HRController¶
- Namespace:
Insorce.Controllers - Project:
Andromeda.Web
Overview¶
The HRController manages human resource functionalities related to actors, competencies, training, talent pools, and optimization within projects. It supports various HR workflows including role management, salary processing, skill matrix handling, training plans, and talent pool administration.
Feature Summary¶
- Manages actor data including filtering, sorting, and role details.
- Processes supervisor salary and governance relationships.
- Handles competency and skill matrix data input, aggregation, and saving.
- Manages job descriptions and training needs/plans for actors.
- Supports talent pool creation, modification, and salary/benchmark updates.
- Performs actor optimization based on team and cost criteria.
- Provides endpoints for retrieving currencies, benchmark costs, and training selections.
UX Summary¶
- Multiple views present actor, competency, training, and talent pool data with dynamic updates via JSON responses.
- Redirects and parameter handling influence user navigation and data display.
- Some methods return JSON for asynchronous UI updates requiring client-side handling.
- Incomplete or commented-out code and unsanitized inputs may degrade user experience or cause confusion.
- Slow API responses and missing validation can negatively impact responsiveness and user trust.
Data Dependencies¶
- Relies on actor, project, training, skill, and talent pool data repositories or services.
- Processes JSON and form data for saving and updating HR-related entities.
- Aggregates skill levels, competency data, and training plans for actors.
- Handles currency and salary information linked to projects and actors.
- Uses TempData and ViewBag/ViewData to pass data between controller and views.
Authentication / Authorization Notes¶
- No explicit authentication or authorization checks are detailed in the methods.
- Several methods risk security vulnerabilities such as deserialization attacks, SQL injection, and XSS due to lack of input validation and sanitization.
- Disabling request validation in some POST methods exposes the system to potential malicious input.
- Sensitive data stored in TempData and direct JSON deserialization require secure handling to prevent unauthorized access.
Controller Call Chain Diagram¶
flowchart TD
Andromeda_Core_Constants_GetAllSkills["Andromeda.Core.Constants.GetAllSkills"]
Andromeda_Core_Constants_GetSkill["Andromeda.Core.Constants.GetSkill"]
Andromeda_Core_DataManager_Execute["Andromeda.Core.DataManager.Execute"]
Andromeda_Core_DataManager_GetData["Andromeda.Core.DataManager.GetData"]
Andromeda_Core_Database_DataExtensions_GetDecimalEx["Andromeda.Core.Database.DataExtensions.GetDecimalEx"]
Andromeda_Core_Database_DataExtensions_GetInt32Ex["Andromeda.Core.Database.DataExtensions.GetInt32Ex"]
Andromeda_Core_Database_DataExtensions_GetStringEx["Andromeda.Core.Database.DataExtensions.GetStringEx"]
Andromeda_Core_Database_helper_SqlParameters["Andromeda.Core.Database.helper.SqlParameters"]
Andromeda_Core_Entities_Actor_GetLocation["Andromeda.Core.Entities.Actor.GetLocation"]
Andromeda_Core_Entities_Gantt_HourlyEffortByActor["Andromeda.Core.Entities.Gantt.HourlyEffortByActor"]
Andromeda_Core_Entities_Sched_GetHourEffort["Andromeda.Core.Entities.Sched.GetHourEffort"]
Andromeda_Core_Entities_Sched_StartTimeHour["Andromeda.Core.Entities.Sched.StartTimeHour"]
Andromeda_Core_Extensions_LinqExtensions_getSkillScore["Andromeda.Core.Extensions.LinqExtensions.getSkillScore"]
Andromeda_Core_LoggingManager_Debug["Andromeda.Core.LoggingManager.Debug"]
Andromeda_Core_LoggingManager_Error["Andromeda.Core.LoggingManager.Error"]
Andromeda_Core_Services_ProcessExtensions_FindByID["Andromeda.Core.Services.ProcessExtensions.FindByID"]
Andromeda_Web_Views_DataFormatFile_getSkillLevel["Andromeda.Web.Views.DataFormatFile.getSkillLevel"]
HRController_Competency["HRController.Competency"]
HRController_GetBenchmarkCost["HRController.GetBenchmarkCost"]
HRController_Index["HRController.Index"]
HRController_Optimise["HRController.Optimise"]
HRController_SaveBenchmarkCost["HRController.SaveBenchmarkCost"]
HRController_SaveSkillMatrixData["HRController.SaveSkillMatrixData"]
HRController_SaveTeamSalariesBenchmark["HRController.SaveTeamSalariesBenchmark"]
HRController_Supervisors["HRController.Supervisors"]
Insorce_Helpers_Helpers_SetDashboardIdToCookie["Insorce.Helpers.Helpers.SetDashboardIdToCookie"]
Insorce_Helpers_Helpers_getDashboardIdFromCookie["Insorce.Helpers.Helpers.getDashboardIdFromCookie"]
Andromeda_Core_DataManager_Execute --> Andromeda_Core_Database_helper_SqlParameters
Andromeda_Core_DataManager_Execute --> Andromeda_Core_LoggingManager_Debug
Andromeda_Core_Entities_Actor_GetLocation --> Andromeda_Core_DataManager_GetData
Andromeda_Core_Entities_Gantt_HourlyEffortByActor --> Andromeda_Core_Entities_Sched_GetHourEffort
Andromeda_Core_Entities_Gantt_HourlyEffortByActor --> Andromeda_Core_Entities_Sched_StartTimeHour
Andromeda_Web_Views_DataFormatFile_getSkillLevel --> Andromeda_Core_Constants_GetSkill
Andromeda_Web_Views_DataFormatFile_getSkillLevel --> Andromeda_Core_Extensions_LinqExtensions_getSkillScore
HRController_Competency --> Andromeda_Core_Constants_GetAllSkills
HRController_GetBenchmarkCost --> Andromeda_Core_DataManager_GetData
HRController_GetBenchmarkCost --> Andromeda_Core_Database_DataExtensions_GetDecimalEx
HRController_GetBenchmarkCost --> Andromeda_Core_Database_DataExtensions_GetInt32Ex
HRController_GetBenchmarkCost --> Andromeda_Core_Database_DataExtensions_GetStringEx
HRController_Index --> Andromeda_Core_Entities_Actor_GetLocation
HRController_Index --> Insorce_Helpers_Helpers_SetDashboardIdToCookie
HRController_Index --> Insorce_Helpers_Helpers_getDashboardIdFromCookie
HRController_Optimise --> Andromeda_Core_Entities_Actor_GetLocation
HRController_Optimise --> Andromeda_Core_Entities_Gantt_HourlyEffortByActor
HRController_SaveBenchmarkCost --> Andromeda_Core_DataManager_Execute
HRController_SaveSkillMatrixData --> Andromeda_Web_Views_DataFormatFile_getSkillLevel
HRController_SaveTeamSalariesBenchmark --> Andromeda_Core_LoggingManager_Error
HRController_Supervisors --> Andromeda_Core_Services_ProcessExtensions_FindByID
System Dependencies¶
Incoming Dependencies (Fan-In): None
Outgoing Dependencies (Fan-Out): None
Cycle Detection¶
No dependency cycles detected for this controller.
