ge-aerospace/shopdb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update STANDARDS.md to v1.2

Browse Source 
- Note authentication not yet implemented (SAML planned)
- Add DSN toggle documentation for dev/prod environments
- Add API endpoint testing section with curl examples
- Update PC identification (machinetypeid=33 only, removed 34-46)
- Add comid column gotcha (was using communicationid)
- Update config file structure (config.asp.example)
- Update configuration template with dual-database setup

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
cproudlock
2025-12-12 08:23:50 -05:00
parent c96f1c4c0a
commit de7d8faacd
1 changed files with 115 additions and 58 deletions
Download Patch File Download Diff File Expand all files Collapse all files

173
docs/STANDARDS.md
View File

@@ -1,8 +1,8 @@
# Classic ASP Development Standards # Classic ASP Development Standards
## ShopDB Application ## ShopDB Application
**Version:** 1.1 **Version:** 1.2
**Last Updated:** 2025-12-11 **Last Updated:** 2025-12-12
**Status:** MANDATORY for all new development and modifications **Status:** MANDATORY for all new development and modifications
--- ---
@@ -26,7 +26,9 @@
### Authentication & Authorization ### Authentication & Authorization
**MANDATORY:** All pages MUST implement authentication checks. > **NOTE:** Authentication is not yet implemented. SAML integration is planned for a future release. The patterns below document the intended implementation.
**MANDATORY (when implemented):** All pages MUST implement authentication checks.
```vbscript ```vbscript
<!--#include file="./includes/auth_check.asp"--> <!--#include file="./includes/auth_check.asp"-->
@@ -43,6 +45,7 @@ Call RequireRole("Admin")
- `login.asp` - `login.asp`
- `error.asp` - `error.asp`
- `404.asp` - `404.asp`
- API endpoints (use API key authentication instead)
### Session Management ### Session Management
@@ -94,6 +97,25 @@ objConn.Open
%> %>
``` ```
**Environment Toggle:** Set `USE_DSN` in config.asp:
- `USE_DSN = False` - Development (direct ODBC driver connection)
- `USE_DSN = True` - Production (DSN-based connection)
```vbscript
' config.asp controls connection method
Const USE_DSN = False ' Set True for production
Function GetConnectionString()
If USE_DSN Then
' Production: DSN-based
GetConnectionString = "DSN=" & DB_DSN & ";Uid=...;Pwd=...;Option=3;Pooling=True;Max Pool Size=100;"
Else
' Development: Direct ODBC
GetConnectionString = "Driver={" & DB_DRIVER & "};Server=...;..."
End If
End Function
```
### Parameterized Queries ### Parameterized Queries
**MANDATORY:** ALL database queries MUST use parameterization. **MANDATORY:** ALL database queries MUST use parameterization.
@@ -721,6 +743,7 @@ lastupdated
|----------|--------|-------| |----------|--------|-------|
| `ipaddress` | `address` | communications | | `ipaddress` | `address` | communications |
| `gateway` | `defaultgateway` | communications | | `gateway` | `defaultgateway` | communications |
| `communicationid` | `comid` | communications |
| `notes` | `machinenotes` | machines | | `notes` | `machinenotes` | machines |
| `pcid` | `machineid` | machines (PCs are in unified table) | | `pcid` | `machineid` | machines (PCs are in unified table) |
| `pc_comm_config` | `commconfig` | (table name) | | `pc_comm_config` | `commconfig` | (table name) |
@@ -728,7 +751,9 @@ lastupdated
**PC Identification:** PCs are in the `machines` table, identified by: **PC Identification:** PCs are in the `machines` table, identified by:
- `pctypeid IS NOT NULL` - `pctypeid IS NOT NULL`
- `machinetypeid IN (33, 34, 35)` - `machinetypeid = 33` (generic PC type)
> **Note:** Redundant PC machinetypes (34-46) were removed. All PCs now use machinetypeid=33 with pctypeid for categorization (Standard, Engineer, Shopfloor, CMM, etc.)
--- ---
@@ -937,6 +962,43 @@ This script tests 41 endpoints including:
Test data uses `AUTOTEST_` prefix for easy cleanup. See `tests/cleanup_test_data.sql`. Test data uses `AUTOTEST_` prefix for easy cleanup. See `tests/cleanup_test_data.sql`.
