% in exceptional cases	20 Nov 2023 NOT VERIFIED	04 Apr 2024 COMPLIANT	Profile opening /saving should not degrade from existing values for more than 5%.
	Performance	NFR.ProfilePictures.Performace.1	The system can process ~70K profile pictures per year	20 Nov 2023 NOT VERIFIED	04 Apr 2024 COMPLIANT	Uploading Patron profile picture
6	Security	NFR.Baseline.Security.1	Tenant data must be isolated from other tenants	20 Nov 2023 NOT VERIFIED	04 Apr 2024 COMPLIANT	UXPROD-4562 - Getting issue details... STATUS
7		NFR.Baseline.Security.2	Secrets (such as usernames, passwords, API keys, and/or their combinations) are not stored in source repositories (i.e. Github)	20 Nov 2023 NOT VERIFIED	04 Apr 2024 COMPLIANT	https://sonarcloud.io/summary/new_code?id=org.folio%3Amod-users&pullRequest=344
8		NFR.Baseline.Security.3	No sensitive information in logs (logins, passwords, API keys)	20 Nov 2023 NOT VERIFIED	04 Apr 2024 COMPLIANT
		NFR.ProfilePictures.Security.1	Only authorized library staff can view and manage (upload, view, update, delete) photos for patron accounts	20 Nov 2023 NOT VERIFIED	04 Apr 2024 COMPLIANT	Reuse of previously existing mechanism of permissions
		NFR.ProfilePictures.Security.2	Patron photos should be securely stored with proper encryption and access controls to protect sensitive information.	20 Nov 2023 NOT VERIFIED	04 Apr 2024 NON COMPLIANT	Tech Debt: need to address change encryption key and related data.
9	Testability	NFR.Baseline.Testability.1	Unit-test coverage for new code created/changed during the implementation of the feature >= 80%	20 Nov 2023 NOT VERIFIED	04 Apr 2024 COMPLIANT	https://sonarcloud.io/summary/new_code?id=org.folio%3Amod-users&pullRequest=344
10		NFR.Baseline.Testability.2	E2E-test coverage - # of automated test cases from test rail to # of all test cases at a particular feature	20 Nov 2023 NOT VERIFIED
11		NFR.Baseline.Testability.3	Karate-test coverage - # of test to # of new endpoints that were created (or existing endpoints that were changed) in the feature scope	20 Nov 2023 NOT VERIFIED	04 Apr 2024 COMPLIANT	Report

LEGEND: Enumeration of possible statuses

COMPLIANT Compliance checked and confirmed

NOT VERIFIED Compliance not checked

NON COMPLIANT Compliance checked, and non-compliance found

NOT APPLICABLE Сompliance not required, requirement not applicable