View → Action Mapping¶
| Action | View | Model | Path |
|---|---|---|---|
addtalentpool |
AddTalentPool |
Andromeda.Core.Entities.TalentPools |
Andromeda.Web\Views\HR\AddTalentPool.cshtml |
competency |
Competency |
IEnumerable<Andromeda.Core.Entities.ActivitySkills> |
Andromeda.Web\Views\HR\Competency.cshtml |
index |
Index |
- |
Andromeda.Web\Views\HR\Index.cshtml |
jd |
JD |
- |
Andromeda.Web\Views\HR\JD.cshtml |
selection |
Selection |
IEnumerable<Andromeda.Core.Entities.CatchmentSummary> |
Andromeda.Web\Views\HR\Selection.cshtml |
skillmatrix |
SkillMatrix |
IEnumerable<Insorce.Controllers.HRController.ActivityWiseSkillMatrix> |
Andromeda.Web\Views\HR\SkillMatrix.cshtml |
supervisors |
Supervisors |
- |
Andromeda.Web\Views\HR\Supervisors.cshtml |
supervisorssalary |
SupervisorsSalary |
Andromeda.Core.Entities.ActorsSummary |
Andromeda.Web\Views\HR\SupervisorsSalary.cshtml |
talentpool |
TalentPool |
Andromeda.Core.Entities.TalentPools |
Andromeda.Web\Views\HR\TalentPool.cshtml |
trainingneeds |
TrainingNeeds |
IEnumerable<Andromeda.Core.Entities.Catchment> |
Andromeda.Web\Views\HR\TrainingNeeds.cshtml |
trainingplan |
TrainingPlan |
IEnumerable<Andromeda.Core.Entities.CatchmentTraining> |
Andromeda.Web\Views\HR\TrainingPlan.cshtml |
Methods at a Glance¶
Command / Save Operations¶
| Type | Method | HTTP | URL | Summary |
|---|---|---|---|---|
| entrypoint | SaveCompetencyData |
POST |
/HR/SaveCompetencyData |
The method aggregates competency data from skills, updates knowledge, and... |
| entrypoint | SaveSkillMatrixData |
`` | /HR/SaveSkillMatrixData |
Group and save skill sets by activity ID, aggregate skill levels, and update... |
| entrypoint | SaveSkillMatrix |
POST |
/HR/SaveSkillMatrix |
The method deserializes JSON from a POST request, extracts selected skills... |
| entrypoint | SaveJobDesc |
POST |
/HR/SaveJobDesc |
SaveJobDesc receives a job description, updates the actor's job description and... |
| entrypoint | SaveJD |
POST |
/HR/SaveJD |
SaveJD receives a job description via POST, saves it, and updates ViewBag with... |
| entrypoint | SaveContinueJD |
POST |
/HR/SaveContinueJD |
Receives job description via POST and saves it using SaveJobDesc method. |
| entrypoint | btnSaveClick |
`` | /HR/btnSaveClick |
Calculate and save skill and benchmark costs, save talent pools, and update... |
| entrypoint | SaveContinueAddTalent |
POST |
/HR/SaveContinueAddTalent |
Decode form data to create a Catchment object, save it if valid, and return a... |
| entrypoint | SaveTP |
POST |
/HR/SaveTP |
SaveTP deserializes JSON training plans from POST requests and saves them for... |
| entrypoint | SaveTrainingPlan |
POST |
/HR/SaveTrainingPlan |
SaveTrainingPlan handles POST requests, saves the training plan, and returns... |
| entrypoint | RemoveCatchments |
POST |
/HR/RemoveCatchments |
RemoveCatchments deletes catchments and resets actor cost based on actor ID... |
| entrypoint | SaveTeamSalaries |
POST |
/HR/SaveTeamSalaries |
SaveTeamSalaries handles an HTTP POST request, loads training and skill data... |
| entrypoint | SaveContinueTeamAddTalent |
POST |
/HR/SaveContinueTeamAddTalent |
The method obtains the project ID from the request or defaults, then fetches... |
| entrypoint | SaveTeamSalariesBenchmark |
POST |
/HR/SaveTeamSalariesBenchmark |
Retrieve project ID and mark team salaries observation as reviewed. |
Query & View Methods¶
| Type | Method | HTTP | URL | Summary |
|---|---|---|---|---|
| entrypoint | Index |
GET |
/HR/Index |
Initialize parameters, filter and sort actors, handle empty actors by... |
| entrypoint | AddTalentPool |
GET |
/HR/AddTalentPool |
Retrieve the current actor's location code and set the actor's name in the view... |
| entrypoint | TrainingNeeds |
GET |
/HR/TrainingNeeds |
Retrieve and filter actor data by CurrentActorId, then load and prepare related... |
| entrypoint | Selection |
GET |
/HR/Selection |
The method handles an HTTP GET request and returns the 'Selection' view with an... |
| entrypoint | Optimise |
GET |
/HR/Optimise |
Filter and optimize actors by team and cost, generate scheduling data, and... |
| entrypoint | OptimiseOnTime |
GET |
/HR/OptimiseOnTime |
Call Optimise method with specific parameters and store result in ViewBag. |
| entrypoint | GetCurrencies |
GET |
/HR/GetCurrencies |
Retrieve actors, initialize currencies with USD and project currency, load... |
Validation & Rules¶
| Type | Method | HTTP | URL | Summary |
|---|---|---|---|---|
| entrypoint | saveTN |
POST |
/HR/saveTN |
The saveTN method handles the process of saving a telephone number with... |
| entrypoint | Supervisors |
GET |
/HR/Supervisors |
Fetch project activities and actors, validate data, process governance... |
| entrypoint | GetTalentPools |
GET |
/HR/GetTalentPools |
Retrieve actors for a project, validate the current actor, then return total... |
Workflow & Routing¶
| Type | Method | HTTP | URL | Summary |
|---|---|---|---|---|
| entrypoint | SupervisorsSalary |
GET |
/HR/SupervisorsSalary |
Initialize actors and project data, process supervisor salaries with currency... |
| entrypoint | SaveRolesDetail |
POST |
/HR/SaveRolesDetail |
Processes POST request to parse, save actor summary, and return JSON response. |
| entrypoint | Competency |
GET |
/HR/Competency |
Process valid CurrentActorId to load actor list, set current actor, load skill... |
| entrypoint | SaveCompetency |
POST |
/HR/SaveCompetency |
SaveCompetency processes POST requests by deserializing form data, saving... |
| entrypoint | SaveContinueCompetency |
POST |
/HR/SaveContinueCompetency |
Processes POST request by deserializing form data, saving competencies, and... |
| entrypoint | SaveContinueSkillMatrix |
POST |
/HR/SaveContinueSkillMatrix |
Process valid JSON with selected skills, aggregate and save them, then return... |
| entrypoint | SaveTalentPool |
POST |
/HR/SaveTalentPool |
SaveTalentPool decodes JSON data, processes it with btnSaveClick, and returns a... |
| entrypoint | SaveTalentPoolForSalary |
POST |
/HR/SaveTalentPoolForSalary |
Process talent and project data from the request, filter actors, save salary... |
