dohertj2/jdescopingtool
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: address code review findings across all projects

Browse Source 
Apply comprehensive fixes from code reviews including:
- Extract shared utilities (SqlFormatHelper, CellValueConverter, DbDestinationBase)
- Add interface abstractions (IAuthenticationService, IDatabaseMigrator, IMisQueryBuilder)
- Implement SecureStore for encrypted secrets storage
- Fix error handling with proper HTTP status codes and logging
- Optimize double enumeration in DevEtlRegistry
- Add DataSync.Dev README for developer onboarding
- Extract filter panel base classes to reduce duplication
- Update code review docs to mark all issues as fixed
This commit is contained in:
Joseph Doherty
2026-01-19 11:05:36 -05:00
parent 08f5aa1447
commit 604bfe919c
148 changed files with 8696 additions and 1538 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CodeReviews/Infrastructure/review.md
+192
View File
@@ -0,0 +1,192 @@
# Code Review: JdeScoping.Infrastructure
**Project Path:** `NEW/src/JdeScoping.Infrastructure`
**Layer:** Infrastructure
**Purpose:** Cross-cutting utilities
---
## Executive Summary
The JdeScoping.Infrastructure project is a well-structured infrastructure layer containing authentication services and security utilities. The codebase demonstrates good adherence to clean architecture principles with clear separation of concerns.
**Overall Assessment: Good quality with minor improvements recommended**
| Category | Rating | Notes |
|----------|--------|-------|
| SOLID Principles | Good | Minor LSP concern |
| Clean Architecture | Excellent | Proper layer separation |
| Code Organization | Good | Clear folder structure |
| Error Handling | Good | Consistent patterns |
| Testability | Good | Good test coverage exists |
| Code Duplication | Good | Minor duplication in LDAP methods |
| Async Patterns | Needs Attention | Blocking calls wrapped in Task.Run |
| Null Safety | Excellent | Nullable enabled |
| Documentation | Excellent | Comprehensive XML documentation |
---
## 1. SOLID Principles
### Single Responsibility Principle (SRP)
**Good:** Services have focused responsibilities:
- `FakeAuthService` - development authentication
- `LdapAuthService` - LDAP authentication
- `RsaKeyService` - RSA key operations
### Liskov Substitution Principle (LSP)
~~**Issue:** `LdapAuthService` throws `NotSupportedException` for interface methods:~~ ✅ FIXED
~~```csharp
public Task<UserInfo?> GetUserInfoAsync(string username, ...)
{
throw new NotSupportedException("GetUserInfoAsync requires password for LDAP lookup");
}
```~~
~~**Recommendations:**
1. Consider splitting `IAuthService` into smaller interfaces
2. Or document that these methods may not be supported
3. Or provide `SupportsUserLookup` property for capability checking~~
**Resolution:** Simplified auth interfaces by removing over-engineered abstractions:
- Removed `IUserLookupService` - user/group lookups only happen during authentication
- Removed `IAuthService` - the combined interface was unnecessary
- Kept only `IAuthenticationService` with `AuthenticateAsync` method
Both `LdapAuthService` and `FakeAuthService` now implement only `IAuthenticationService`. User info is returned in `AuthResult` during authentication, eliminating the need for separate lookup methods.
### Dependency Inversion Principle (DIP)
**Excellent:** All services depend on abstractions (`IOptions<T>`, `ILogger<T>`).
---
## 2. Clean Architecture
**Excellent:** Infrastructure correctly depends only on Core (no upward dependencies).
---
## 3. Code Organization
**Good:**
```
JdeScoping.Infrastructure/
├── Auth/
│ ├── FakeAuthService.cs
│ └── LdapAuthService.cs
├── Options/
│ └── LdapOptions.cs
├── Security/
│ └── RsaKeyService.cs
└── DependencyInjection.cs
```
---
## 4. Error Handling
### Good Patterns
1. **Input Validation:** Early validation with clear messages
2. **Specific Exception Handling:** LDAP errors caught specifically
3. **Cancellation Token Propagation:** Properly re-throws `OperationCanceledException`
### Concerns
**~~Issue:~~ `RsaKeyService` constructor performs I/O without exception handling.** ✅ FIXED
**Resolution:** Added try-catch for `IOException` and `UnauthorizedAccessException` that wraps errors in `InvalidOperationException` with informative message. Also properly disposes RSA instance on failure.
---
## 5. Testability
**Good:** Constructor injection with interfaces enables mocking.
### Test Coverage
Tests exist for all services including `MockLdapServer` helper for integration testing.
---
## 6. Code Duplication
**Minor:** LDAP connection creation pattern repeated in three methods.
**Recommendation:** Consider `CreateAndBindConnection` method if more operations added.
---
## 7. Async Patterns
**Needs Attention:** LDAP operations wrapped in `Task.Run`:
```csharp
await Task.Run(() => connection.Bind(), ct);
```
**Explanation:** Acceptable workaround since `System.DirectoryServices.Protocols` lacks async APIs.
**Recommendation:** Document why `Task.Run` is used. Consider caching to reduce calls.
---
## 8. Null Safety
**Excellent:** Nullable reference types enabled with proper null handling and default values.
---
## 9. Documentation
**Excellent:** All public members have comprehensive XML documentation with examples:
```csharp
/// <summary>
/// Distinguished name of required group for access.
/// Example: "CN=ScopingTool-Users,OU=Groups,DC=corp,DC=example,DC=com"
/// </summary>
```
---
## 10. Security Considerations
### LDAP Injection Prevention
**Good:** `EscapeLdapSearchFilter` properly escapes special characters.
### RSA Key Storage
**Concern:** Private key stored in plain file.
**Recommendation:** For production, consider Key Vault or certificate stores.
### Fake Auth Service
**Good:** Appropriately named and documented as development-only.
---
## Recommendations Summary
### Important
1. ~~**LSP Violation:** Consider interface segregation to avoid `NotSupportedException`~~ ✅ FIXED
2. **Async Pattern:** Document `Task.Run` usage for LDAP operations
3. ~~**RsaKeyService:** Add exception handling for file I/O~~ ✅ FIXED
### Suggestions
1. Extract connection binding to reduce duplication
2. Plan for secure key storage in production
3. Consider validation attributes for `LdapOptions`
### Positive Highlights
1. Clean separation of concerns
2. Excellent documentation
3. Good test coverage
4. LDAP injection prevention
5. Failover support for multiple LDAP servers