phoenix-code-review
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChinesePhoenix Code Review
Phoenix代码审查
Quick Reference
快速参考
| Issue Type | Reference |
|---|---|
| Bounded contexts, Ecto integration | references/contexts.md |
| Actions, params, error handling | references/controllers.md |
| Pipelines, scopes, verified routes | references/routing.md |
| Custom plugs, authentication | references/plugs.md |
| 问题类型 | 参考文档 |
|---|---|
| 有界上下文、Ecto集成 | references/contexts.md |
| 操作、参数、错误处理 | references/controllers.md |
| 管道、作用域、已验证路由 | references/routing.md |
| 自定义Plugs、身份验证 | references/plugs.md |
Review Checklist
审查清单
Controllers
控制器
- Business logic in contexts, not controllers
- Controllers return proper HTTP status codes
- Action clauses handle all expected patterns
- Fallback controllers handle errors consistently
- 业务逻辑放在上下文中,而非控制器中
- 控制器返回正确的HTTP状态码
- 操作子句处理所有预期场景
- 回退控制器一致地处理错误
Contexts
上下文
- Contexts are bounded by domain, not technical layer
- Public functions have clear, domain-focused names
- Changesets validate all user input
- No Ecto queries in controllers
- 上下文按领域划分边界,而非技术层
- 公共函数具有清晰的、以领域为中心的命名
- Changeset验证所有用户输入
- 控制器中无Ecto查询
Routing
路由
- Verified routes (~p sigil) used, not string paths
- Pipelines group related plugs
- Resources use only needed actions
- Scopes group related routes
- 使用已验证路由(~p 标记),而非字符串路径
- 管道对相关Plugs进行分组
- 资源仅使用所需的操作
- 作用域对相关路由进行分组
Plugs
Plugs
- Authentication/authorization via plugs
- Plugs are composable and single-purpose
- Halt called after sending response in plugs
- 通过Plugs实现身份验证/授权
- Plugs具备可组合性且单一职责
- 在Plugs中发送响应后调用Halt
JSON APIs
JSON API
- Proper content negotiation
- Consistent error response format
- Pagination for list endpoints
- 正确的内容协商
- 一致的错误响应格式
- 列表端点支持分页
Valid Patterns (Do NOT Flag)
有效模式(无需标记)
- Controller calling multiple contexts - Valid for orchestration
- Inline Ecto query in context - Context owns its data access
- Using - Centralized error handling pattern
action_fallback - Multiple pipelines per route - Composition is intentional
- without send - May be handled by fallback
Plug.Conn.halt/1
- 控制器调用多个上下文 - 用于编排时有效
- 上下文中的内联Ecto查询 - 上下文拥有其数据访问权限
- 使用- 集中式错误处理模式
action_fallback - 每个路由多个管道 - 组合是有意设计的
- 未发送响应 - 可能由回退处理
Plug.Conn.halt/1
Context-Sensitive Rules
上下文敏感规则
| Issue | Flag ONLY IF |
|---|---|
| Missing changeset validation | Field accepts user input AND no validation exists |
| Controller too large | More than 7 actions OR actions > 20 lines |
| Missing authorization | Route is not public AND no auth plug in pipeline |
| 问题 | 仅在以下情况标记 |
|---|---|
| 缺少Changeset验证 | 字段接受用户输入且无任何验证存在 |
| 控制器过大 | 超过7个操作 或 操作代码超过20行 |
| 缺少授权 | 路由非公开且管道中无身份验证Plug |
Before Submitting Findings
提交发现前
Load and follow review-verification-protocol before reporting any issue.
在报告任何问题之前,请加载并遵循review-verification-protocol。