| entrypoint | SaveTalentPoolForBenchmark |
POST |
/HR/SaveTalentPoolForBenchmark |
Process talent pool data by decoding input, updating talent and salary info... |
| entrypoint | SaveContinueTalentPool |
POST |
/HR/SaveContinueTalentPool |
SaveContinueTalentPool processes input parameters, aggregates related data, and... |
| entrypoint | TrainingPlan |
GET |
/HR/TrainingPlan |
Manage project actors, load and process training data, optimize talent, and... |
| entrypoint | SaveTrainingNeeds |
POST |
/HR/SaveTrainingNeeds |
SaveTrainingNeeds processes POST requests by saving training needs and... |
| entrypoint | GetSelectedTraings |
GET |
/HR/GetSelectedTraings |
GetSelectedTrainings processes a GET request with a category code, fetches... |
| entrypoint | SaveSupervisors |
POST |
/HR/SaveSupervisors |
Decode JSON data from the request and process each actor in the collection. |
| entrypoint | SaveSpanMag |
POST |
/HR/SaveSpanMag |
SaveSpanMag processes a save operation and returns a JSON response indicating... |
| entrypoint | GetBenchmarkCost |
POST |
/HR/GetBenchmarkCost |
GetBenchmarkCost processes a POST request and extracts the 'actId' form value. |
| entrypoint | SaveBenchmarkCost |
POST |
/HR/SaveBenchmarkCost |
SaveBenchmarkCost processes JSON data from an HTTP POST request and returns a... |
Other Methods¶
| Type | Method | HTTP | URL | Summary |
|---|---|---|---|---|
| entrypoint | JsonDateParse |
GET |
/HR/JsonDateParse |
JsonDateParse replaces all date patterns in the input string with '1900'. |
| entrypoint | TalentPool |
GET |
/HR/TalentPool |
TalentPool retrieves and prepares actor and talent data when given a valid... |
| entrypoint | OptimizeActor |
POST |
/HR/OptimizeActor |
No key flows are defined for the OptimizeActor method. |
| entrypoint | OptimiseOnCost |
GET |
/HR/OptimiseOnCost |
No key flows are defined for the OptimiseOnCost method. |
Associated Screens / Views¶
- Index →
Index(Andromeda.Web\Views\HR\Index.cshtml) - SupervisorsSalary →
SupervisorsSalary(Andromeda.Web\Views\HR\SupervisorsSalary.cshtml) - Competency →
Competency(Andromeda.Web\Views\HR\Competency.cshtml) - TalentPool →
TalentPool(Andromeda.Web\Views\HR\TalentPool.cshtml) - AddTalentPool →
AddTalentPool(Andromeda.Web\Views\HR\AddTalentPool.cshtml) - TrainingNeeds →
TrainingNeeds(Andromeda.Web\Views\HR\TrainingNeeds.cshtml) - TrainingPlan →
TrainingPlan(Andromeda.Web\Views\HR\TrainingPlan.cshtml) - Selection →
Selection(Andromeda.Web\Views\HR\Selection.cshtml) - Supervisors →
Supervisors(Andromeda.Web\Views\HR\Supervisors.cshtml)
Entrypoint Methods¶
Index¶
Summary: Initialize parameters, filter and sort actors, handle empty actors by redirecting, populate view data, and retrieve configuration values.
ActionResult HRController.Index(int? view, int? CurrentPId, string screen, string TeamIds)
Routing
- HTTP:
GET - URL:
/HR/Index
Cross-layer call chain - HRController.Index → Insorce.Helpers.Helpers.getDashboardIdFromCookie - HRController.Index → Insorce.Helpers.Helpers.SetDashboardIdToCookie - HRController.Index → Andromeda.Core.Entities.Actor.GetLocation - Andromeda.Core.Entities.Actor.GetLocation → Andromeda.Core.DataManager.GetData
Call Chain Diagram¶
flowchart TD
Andromeda_Core_DataManager_GetData["Andromeda.Core.DataManager.GetData"]
Andromeda_Core_Entities_Actor_GetLocation["Andromeda.Core.Entities.Actor.GetLocation"]
HRController_Index["HRController.Index"]
Insorce_Helpers_Helpers_SetDashboardIdToCookie["Insorce.Helpers.Helpers.SetDashboardIdToCookie"]
Insorce_Helpers_Helpers_getDashboardIdFromCookie["Insorce.Helpers.Helpers.getDashboardIdFromCookie"]
Andromeda_Core_Entities_Actor_GetLocation --> Andromeda_Core_DataManager_GetData
HRController_Index --> Andromeda_Core_Entities_Actor_GetLocation
HRController_Index --> Insorce_Helpers_Helpers_SetDashboardIdToCookie
HRController_Index --> Insorce_Helpers_Helpers_getDashboardIdFromCookie
View Metadata
- View:
Index(Andromeda.Web\Views\HR\Index.cshtml)
Detailed Analysis
Key Flows - handle empty actors by redirecting - Filter catchments per actor and count for benchmark status - Redirect to ProcessCreation if no actors found
Error Flows - Summary: Redirect to ProcessCreation when no actors are found to prevent errors. - Redirect to ProcessCreation on empty filtered actors list
Performance Issues - Summary: Multiple LINQ operations on large datasets degrade performance and increase memory usage. - Multiple LINQ methods on large datasets degrade filtering and sorting performance - ToList() without null or empty checks causes unnecessary memory usage - Where and Any inside loops slow performance on large datasets
Maintainability Issues - Summary: Replace magic strings with constants, complete code, and improve naming for clarity. - Use named constants or enums instead of magic strings, Remove incomplete and commented-out code sections, Avoid anonymous objects and complex property initializers for readability, Use descriptive variable names, Eliminate incomplete code lines to prevent errors
UX Impact Notes - Summary: Parameters and redirects affect data display and user flow in the Index view. - Parameters 'screen' and 'TeamIds' influence displayed data, Storing flags in ViewData affects UI in subsequent views - Redirect to ProcessCreation page disrupts user flow without explanation
Test Case Ideas - view data setup - and conditional logic. - Empty Actors list handling and redirect to ProcessCreation - Correct setting of ViewData properties including fxRates - Filtering catchments per actor and empty Actors collection handling - IsAnyoneAccReviewed flag initialization and update on account review
Dependencies & Called Services - Summary: Uses core data types, interfaces, and collections for actor and process modeling. - Core data types (Int32, Math), Collection types (Dictionary, Enumerable), Actor and process interfaces (IActorModel, IHRModel, IProcessModel, IProjectModel), Actor class
SupervisorsSalary¶
Summary: Initialize actors and project data, process supervisor salaries with currency handling, and manage flow based on activity presence.
