mabdalla/courseworx
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
courseworx/docs/05-Development-Guidelines.md
mmabdalla 5477297914 v2.0.2 - Complete Plugin Architecture System and Multi-Currency Implementation 
Major Features Added:
- Complete Plugin Architecture System with financial plugin
- Multi-currency support with exchange rates
- Course type system (online, classroom, hybrid)
- Attendance tracking and QR code scanning
- Classroom sessions management
- Course sections and content management
- Professional video player with authentication
- Secure media serving system
- Shopping cart and checkout system
- Financial dashboard and earnings tracking
- Trainee progress tracking
- User notes and assignments system

Backend Infrastructure:
- Plugin loader and registry system
- Multi-currency database models
- Secure media middleware
- Course access middleware
- Financial plugin with payment processing
- Database migrations for new features
- API endpoints for all new functionality

Frontend Components:
- Course management interface
- Content creation and editing
- Section management with drag-and-drop
- Professional video player
- QR scanner for attendance
- Shopping cart and checkout flow
- Financial dashboard
- Plugin management interface
- Trainee details and progress views

This represents a major evolution of CourseWorx from a basic LMS to a comprehensive educational platform with plugin architecture.
2025-09-14 04:20:37 +03:00

11 KiB
Raw Blame History

CourseWorx Development Guidelines

📋 Document Information

  • Version: 1.0.0
  • Last Updated: 2024-12-19
  • Author: AI Assistant
  • Status: Draft - Ready for Review

🎯 Development Philosophy

CourseWorx development follows these core principles:

  • Quality First: Code quality over speed
  • Test-Driven Development: Write tests before implementation
  • Documentation: Every change must be documented
  • Impact Analysis: Understand system impact before changes
  • Code Reviews: All changes require peer review

🔄 Development Workflow

1. Feature Development Process

1. Issue Creation → GitHub Issue with proper template
2. Impact Analysis → Understand affected components/APIs
3. Design Review → Architecture and approach validation
4. Branch Creation → Feature branch from main
5. Implementation → Code with tests
6. Testing → Unit, integration, and manual testing
7. Documentation → Update relevant docs
8. Code Review → Peer review process
9. Merge → After approval and testing
10. Deployment → Staged deployment with monitoring

2. Branch Strategy

main (production-ready)
├── develop (integration branch)
│   ├── feature/user-management
│   ├── feature/course-creation
│   └── bugfix/login-validation
├── hotfix/critical-security-fix
└── release/v1.1.0

3. Commit Message Format

type(scope): brief description

Detailed explanation of the change

- What was changed
- Why it was changed
- Any breaking changes
- Related issue numbers

Examples:
feat(auth): add password reset functionality
fix(courses): resolve duplicate course creation bug
docs(api): update authentication endpoint documentation
refactor(components): split CourseContent into smaller components

🧪 Testing Strategy

1. Testing Pyramid

E2E Tests (5%)
├── Critical user journeys
├── Authentication flows
└── Course creation/enrollment

Integration Tests (25%)
├── API endpoint testing
├── Database integration
└── Component integration

Unit Tests (70%)
├── Component logic
├── Utility functions
├── API service methods
└── Business logic

2. Testing Requirements

  • New Features: 80% code coverage minimum
  • Bug Fixes: Add regression tests
  • Refactoring: Maintain existing test coverage
  • API Changes: Update contract tests

3. Testing Tools

Frontend Testing:
├── Jest (Test runner)
├── React Testing Library (Component testing)
├── MSW (API mocking)
└── Cypress (E2E testing)

Backend Testing:
├── Jest (Test runner)
├── Supertest (API testing)
├── Factory-bot (Test data)
└── Test database (Isolated testing)

📝 Code Standards

1. JavaScript/React Standards

// Use functional components with hooks
const UserList = ({ users, onUserSelect }) => {
  const [selectedUser, setSelectedUser] = useState(null);
  
  // Use descriptive variable names
  const activeUsers = users.filter(user => user.isActive);
  
  // Extract complex logic to custom hooks
  const { loading, error, refetch } = useUserData();
  
  // Use early returns to reduce nesting
  if (loading) return <LoadingSpinner />;
  if (error) return <ErrorMessage error={error} />;
  
  return (
    <div className="user-list">
      {activeUsers.map(user => (
        <UserCard 
          key={user.id} 
          user={user} 
          onSelect={onUserSelect}
        />
      ))}
    </div>
  );
};

2. Component Guidelines

  • Single Responsibility: One purpose per component
  • Max 300 lines: Split larger components
  • Props Interface: Define clear prop types
  • Error Boundaries: Handle component errors gracefully

3. API Development Standards

// Controller structure
const createUser = async (req, res) => {
  try {
    // 1. Input validation
    const validationErrors = validationResult(req);
    if (!validationErrors.isEmpty()) {
      return res.status(400).json({
        error: 'Validation Error',
        details: validationErrors.array()
      });
    }
    
    // 2. Business logic
    const userData = req.body;
    const user = await UserService.createUser(userData);
    
    // 3. Success response
    res.status(201).json({
      message: 'User created successfully',
      data: user
    });
  } catch (error) {
    // 4. Error handling
    console.error('User creation error:', error);
    res.status(500).json({
      error: 'Internal Server Error',
      message: 'Failed to create user'
    });
  }
};

🗂️ File Organization

1. Frontend Structure

frontend/src/
├── components/
│   ├── common/           # Reusable components
│   ├── forms/            # Form components
│   └── ui/               # UI elements
├── pages/
│   ├── auth/             # Authentication pages
│   ├── courses/          # Course-related pages
│   └── admin/            # Admin pages
├── hooks/                # Custom hooks
├── services/             # API services
├── utils/                # Utility functions
├── constants/            # Application constants
└── types/                # TypeScript types (future)

