You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
10. **@AccessControl**: Every endpoint has proper `Action` and `ResourceType`.
56
-
11. **@Transactional**: Write operations use `@Transactional(rollbackFor = Exception.class)`.
57
-
12. **Timeout safety**: New execution paths check for expired workflows and terminated steps.
58
-
13. **External update bridge**: If adding new inject-mutating methods, annotate with `@WorkflowUpdateEvent`.
59
-
14. **Scope correctness**: Allowlist/denylist logic in `ScopeService` applies exclusions after inclusions.
60
-
15. **DEPEND_ON conditions**: Step dependencies use `ConditionFactory.dependOn()`.
47
+
2. **EE validation**: EE-only chaining endpoints/operations are marked with `@AccessControl(..., isEnterpriseEdition = true)` so `AccessControlAspect` enforces Enterprise Edition license validation.
48
+
3. **Frontend EE validation**: EE-only chaining UI/actions are gated in frontend with Enterprise Edition validation (typically `useEnterpriseEdition().isValidated`), in addition to chaining feature-flag checks.
49
+
4. **Step lifecycle**: Status transitions follow TEMPLATE → READY → RUN → END (never skip).
50
+
5. **Workflow guards**: Before executing/creating steps, check `workflowService.isWorkflowEnded()`.
51
+
6. **Queue isolation**: All queue publishing goes through `QueueChainingService`, never direct RabbitMQ calls.
52
+
7. **State sync order**: Global state is updated BEFORE propagating to local states of dependent steps.
53
+
8. **Time delays**: Uses `StepDelayQueueService`, never `Thread.sleep()`.
54
+
9. **Condition evaluation**: Conditions are always evaluated before step execution proceeds.
> Full rules: [backend.instructions.md](backend.instructions.md)
23
23
24
-
Key checks: layering (Controller → Service → Repository, never skip), JPA entities never returned from controllers (use DTOs), `@Transactional` self-call (Spring proxy bypass), no new code in `openaev-framework` (deprecated), no new code in `io.openaev.rest` (legacy — use `io.openaev.api` instead).
24
+
Key checks: layering (Controller → Service → Repository, never skip), JPA entities never returned from controllers (use DTOs), `@Transactional` self-call (Spring proxy bypass), no new code in `openaev-framework` (deprecated), no new code in `io.openaev.rest` (legacy — use `io.openaev.api` instead), backend EE-only behavior explicitly marked with `@AccessControl(..., isEnterpriseEdition = true)` so Enterprise Edition validation is enforced.
> Full rules: [frontend.instructions.md](frontend.instructions.md)
42
42
> Agent: `frontend-reviewer`
43
43
44
-
Key checks: no MUI for layout (native HTML), `sx` prop only (no `makeStyles`), `t()` called early, auto-generated `api-types.d.ts` (no manual types).
44
+
Key checks: no MUI for layout (native HTML), `sx` prop only (no `makeStyles`), `t()` called early, auto-generated `api-types.d.ts` (no manual types), feature-flagged behavior uses the correct frontend flag check, and EE-only UI/actions are gated by frontend Enterprise Edition validation (typically `useEnterpriseEdition().isValidated`).
45
45
46
46
## Chaining Engine
47
47
@@ -50,6 +50,7 @@ Key checks: no MUI for layout (native HTML), `sx` prop only (no `makeStyles`), `
50
50
> Agent: `chaining-engine-reviewer`
51
51
52
52
Key checks: `PreviewFeature.INJECT_CHAINING` gate on endpoints, step lifecycle (TEMPLATE → READY → RUN → END), `workflowService.isWorkflowEnded()` guard before execution, queue interactions only via `QueueChainingService`, global state updated before local propagation, time delays via `StepDelayQueueService` (never `Thread.sleep()`), `@WorkflowUpdateEvent` on inject-mutating methods.
53
+
EE check: chaining EE-only endpoints/operations are explicitly marked with `@AccessControl(..., isEnterpriseEdition = true)` so AccessControlAspect enforces Enterprise Edition license validation.
0 commit comments