ActionResult HRController.SupervisorsSalary(int? id)
Routing
- HTTP:
GET - URL:
/HR/SupervisorsSalary
View Metadata
- View:
SupervisorsSalary(Andromeda.Web\Views\HR\SupervisorsSalary.cshtml) - Model:
Andromeda.Core.Entities.ActorsSummary
Detailed Analysis
Key Flows - Summary: Initialize actors and project data, process supervisor salaries with currency handling, and manage flow based on activity presence. - Fetch actor summaries and project-related activities - Concatenate currencies and assign final list to actor summaries - Load and assign currency lists to actors and salaries - Redirect to ProcessCreation if no activities exist
Error Flows - Summary: Handle null references - Use of First() without empty check risks InvalidOperationException - Exception handlers suppress errors without logging during currency processing
Security Issues - Summary: No security issues identified in SupervisorsSalary method.
Performance Issues - Summary: Inefficient iteration and repeated method calls degrade performance on large collections. - Inefficient iteration over large collections, Repeated calls to LoadCurrency and LoadCurr inside loops, Multiple enumerations from LINQ operations like ToList, Concat, GroupBy, Select, TakeWhile
Maintainability Issues - Summary: The method uses unclear naming, static dependencies, magic values, and dense LINQ chains, reducing maintainability. - Static Registry class hinders testing and maintenance, Incomplete and malformed code reduces clarity, Magic numbers and strings decrease readability, Dense LINQ method chaining complicates understanding, Unclear and inconsistent variable and method names
UX Impact Notes - Summary: Redirecting users based on activity count disrupts workflow. - User redirection based on activity count
Test Case Ideas - and conditional redirects. - Behavior with zero and non-zero activities count including redirect to ProcessCreation - Redirect to ProcessCreation only under specified condition
Dependencies & Called Services - Summary: Use collection interfaces and model abstractions for data handling and conversion. - Convert utility, Enumerable interface, ICollection interface, IHRModel abstraction, IInfraModel abstraction, IRiskModel abstraction, String type
SaveRolesDetail¶
Summary: Processes POST request to parse, save actor summary, and return JSON response.
ActionResult HRController.SaveRolesDetail()
Routing
- HTTP:
POST - URL:
/HR/SaveRolesDetail
Detailed Analysis
Key Flows - and return JSON response. - Return JSON response
Security Issues - Summary: The method risks deserialization attacks by not validating or sanitizing form data. - Lack of form data validation, Absence of form data sanitization, Exposure to deserialization vulnerabilities
Maintainability Issues - Summary: Avoid magic number indices to improve code clarity and maintainability. - Use named keys instead of magic number indices for form data access
Test Case Ideas - Summary: Test SaveRolesDetail invocation, JSON decoding, and actor summary saving. - Handle various JSON structures in Decode - Invoke SaveRolesDetail on HTTP POST, Save actor summary in SaveActorSummary
Dependencies & Called Services - Summary: SaveRolesDetail depends on HR and IHRModel services. - HR service dependency, IHRModel service dependency
JsonDateParse¶
Summary: JsonDateParse replaces all date patterns in the input string with '1900'.
string HRController.JsonDateParse(string data)
Routing
- HTTP:
GET - URL:
/HR/JsonDateParse
Detailed Analysis
Key Flows - Summary: JsonDateParse replaces all date patterns in the input string with '1900'. - Set regular expression to match date patterns - Return modified string with replaced dates
Security Issues - Summary: Unsanitized input risks regular expression denial of service (ReDoS). - Unsanitized input, Regular expression denial of service (ReDoS) risk
Performance Issues - Summary: JsonDateParse inefficiently processes strings causing slow execution and high memory use. - Creating new Regex object on every call, Iterating over matches with string replacements on large inputs, Repeated string.Replace calls creating many string instances
Maintainability Issues - Summary: Hardcoded patterns and unclear naming reduce flexibility and readability. - Hardcoded regex pattern and options limit date parsing flexibility, Non-descriptive variable names reduce code readability and maintainability, Hardcoded replacement string reduces flexibility and complicates future changes, Incomplete code snippet indicates unclear or partial implementation
Test Case Ideas - Summary: Test performance and correctness of date pattern replacements with large inputs. - Performance testing with large input strings containing many date patterns, Correctness testing of replacement string "1900" applied to all matched date patterns
Dependencies & Called Services - Summary: Uses Regex and String for JSON date parsing. - Regex for pattern matching, String manipulation
Competency¶
Summary: Process valid CurrentActorId to load actor list, set current actor, load skill matrix, retrieve skills, and return view.
ActionResult HRController.Competency(int? CurrentActorId)
Routing
- HTTP:
GET - URL:
/HR/Competency
Cross-layer call chain - HRController.Competency → Andromeda.Core.Constants.GetAllSkills
Call Chain Diagram¶
flowchart TD
Andromeda_Core_Constants_GetAllSkills["Andromeda.Core.Constants.GetAllSkills"]
HRController_Competency["HRController.Competency"]
HRController_Competency --> Andromeda_Core_Constants_GetAllSkills
View Metadata
- View:
Competency(Andromeda.Web\Views\HR\Competency.cshtml) - Model:
IEnumerable<Andromeda.Core.Entities.ActivitySkills>
Detailed Analysis
Key Flows - set current actor - and return view. - Load skill matrix - Set current actor - Return populated view
Error Flows - Summary: Handle null returns and validate CurrentActorId to prevent runtime errors. - Null reference risk from getListOfActors returning null or no matching actor - Incomplete condition checks on CurrentActorId.HasValue causing runtime errors
Security Issues - Summary: Uninitialized variable 'd' risks undefined behavior and security vulnerabilities. - Uninitialized variable 'd', Lack of input validation for 'd'
Performance Issues - Summary: Loading entire actor and skill lists degrades performance with large datasets. - Retrieving all skills via Constants.GetAllSkills() impacts performance with large skill sets
Maintainability Issues - Summary: Improve naming clarity and handle missing data explicitly to enhance maintainability. - Unclear method name 'Competency' and its parameters, Non-descriptive variable name 'myList' for skill matrix data, Malformed condition and unclear variable usage reduce code clarity, Use of FirstOrDefault hides bugs if no matching actor found
UX Impact Notes - Summary: The method's view affects UX based on competency and skill data accuracy. - View depends on prepared data, UX affected by data completeness, UX affected by data correctness
Test Case Ideas - Summary: Verify actor retrieval, project context, skill matrix loading, and correct view data population. - LoadSkillMatrix method call with correct parameters and expected data - View returned with correct ViewBag data including skill set
Dependencies & Called Services - Summary: Uses constants, enumerable utilities, and HR data models. - Constants usage, Enumerable utilities, HR data model integration
SaveCompetencyData¶
Summary: The method aggregates competency data from skills, updates knowledge, and conditionally modifies actor and impact statuses.