2. Backend Structure

backend/
├── controllers/          # Route handlers
├── services/             # Business logic
├── models/               # Database models
├── middleware/           # Express middleware
├── routes/               # Route definitions
├── utils/                # Utility functions
├── validators/           # Input validation
└── tests/                # Test files

🔒 Security Guidelines

1. Input Validation

  • Server-side validation: Always validate on backend
  • Client-side validation: For UX only, not security
  • Sanitization: Clean all user inputs
  • SQL Injection: Use parameterized queries (Sequelize ORM)

2. Authentication & Authorization

  • JWT Security: Secure token storage and transmission
  • Role-based Access: Verify permissions on every request
  • Password Security: bcrypt with appropriate salt rounds
  • Session Management: Proper token expiration

3. File Upload Security

// File upload validation
const validateFileUpload = (req, res, next) => {
  const allowedTypes = ['image/jpeg', 'image/png', 'application/pdf'];
  const maxSize = 10 * 1024 * 1024; // 10MB
  
  if (!allowedTypes.includes(req.file.mimetype)) {
    return res.status(400).json({ error: 'Invalid file type' });
  }
  
  if (req.file.size > maxSize) {
    return res.status(400).json({ error: 'File too large' });
  }
  
  next();
};

📊 Performance Guidelines

1. Frontend Performance

  • Code Splitting: Lazy load large components
  • Image Optimization: Compress and resize images
  • Bundle Analysis: Monitor bundle size
  • Memoization: Use React.memo for expensive components

2. Backend Performance

  • Database Queries: Optimize with proper indexes
  • Caching: Implement Redis for frequently accessed data
  • Connection Pooling: Efficient database connections
  • Response Compression: Gzip compression for API responses

3. Database Performance

-- Create indexes for frequently queried columns
CREATE INDEX idx_users_email ON users(email);
CREATE INDEX idx_courses_trainer_id ON courses(trainer_id);
CREATE INDEX idx_enrollments_user_course ON enrollments(user_id, course_id);

-- Optimize queries with proper JOINs
SELECT u.first_name, u.last_name, c.title
FROM users u
JOIN enrollments e ON u.id = e.user_id
JOIN courses c ON e.course_id = c.id
WHERE u.role = 'trainee' AND e.status = 'enrolled';

🐛 Error Handling

1. Frontend Error Handling

// Error boundary for component errors
class ErrorBoundary extends React.Component {
  constructor(props) {
    super(props);
    this.state = { hasError: false };
  }
  
  static getDerivedStateFromError(error) {
    return { hasError: true };
  }
  
  componentDidCatch(error, errorInfo) {
    console.error('Component error:', error, errorInfo);
    // Send to error reporting service
  }
  
  render() {
    if (this.state.hasError) {
      return <ErrorFallback />;
    }
    return this.props.children;
  }
}

// API error handling
const handleApiError = (error) => {
  if (error.response?.status === 401) {
    // Redirect to login
    window.location.href = '/login';
  } else if (error.response?.status >= 500) {
    // Show generic error message
    toast.error('Server error. Please try again later.');
  } else {
    // Show specific error message
    toast.error(error.response?.data?.message || 'An error occurred');
  }
};

2. Backend Error Handling

// Global error handler
const errorHandler = (err, req, res, next) => {
  console.error('Error:', err);
  
  // Validation errors
  if (err.name === 'ValidationError') {
    return res.status(400).json({
      error: 'Validation Error',
      message: err.message
    });
  }
  
  // Database errors
  if (err.name === 'SequelizeValidationError') {
    return res.status(400).json({
      error: 'Database Validation Error',
      details: err.errors.map(e => ({
        field: e.path,
        message: e.message
      }))
    });
  }
  
  // Default error
  res.status(500).json({
    error: 'Internal Server Error',
    message: process.env.NODE_ENV === 'development' ? err.message : 'Something went wrong'
  });
};

📚 Documentation Requirements

1. Code Documentation

  • Function Documentation: JSDoc for all functions
  • Component Documentation: Props, usage examples
  • API Documentation: OpenAPI/Swagger specs
  • README Files: Setup and usage instructions

2. Change Documentation

  • Pull Request Templates: Standardized PR descriptions
  • Changelog: Track all changes with semantic versioning
  • Migration Guides: For breaking changes
  • Version.txt Updates: Required for all changes

🔍 Code Review Process

1. Review Checklist

  • Code follows style guidelines
  • Tests are included and passing
  • Documentation is updated
  • No security vulnerabilities
  • Performance impact considered
  • Breaking changes documented

2. Review Guidelines

  • Be Constructive: Provide helpful feedback
  • Ask Questions: Understand the reasoning
  • Suggest Improvements: Offer better solutions
  • Approve Quickly: Don't block unnecessarily

🚀 Deployment Guidelines

1. Staging Deployment

  • Automated Testing: All tests must pass
  • Manual Testing: User acceptance testing
  • Performance Testing: Load and stress testing
  • Security Scanning: Automated security checks

2. Production Deployment

  • Blue-Green Deployment: Zero-downtime deployments
  • Database Migrations: Backward-compatible changes
  • Rollback Plan: Quick rollback procedures
  • Monitoring: Post-deployment monitoring

Next Steps:

  1. Review and approve development guidelines
  2. Set up development tools and templates
  3. Train team on new processes
  4. Implement code quality gates