### API Endpoint Testing
**REQUIRED:** Test API endpoints used by PowerShell scripts after changes to api.asp.
```bash
# Health check
curl -s "http://192.168.122.151:8080/api.asp?action=getDashboardData"
# Get shopfloor PCs
curl -s "http://192.168.122.151:8080/api.asp?action=getShopfloorPCs"
# Simulate PowerShell PC data collection
curl -s -X POST "http://192.168.122.151:8080/api.asp" \
-d "action=updateCompleteAsset" \
-d "hostname=TESTPC01" \
-d "serialNumber=TEST123" \
-d "manufacturer=Dell Inc." \
-d "model=OptiPlex 7080" \
-d "osVersion=Microsoft Windows 11 Pro" \
-d "pcType=Standard"
# Get recorded IP (POST method)
curl -s -X POST "http://192.168.122.151:8080/api.asp" \
-d "action=getRecordedIP" \
-d "hostname=TESTPC01"
```
**Key API Endpoints:**
| Action | Method | Purpose |
|--------|--------|---------|
| getDashboardData | GET | Health check |
| getShopfloorPCs | GET | List shopfloor PCs |
| updateCompleteAsset | POST | PC data collection (main PowerShell endpoint) |
| getRecordedIP | POST | Get recorded IP for hostname |
| updatePrinterMapping | POST | Link printer to PC |
| updateInstalledApps | POST | Record installed applications |
### Unit Testing ### Unit Testing
**REQUIRED:** Test all validation functions. **REQUIRED:** Test all validation functions.
@@ -1043,16 +1105,22 @@ Before committing code, verify:
**Structure:** **Structure:**
``` ```
/includes/ /includes/
config.asp.template (Template with placeholders) config.asp.example (Template with placeholder credentials - tracked in git)
config.dev.asp (Development settings) config.asp (Actual credentials - gitignored, never commit)
config.test.asp (Testing settings)
config.prod.asp (Production settings)
``` ```
**Deployment Process:** **Deployment Process:**
1. Copy appropriate config file to `config.asp` 1. Copy `config.asp.example` to `config.asp`
2. Never commit `config.asp` to source control 2. Fill in actual credentials
3. Add `config.asp` to `.gitignore` 3. Set `USE_DSN = True` for production, `False` for development
4. `config.asp` is gitignored - never committed to source control
**Configuration includes:**
- ShopDB credentials (with DSN/direct ODBC toggle)
- Employee database credentials (with DSN/direct ODBC toggle)
- Zabbix API URL and token
- Application settings (session timeout, page size, cache duration)
- Business logic constants (serial number length, CSF prefix, etc.)
### Secrets Management ### Secrets Management
@@ -1070,69 +1138,57 @@ Before committing code, verify:
### Configuration Template ### Configuration Template
See `includes/config.asp.example` for the full template. Key sections:
```vbscript ```vbscript
<% <%
'============================================================================= '=============================================================================
' Application Configuration ' Database Configuration - ShopDB
' IMPORTANT: Copy this to config.asp and update values for your environment
'============================================================================= '=============================================================================
' Toggle between DSN (production) and direct ODBC (development)
Const USE_DSN = False ' Set True for production
'----------------------------------------------------------------------------- ' DSN configuration (production)
' Database Configuration Const DB_DSN = "shopdb"
'----------------------------------------------------------------------------- Const DB_DSN_USER = "YOUR_DB_USER"
Const DB_DSN_PASSWORD = "YOUR_DB_PASSWORD"
' Direct ODBC configuration (development)
Const DB_DRIVER = "MySQL ODBC 9.4 Unicode Driver" Const DB_DRIVER = "MySQL ODBC 9.4 Unicode Driver"
Const DB_SERVER = "192.168.122.1" Const DB_SERVER = "192.168.122.1"
Const DB_PORT = "3306" Const DB_PORT = "3306"
Const DB_NAME = "shopdb" Const DB_NAME = "shopdb"
Const DB_USER = "appuser" Const DB_USER = "YOUR_DB_USER"
Const DB_PASSWORD = "CHANGE_THIS_PASSWORD" Const DB_PASSWORD = "YOUR_DB_PASSWORD"