void HRController.SaveCompetencyData(List<ActivitySkills> skills)
Routing
- HTTP:
POST - URL:
/HR/SaveCompetencyData
Detailed Analysis
Key Flows - updates knowledge - Calculate count of valid competency elements across skills - Call setIOKnowledge with project ID and aggregated skill data - Update actor and impact statuses if valid competency data exists
Error Flows - Summary: The method lacks error handling and null input checks - Absence of explicit error handling, No null input validation causing NullReferenceExceptions, Presence of incomplete or unclear code risking runtime or compilation errors
Security Issues - Summary: Unvalidated handling of 'b.Skill' by unknown method 'ty' risks security and stability. - Unvalidated input handling of 'b.Skill'
Performance Issues - Summary: Optimize list aggregation and reduce repeated Count and Sum calls to improve performance. - Inefficient memory use from repeated Concat and ToList calls during list aggregation, Performance degradation from multiple Count() and Sum() calls inside loops
Maintainability Issues - Summary: Remove magic numbers and ensure variable declarations for clear, maintainable code. - Use of magic numbers (-1, 2) reduces code clarity, Undeclared or uninitialized variable 'ctId' hinders maintainability, Incomplete and unclear code snippets reduce readability
Test Case Ideas - Summary: Validate SaveCompetencyData handles inputs - Check correct concatenation of business rules - Check accessed properties and methods for validity and error prevention - Validate input list of ActivitySkills with business rules - Validate behavior when b.Skill is valid - Ensure setIOKnowledge is called with correct parameters - Verify UpdateActorStatus - SetImpactStatus - SetCompleteImpactStatus calls when Exists > 0
Dependencies & Called Services - Summary: Convert enumerable IHRModel and IImpactModel data to string format. - Convert enumerable IHRModel data, Convert enumerable IImpactModel data, Convert data to string
SaveCompetency¶
Summary: SaveCompetency processes POST requests by deserializing form data, saving competency and configuration data, then returns a JSON response.
ActionResult HRController.SaveCompetency()
Routing
- HTTP:
POST - URL:
/HR/SaveCompetency
Detailed Analysis
Key Flows - then returns a JSON response. - Return JSON result to client
Security Issues - Summary: Prevent deserialization vulnerabilities when decoding request data. - Deserialization vulnerability in Json.Decode, Unsafe decoding of request form data into ActivitySkills objects
Performance Issues - Summary: Accessing Request.Form[0] causes performance issues with large form submissions. - Inefficient access to Request.Form[0] for large form data
Maintainability Issues - Summary: Using magic number '1' in SaveConfigurationDetails reduces code clarity and maintainability. - Magic number '1' usage in SaveConfigurationDetails, Reduced code clarity and maintainability
UX Impact Notes - Summary: Returning JSON results requires proper client handling to avoid UX issues. - JSON response handling, Potential user flow disruption
Test Case Ideas - Summary: Verify SaveCompetency handles POST requests - Process and save valid competency form data - Restrict SaveCompetency to HTTP POST requests, Persist configuration details after saving competency
Dependencies & Called Services - Summary: SaveCompetency depends on HR and IProcessModel services. - HR service dependency, IProcessModel service dependency
SaveContinueCompetency¶
Summary: Processes POST request by deserializing form data, saving competencies, and returning a redirect URL.
JsonResult HRController.SaveContinueCompetency()
Routing
- HTTP:
POST - URL:
/HR/SaveContinueCompetency
Detailed Analysis
Key Flows - and returning a redirect URL. - Return JsonResult with redirect URL
Error Flows - Summary: Handle deserialization errors to prevent exceptions and data loss. - Deserialization failure on invalid JSON, Exception thrown on unexpected data, Failure to save competency data
Security Issues - Summary: Deserialization vulnerability risks unsafe JSON decoding of form data. - Deserialization vulnerability in System.Web.Helpers.Json.Decode, Unsafe JSON decoding of request form data into ActivitySkills list
Performance Issues - Summary: Accessing form data via Request.Form[0] reduces performance on large requests. - Inefficient form data access using Request.Form[0], Performance impact on large requests
Maintainability Issues - Summary: Replace hardcoded redirect URL with a constant or configuration for maintainability. - Hardcoded redirect URL '/HR/TalentP' reduces maintainability - Use constant or configurable value for redirect URL
UX Impact Notes - Summary: Redirects user to a new page after saving competency data. - JsonResult with redirect URL
Test Case Ideas - Summary: Verify SaveContinueCompetency handles POST requests and saves valid competency data. - Invoke SaveContinueCompetency on HTTP POST, Save competency data successfully - Process valid form data correctly
Dependencies & Called Services - Summary: SaveContinueCompetency depends on HR service. - HR service dependency
SaveSkillMatrixData¶
Summary: Group and save skill sets by activity ID, aggregate skill levels, and update actor job description and status.
void HRController.SaveSkillMatrixData(List<SkillMatrix> skillset)
Routing
- URL:
/HR/SaveSkillMatrixData
Cross-layer call chain - HRController.SaveSkillMatrixData → Andromeda.Web.Views.DataFormatFile.getSkillLevel - Andromeda.Web.Views.DataFormatFile.getSkillLevel → Andromeda.Core.Constants.GetSkill - Andromeda.Web.Views.DataFormatFile.getSkillLevel → Andromeda.Core.Extensions.LinqExtensions.getSkillScore
Call Chain Diagram¶
flowchart TD
Andromeda_Core_Constants_GetSkill["Andromeda.Core.Constants.GetSkill"]
Andromeda_Core_Extensions_LinqExtensions_getSkillScore["Andromeda.Core.Extensions.LinqExtensions.getSkillScore"]
Andromeda_Web_Views_DataFormatFile_getSkillLevel["Andromeda.Web.Views.DataFormatFile.getSkillLevel"]
HRController_SaveSkillMatrixData["HRController.SaveSkillMatrixData"]
Andromeda_Web_Views_DataFormatFile_getSkillLevel --> Andromeda_Core_Constants_GetSkill
Andromeda_Web_Views_DataFormatFile_getSkillLevel --> Andromeda_Core_Extensions_LinqExtensions_getSkillScore
HRController_SaveSkillMatrixData --> Andromeda_Web_Views_DataFormatFile_getSkillLevel
Detailed Analysis
Key Flows - Summary: Group and save skill sets by activity ID - and update actor job description and status. - Group input skills by activity ID and save via SetSkillsets - Set completion status with SetCompleteImpactStatus - Update actor job description with setActorJD - Update actor status with UpdateActorStatus
Error Flows - Summary: Prevent null reference exceptions and fix typographical errors in skill property access. - Null reference exceptions from FirstOrDefault without null checks on skill properties
Security Issues - Summary: No security issues found in SaveSkillMatrixData method.
