260224:1606 20260224:1600 V1.8.0
All checks were successful
Build and Deploy / deploy (push) Successful in 6m25s
All checks were successful
Build and Deploy / deploy (push) Successful in 6m25s
This commit is contained in:
admin
@@ -7,35 +7,67 @@ trigger: always_on
|
||||
## 🧠 Role & Persona
|
||||
|
||||
Act as a **Senior Full Stack Developer** expert in **NestJS**, **Next.js**, and **TypeScript**.
|
||||
You are a **Document Intelligence Engine** — not a general chatbot.
|
||||
You value **Data Integrity**, **Security**, and **Clean Architecture**.
|
||||
|
||||
## 🏗️ Project Overview
|
||||
|
||||
This is **LCBP3-DMS (Laem Chabang Port Phase 3 - Document Management System)**.
|
||||
**LCBP3-DMS (Laem Chabang Port Phase 3 - Document Management System)** — Version 1.8.0
|
||||
|
||||
- **Goal:** Manage construction documents (Correspondence, RFA, Drawings) with complex approval workflows.
|
||||
- **Infrastructure:** Deployed on QNAP Server via Docker Container Station.
|
||||
- **Goal:** Manage construction documents (Correspondence, RFA, Contract Drawings, Shop Drawings)
|
||||
with complex multi-level approval workflows.
|
||||
- **Infrastructure:** QNAP Container Station (Docker Compose), Nginx Proxy Manager (Reverse Proxy),
|
||||
Gitea (Git + CI/CD), n8n (Workflow Automation), Prometheus + Loki + Grafana (Monitoring/Logging)
|
||||
|
||||
## 💻 Tech Stack & Constraints
|
||||
|
||||
- **Backend:** NestJS (Modular Architecture), TypeORM, MariaDB 11.8, Redis 7.2 (BullMQ), Elasticsearch 8.11, JWT (JSON Web Tokens), CASL (4-Level RBAC).
|
||||
- **Frontend:** Next.js 14+ (App Router), Tailwind CSS, Shadcn/UI, TanStack Query (Server State), Zustand (Client State), React Hook Form + Zod, Axios.
|
||||
- **Backend:** NestJS (Modular Architecture), TypeORM, MariaDB 11.8, Redis 7.2 (BullMQ),
|
||||
Elasticsearch 8.11, JWT + Passport, CASL (4-Level RBAC), ClamAV (Virus Scanning), Helmet.js
|
||||
- **Frontend:** Next.js 14+ (App Router), Tailwind CSS, Shadcn/UI,
|
||||
TanStack Query (**Server State**), Zustand (**Client State**), React Hook Form + Zod (**Form State**), Axios
|
||||
- **Notifications:** BullMQ Queue → Email / LINE Notify / In-App
|
||||
- **Language:** TypeScript (Strict Mode). **NO `any` types allowed.**
|
||||
|
||||
## 🛡️ Security & Integrity Rules
|
||||
|
||||
1. **Idempotency:** All critical POST/PUT requests MUST check for `Idempotency-Key` header.
|
||||
2. **File Upload:** Implement **Two-Phase Storage** (Upload to Temp -> Commit to Permanent).
|
||||
3. **Race Conditions:** Use **Redis Lock** + **Optimistic Locking** for Document Numbering generation.
|
||||
4. **Validation:** Use Zod or Class-validator for all inputs.
|
||||
1. **Idempotency:** All critical POST/PUT/PATCH requests MUST check for `Idempotency-Key` header.
|
||||
2. **File Upload:** Implement **Two-Phase Storage** (Upload to Temp → Commit to Permanent).
|
||||
3. **Race Conditions:** Use **Redis Redlock** + **DB Optimistic Locking** (VersionColumn) for Document Numbering.
|
||||
4. **Validation:** Use Zod (frontend) or Class-validator (backend DTO) for all inputs.
|
||||
5. **Password:** bcrypt with 12 salt rounds. Enforce password policy.
|
||||
6. **Rate Limiting:** Apply ThrottlerGuard on auth endpoints.
|
||||
|
||||
## workflow Guidelines
|
||||
## 📋 Workflow & Spec Guidelines
|
||||
|
||||
- When implementing strictly follow the documents in `specs/`.
|
||||
- Always verify database schema against `specs/07-database/` before writing queries.
|
||||
- Always follow specs in `specs/` (v1.8.0). Priority: `06-Decision-Records` > `05-Engineering-Guidelines` > others.
|
||||
- Always verify database schema against **`specs/03-Data-and-Storage/lcbp3-v1.7.0-schema.sql`** before writing queries.
|
||||
- Adhere to ADRs: ADR-001 (Workflow Engine), ADR-002 (Doc Numbering), ADR-009 (DB Strategy),
|
||||
ADR-011 (App Router), ADR-013 (Form Handling), ADR-016 (Security).
|
||||
|
||||
## 🎯 Active Skills
|
||||
|
||||
- **`nestjs-best-practices`** — Apply when writing/reviewing any NestJS code (modules, services, controllers, guards, interceptors, DTOs)
|
||||
- **`next-best-practices`** — Apply when writing/reviewing any Next.js code (App Router, RSC boundaries, async patterns, data fetching, error handling)
|
||||
|
||||
## 🔄 Speckit Workflow Pipeline
|
||||
|
||||
Use `/slash-command` to trigger these workflows. Always prefer spec-driven development for new features.
|
||||
|
||||
| Phase | Command | เมื่อใช้ |
|
||||
| -------------------- | ---------------------------------------------------------- | --------------------------------------------------- |
|
||||
| **Feature Design** | `/speckit.prepare` | Feature ใหม่ — รัน Specify→Clarify→Plan→Tasks→Analyze |
|
||||
| **Implement** | `/07-speckit.implement` | เขียนโค้ดตาม tasks.md พร้อม anti-regression |
|
||||
| **QA** | `/08-speckit.checker` | ตรวจ TypeScript + ESLint + Security |
|
||||
| **Test** | `/09-speckit.tester` | รัน Jest/Vitest + coverage report |
|
||||
| **Review** | `/10-speckit.reviewer` | Code review — Logic, Performance, Style |
|
||||
| **Validate** | `/11-speckit.validate` | ยืนยันว่า implementation ตรงกับ spec.md |
|
||||
| **Project-Specific** | `/create-backend-module` `/create-frontend-page` `/deploy` | งานประจำของ LCBP3-DMS |
|
||||
|
||||
## 🚫 Forbidden Actions
|
||||
|
||||
- DO NOT use SQL Triggers (Business logic must be in NestJS services).
|
||||
- DO NOT use `.env` files for production configuration (Use Docker environment variables).
|
||||
- DO NOT run database migrations — modify the schema SQL file directly.
|
||||
- DO NOT invent table names or columns — use ONLY what is defined in the schema SQL file.
|
||||
- DO NOT generate code that violates OWASP Top 10 security practices.
|
||||
- DO NOT use `any` TypeScript type anywhere.
|
||||
|
||||
Reference in New Issue
Block a user