'----------------------------------------------------------------------------- '=============================================================================
' Application Settings ' Database Configuration - Employee Database
'----------------------------------------------------------------------------- '=============================================================================
Const APP_SESSION_TIMEOUT = 30 Const USE_EMP_DSN = True ' Usually DSN-based
Const APP_PAGE_SIZE = 50
Const APP_CACHE_DURATION = 300 ' seconds
'----------------------------------------------------------------------------- Const EMP_DB_DSN = "wjf_employees"
' Business Logic Configuration Const EMP_DB_DSN_USER = "YOUR_EMP_USER"
'----------------------------------------------------------------------------- Const EMP_DB_DSN_PASSWORD = "YOUR_EMP_PASSWORD"
Const SERIAL_NUMBER_LENGTH = 7
Const SSO_NUMBER_LENGTH = 9
Const CSF_PREFIX = "csf"
Const CSF_LENGTH = 5
'----------------------------------------------------------------------------- '=============================================================================
' Default Values
'-----------------------------------------------------------------------------
Const DEFAULT_PC_STATUS_ID = 2
Const DEFAULT_MODEL_ID = 1
Const DEFAULT_OS_ID = 1
'-----------------------------------------------------------------------------
' External Services ' External Services
'----------------------------------------------------------------------------- '=============================================================================
Const SNOW_BASE_URL = "https://geit.service-now.com/now/nav/ui/search/" Const ZABBIX_URL = "http://your-zabbix-server/api_jsonrpc.php"
Const ZABBIX_API_URL = "http://zabbix.example.com/api_jsonrpc.php" Const ZABBIX_API_TOKEN = "YOUR_ZABBIX_API_TOKEN"
'----------------------------------------------------------------------------- '=============================================================================
' File Upload
'-----------------------------------------------------------------------------
Const MAX_FILE_SIZE = 10485760 ' 10MB
Const ALLOWED_EXTENSIONS = "jpg,jpeg,png,gif,pdf"
'-----------------------------------------------------------------------------
' Helper Functions ' Helper Functions
'----------------------------------------------------------------------------- '=============================================================================
Function GetConnectionString() Function GetConnectionString()
GetConnectionString = "Driver={" & DB_DRIVER & "};" & _ If USE_DSN Then
"Server=" & DB_SERVER & ";" & _ GetConnectionString = "DSN=" & DB_DSN & ";Uid=" & DB_DSN_USER & _
"Port=" & DB_PORT & ";" & _ ";Pwd=" & DB_DSN_PASSWORD & ";Option=3;Pooling=True;Max Pool Size=100;"
"Database=" & DB_NAME & ";" & _ Else
"User=" & DB_USER & ";" & _ GetConnectionString = "Driver={" & DB_DRIVER & "};Server=" & DB_SERVER & _
"Password=" & DB_PASSWORD & ";" & _ ";Port=" & DB_PORT & ";Database=" & DB_NAME & _
"Option=3;" & _ ";User=" & DB_USER & ";Password=" & DB_PASSWORD & _
"Pooling=True;Max Pool Size=100;" ";Option=3;Pooling=True;Max Pool Size=100;"
End If
End Function End Function
%> %>
``` ```
@@ -1264,6 +1320,7 @@ Call CleanupResources()
|---------|------|---------|--------| |---------|------|---------|--------|
| 1.0 | 2025-10-10 | Initial standards document created from audit findings | Claude | | 1.0 | 2025-10-10 | Initial standards document created from audit findings | Claude |
| 1.1 | 2025-12-11 | Updated for Phase 2 schema (unified machines table), added test script reference, secrets management, column naming gotchas | Claude | | 1.1 | 2025-12-11 | Updated for Phase 2 schema (unified machines table), added test script reference, secrets management, column naming gotchas | Claude |
| 1.2 | 2025-12-12 | Added DSN toggle documentation, API endpoint testing section, updated PC identification (machinetypeid=33 only), added comid column gotcha, noted auth not yet implemented, updated config file structure | Claude |
--- ---