Performance Issues - Summary: Optimize LINQ usage and string operations to improve performance on large datasets. - Inefficient GroupBy and multiple LINQ operations on large datasets
Maintainability Issues - Summary: The method contains unclear code, poor naming, magic values, complex expressions, and tight coupling. - Undefined methods and incomplete assignments
UX Impact Notes - Summary: Constructs skill summaries and validates inputs to ensure clear - Prevent performance issues in string construction with large skill sets - Validate input strings for whitespace and null values
Test Case Ideas - Summary: Verify SaveSkillMatrixData correctly processes, filters, groups, and formats skill data and calls downstream methods. - Handle multiple activities with same ID and filter skills by level - Handle conditional logic involving empty Output and Input strings - Process skill sets with varied level and skill name combinations - Save skill set data and call SetSkillsets with correct parameters - Call setActorJD - UpdateActorStatus - and SetCompleteImpactStatus appropriately
Dependencies & Called Services - Summary: Uses collections and domain models for skill matrix data processing. - Enumerable for data operations, IHRModel domain interface, IImpactModel domain interface, List collection, String type
SaveSkillMatrix¶
Summary: The method deserializes JSON from a POST request, extracts selected skills, saves them, and returns a JSON response.
ActionResult HRController.SaveSkillMatrix()
Routing
- HTTP:
POST - URL:
/HR/SaveSkillMatrix
Detailed Analysis
Key Flows - and returns a JSON response. - Return JSON response indicating save outcome
Security Issues - Summary: Direct JSON deserialization from request data risks injection attacks. - Unvalidated JSON deserialization
Performance Issues - Summary: Multiple ToList() and Aggregate() calls cause redundant enumerations and degrade performance. - Multiple ToList() calls causing redundant enumerations, Aggregate() calls causing multiple enumerations
Maintainability Issues - Summary: Simplify complex LINQ expression to improve readability and maintainability. - Difficult to maintain skill extraction logic
UX Impact Notes - Summary: Returning JSON response requires proper client-side handling to maintain user flow. - JSON response handling, Client-side user flow impact
Test Case Ideas - and returns JSON. - Return valid JSON response
Dependencies & Called Services - Summary: SaveSkillMatrix method depends on HR service. - HR service dependency
SaveContinueSkillMatrix¶
Summary: Process valid JSON with selected skills, aggregate and save them, then return JSON result; handle zero selected skills by skipping aggregation and saving but still return JSON.
JsonResult HRController.SaveContinueSkillMatrix()
Routing
- HTTP:
POST - URL:
/HR/SaveContinueSkillMatrix
Detailed Analysis
Key Flows - then return JSON result; handle zero selected skills by skipping aggregation and saving but still return JSON. - Return JSON result - Handle zero selected skills by skipping aggregation and save - Process valid JSON with selected skills
Error Flows - Summary: Handle JSON deserialization errors from invalid or malformed request data. - JSON deserialization failure, Invalid or malformed request data
Security Issues - Summary: Avoid JSON deserialization of untrusted request data to prevent security risks. - JSON deserialization vulnerability, Use of System.Web.Helpers.Json.Decode on untrusted data
Performance Issues - Summary: Decoding large form data and using ToList() with Aggregate() degrade performance. - Inefficient use of ToList() and Aggregate() on large datasets
Maintainability Issues - Summary: Remove magic numbers, complete aggregation code, and define all functions for clarity. - Use of magic number in Request.Form access, Incomplete aggregation code causing compilation errors, Undefined 'ta' function reducing code clarity
UX Impact Notes - Summary: Returns JSON response without detailed UX impact explanation. - JSON response return
Test Case Ideas - Summary: Validate SaveContinueSkillMatrix handles various skill selections - and returns JSON. - Ensure method returns JSON result - Handle valid JSON with multiple ActivityWiseSkillMatrix objects
Dependencies & Called Services - Summary: SaveContinueSkillMatrix depends on HR service. - HR service dependency
SaveJobDesc¶
Summary: SaveJobDesc receives a job description, updates the actor's job description and status, and manages impact statuses.
void HRController.SaveJobDesc(string data)
Routing
- HTTP:
POST - URL:
/HR/SaveJobDesc
Detailed Analysis
Key Flows - updates the actor's job description and status - Manage impact statuses with IImpactModel.setcompleteimpactstatus and IImpactModel.setimpactstatus - Update actor job description with IHRModel.setactorjd - Update actor status with IHRModel.updateactorstatus
Maintainability Issues - Summary: Commented-out code and incomplete view data setup reduce maintainability. - Incomplete or mismatched view data setup
UX Impact Notes - Summary: Setting ViewBag properties directly affects job description and actor name display in the UI. - ViewBag properties for job descriptions, ViewBag properties for actor names, Direct impact on UI rendering, Potential UX issues from improper handling
Test Case Ideas - and ViewBag property assignments. - Ensure commented-out attribute does not affect code functionality, Confirm correct retrieval and saving of job description for current actor - Validate ViewBag properties for JobDesc and ActorName
Dependencies & Called Services - Summary: SaveJobDesc uses IHRModel and IImpactModel services. - IHRModel service usage, IImpactModel service usage
SaveJD¶
Summary: SaveJD receives a job description via POST, saves it, and updates ViewBag with details.
ActionResult HRController.SaveJD(string JobDesc)
Routing
- HTTP:
POST - URL:
/HR/SaveJD
Detailed Analysis
Key Flows - and updates ViewBag with details. - Set ViewBag with job description and actor name
Error Flows - Summary: SaveJD lacks error handling for SaveJobDesc failures. - No error handling for SaveJobDesc result, Undetected failures in saving job description
Security Issues - Summary: Disabling request validation exposes the application to XSS attacks. - Use of ValidateInput(false) disables request validation
Maintainability Issues - Summary: No maintainability issues identified.
UX Impact Notes - Summary: Redirect user to job description view with actor name after saving. - Display job description and actor name, Provide immediate save feedback - Redirect to job description view
Test Case Ideas - Summary: Verify successful job description saving and correct view rendering with proper ViewBag settings. - Save valid job description string, Render view with correct ViewBag properties after saving
Dependencies & Called Services - Summary: SaveJD method depends on HR service. - HR service dependency
SaveContinueJD¶
Summary: Receives job description via POST and saves it using SaveJobDesc method.
JsonResult HRController.SaveContinueJD(string JobDesc)
Routing
- HTTP:
POST - URL:
/HR/SaveContinueJD
Detailed Analysis
Key Flows - Summary: Receives job description via POST and saves it using SaveJobDesc method. - Assign input to local variable
Security Issues - Summary: Disabling request validation exposes the method to malicious input. - Disabled request validation via ValidateInput(false)
Maintainability Issues - Summary: Rename SaveContinueJD to clearly reflect its purpose for better maintainability. - Unclear method name reduces code readability and maintainability
UX Impact Notes - Summary: Returning JsonResult enables dynamic UI updates and redirection. - Dynamic UI updates - UI redirection based on JSON response
Test Case Ideas - Summary: Verify SaveContinueJD handles POST requests - and returns JsonResult. - Return JsonResult - Handle HTTP POST requests
Dependencies & Called Services - Summary: Uses HR service for job description continuation. - HR service dependency
TalentPool¶
Summary: TalentPool retrieves and prepares actor and talent data when given a valid CurrentActorId.
ActionResult HRController.TalentPool(int? CurrentActorId)
Routing
- HTTP:
GET - URL:
/HR/TalentPool
View Metadata
- View:
TalentPool(Andromeda.Web\Views\HR\TalentPool.cshtml) - Model:
Andromeda.Core.Entities.TalentPools
Detailed Analysis
Key Flows - Summary: TalentPool retrieves and prepares actor and talent data when given a valid CurrentActorId. - Load talent pool data, Load policies and skill levels - Set current actor
Error Flows - Summary: Fix incomplete method calls and conditional statements to prevent compilation and runtime errors. - Incomplete or typoed method call causing compilation errors, Truncated conditional statements causing runtime errors or unexpected behavior
Security Issues - Summary: Prevent SQL injection by sanitizing inputs and validate CurrentActorId securely. - SQL injection risk from unsanitized projectId and ActorId, Lack of validation for CurrentActorId parameter
Performance Issues - Summary: Inefficient list operations degrade performance on large datasets. - Use of Distinct and GroupBy on large datasets - Use of ToList() on large manually entered salary datasets
Maintainability Issues - Summary: Incomplete code, unclear LINQ queries, magic strings, and obfuscated conditionals reduce maintainability. - Incomplete or truncated code blocks, Anonymous types in LINQ reduce clarity, Magic string usage for view name, Obfuscated or incomplete conditional statements
UX Impact Notes - Summary: Prepares and assigns data to ViewBag and ViewData - Assign TagsList to ViewBag for tag-related UI elements - Return 'Tal' view to render user interface
Test Case Ideas - Summary: Verify actor retrieval, data processing, salary filtering, and view rendering correctness. - Empty actor list handles no actors found gracefully - Distinct and GroupBy LINQ operations process large datasets correctly - Manually entered salaries filter and assign correctly to ViewData - View 'Tal' returns with expected ViewBag and ViewData properties
Dependencies & Called Services - Summary: Uses data conversion, enumeration, HR model interface, and string manipulation. - Data conversion utilities, Enumeration handling, HR model interface, String manipulation
btnSaveClick¶
Summary: Calculate and save skill and benchmark costs, save talent pools, and update project impact statuses.
decimal HRController.btnSaveClick(List<Catchment> List, int ActId, int currentProjectId)
Routing
- URL:
/HR/btnSaveClick
Detailed Analysis
Key Flows - and update project impact statuses. - Calculate average salary and save skill cost - Save benchmark costs for Low, Medium, High categories, Save talent pools with ActId and currentProjectId - Update impact and complete impact statuses for current project
Error Flows - Summary: Handle null or empty lists to prevent runtime errors and ensure complete conditionals. - Null reference exceptions from accessing null or empty lists, Runtime errors from incomplete or truncated conditional statements
Security Issues - Summary: No security issues identified in the btnSaveClick method.
Performance Issues - Summary: Optimize list operations and reduce repeated method calls to improve performance. - Frequent calls to SetCompleteImpactStatus affecting performance
Maintainability Issues - Summary: Method naming, magic strings, unclear variables, and incomplete code reduce maintainability. - Method named like action but marked NonAction causing confusion, Use of magic strings for cost categories, Variable names lack clarity and descriptiveness, Incomplete and truncated code snippets, Commented out code indicating unfinished or deprecated features
UX Impact Notes - Summary: No user experience impact detected from the code. - No user interface changes, No user feedback or notifications
Test Case Ideas - and proper calls with various Catchment list scenarios. - Evaluate performance with large Catchment list - Verify SetImpactStatus and SetCompleteImpactStatus calls with correct parameters - Identify elements with ForBench property set - Verify correct access or setting of NavigationURI.HR.JDs property - Handle valid non-empty Catchment list - Handle empty Catchment list - Handle single-element Catchment list - Handle absence of skill cost items in list - Validate average salary calculation for benchmarks
Dependencies & Called Services - Summary: Uses models and enumerable collections for data handling in btnSaveClick. - Enumerable collections, IActorModel interface, IHRModel interface, IImpactModel interface
SaveTalentPool¶
Summary: SaveTalentPool decodes JSON data, processes it with btnSaveClick, and returns a redirect JsonResult.
JsonResult HRController.SaveTalentPool()
Routing
- HTTP:
POST - URL:
/HR/SaveTalentPool
Detailed Analysis
Key Flows - and returns a redirect JsonResult. - Decode JSON into list of Catchment objects - Return JsonResult with redirect path
Security Issues - Summary: Direct JSON deserialization from request data risks injection attacks. - Direct JSON deserialization from Request.Form without validation, Lack of input sanitization before JSON decoding
Maintainability Issues - Summary: No maintainability issues identified in SaveTalentPool method.
UX Impact Notes - Summary: Returns JsonResult with redirect path requiring client-side handling for navigation. - JsonResult return with redirect path
Test Case Ideas - and returns correct JsonResult. - Handle malformed or missing JSON data errors - Decode valid JSON from Request.Form data into Catchment list - Return JsonResult with expected redirect path
Dependencies & Called Services - Summary: SaveTalentPool method depends on HR service. - HR service dependency
SaveTalentPoolForSalary¶
Summary: Process talent and project data from the request, filter actors, save salary info, and continue talent pool workflow.
JsonResult HRController.SaveTalentPoolForSalary()
Routing
- HTTP:
POST - URL:
/HR/SaveTalentPoolForSalary
Detailed Analysis
Key Flows - Summary: Process talent and project data from the request, filter actors, save salary info, and continue talent pool workflow. - Check talent categories against Talents collection - Retrieve and filter actor catchments by conditions - Continue talent pool process with SaveContinueTalentPool and return result
Error Flows - Summary: Handle conversion and JSON errors; validate and sanitize form data to prevent runtime exceptions and tampering. - Missing exception handling for Convert.ToInt32 and JSON decoding errors, Lack of validation and sanitization of request form data
Security Issues - Summary: Method risks SQL injection and malformed input due to lack of validation and error handling. - SQL injection risk from unvalidated request form data
Performance Issues - Summary: Iterating Talents with FirstOrDefault causes performance issues on large collections. - Inefficient iteration over Talents collection, Costly FirstOrDefault usage on large data
Maintainability Issues - Summary: Replace magic strings and unclear variable names; reduce tight coupling for easier maintenance. - Use named constants instead of magic strings, Clarify or correct unclear variable names, Decouple tightly coupled methods and objects
Test Case Ideas - conditional logic - Confirm btnSaveClick returns expected results with valid inputs - Verify SaveContinueTalentPool returns expected JsonResult - Validate behavior for true and false catExist values
Dependencies & Called Services - Summary: Uses HR and actor models with enumerable conversion for talent pool salary saving. - Enumerable conversion, HR model usage, Actor model usage
SaveTalentPoolForBenchmark¶
Summary: Process talent pool data by decoding input, updating talent and salary info, saving skill costs, and returning success.
JsonResult HRController.SaveTalentPoolForBenchmark()
Routing
- HTTP:
POST - URL:
/HR/SaveTalentPoolForBenchmark
Detailed Analysis
Key Flows - and returning success. - Fetch and filter actor catchments - Iterate and update or add talent entries with salary adjustments - Return successful JsonResult
Error Flows - Summary: Handle conversion errors and prevent division by zero in salary calculations. - Lack of error handling for Convert.ToInt32 on form data, Division by zero risk when sum of min and max salaries is zero
Security Issues - Summary: Direct use of unvalidated request form data risks SQL injection and data tampering. - Unvalidated request form data
Performance Issues - Summary: FirstOrDefault causes linear search on large collections; lack of error handling reduces reliability. - FirstOrDefault causes linear search on large Talents collection, Multiple sequential method calls lack error handling
Maintainability Issues - Summary: Replace magic strings and unclear variable names; reduce tight coupling and add comments. - Add comments explaining key logic steps
Test Case Ideas - property settings - Calculate average salary with edge cases - Identify existing talents by catchment code - Set Mark property correctly under conditions - Return expected salary values from btnSaveClick - Handle empty Talents collection
Dependencies & Called Services - Summary: Uses HR and actor models with enumerable conversion for talent pool benchmarking. - HR model usage, Actor model usage, Enumerable conversion
SaveContinueTalentPool¶
Summary: SaveContinueTalentPool processes input parameters, aggregates related data, and returns it as JSON.
JsonResult HRController.SaveContinueTalentPool(int currentProjectId, dynamic act, decimal salary)
Routing
- HTTP:
POST - URL:
/HR/SaveContinueTalentPool
Detailed Analysis
Key Flows - and returns it as JSON. - Return aggregated data as JSON result
Error Flows - Summary: Handle input validation errors and database connection failures explicitly. - Invalid input errors from unvalidated dynamic 'act' parameter
Security Issues - Summary: Dynamic typing of 'act' risks security without proper validation and sanitization. - Dynamic typing of 'act' parameter, Lack of input validation and sanitization
Performance Issues - Summary: Multiple database queries and LINQ operations degrade performance under heavy load. - Poor scalability with large data sets
Maintainability Issues - Summary: The method's complexity and use of anonymous and dynamic types reduce maintainability. - Complex and dense code with many variables and operations, Use of anonymous types and dynamic typing reduces code clarity
UX Impact Notes - Summary: Ensure correct JSON formatting to prevent user experience issues. - JSON result for web/API consumption, Proper data formatting, Error handling to avoid UX impact
Test Case Ideas - Summary: Verify SaveContinueTalentPool handles POST requests - returns correct data - Handle large data sets and concurrent requests efficiently - Return expected aggregated data for valid inputs
Dependencies & Called Services - Summary: Uses collections, data models, and basic utilities for data handling. - Enumerable for collection operations, IHRModel for data modeling, List for data storage, Math for calculations, String for text manipulation
AddTalentPool¶
Summary: Retrieve the current actor's location code and set the actor's name in the view context.
ActionResult HRController.AddTalentPool()
Routing
- HTTP:
GET - URL:
/HR/AddTalentPool
View Metadata
- View:
AddTalentPool(Andromeda.Web\Views\HR\AddTalentPool.cshtml) - Model:
Andromeda.Core.Entities.TalentPools
Detailed Analysis
Key Flows - Summary: Retrieve the current actor's location code and set the actor's name in the view context. - Set current actor's name into ViewBag.ActorName
Performance Issues - Summary: Using Count() in a loop causes multiple enumerations, degrading performance. - Count() method in loop, Multiple enumerations of Tags collection
Maintainability Issues - Summary: Incomplete and poorly formatted code reduces readability and maintainability. - Incomplete code chunk, Poor code formatting
UX Impact Notes - Summary: Displays the AddTalentPool form, affecting user flow. - Display AddTalentPool form, Impact user flow
Test Case Ideas - view return - and ViewBag property setting. - Successful AddTalentPool view return - Correct ViewBag.ActorName property setting
Dependencies & Called Services - Summary: Uses collections and data models for talent pool management. - Enumerable for collection operations, IHRModel for data modeling, List for data storage
SaveContinueAddTalent¶
Summary: Decode form data to create a Catchment object, save it if valid, and return a success URL in JSON.
JsonResult HRController.SaveContinueAddTalent()
Routing
- HTTP:
POST - URL:
/HR/SaveContinueAddTalent
Detailed Analysis
Key Flows - Summary: Decode form data to create a Catchment object - and return a success URL in JSON. - Decode and unescape form data into Catchment object - Save Catchment with actor ID if valid and status >= 0 - Return JSON response with success URL
Error Flows - Summary: Validate input fields and return JSON with alternate URL on failure. - Return JSON response with alternate URL on validation failure
Security Issues - Summary: Prevent deserialization attacks from unsafe JSON decoding. - Deserialization vulnerability via System.Web.Helpers.Json.Decode
Maintainability Issues - Summary: Remove magic strings and simplify complex conditionals to improve code clarity and maintainability. - Use of magic strings in Request.Form keys, Use of magic strings in JSON response URLs, Long, complex conditional statements for input validation, Incomplete code fragments reducing clarity
UX Impact Notes - Summary: Validation failures block SaveContinueAddTalent action and JSON URL responses redirect users. - JSON responses with URLs redirect users
Test Case Ideas - Summary: Verify form data decoding, object population, validation, method calls, and successful execution. - Populate Catchment object with form data - Call CatchmentSet with correct parameters for st >= 0 - Validate negative integer inputs
Dependencies & Called Services - Summary: Convert IHRModel to Int32, String, and Uri types for service calls. - Convert IHRModel, Convert to Int32, Convert to String, Convert to Uri
TrainingNeeds¶
Summary: Retrieve and filter actor data by CurrentActorId, then load and prepare related training details for display.
ActionResult HRController.TrainingNeeds(int? CurrentActorId)
Routing
- HTTP:
GET - URL:
/HR/TrainingNeeds
View Metadata
- View:
TrainingNeeds(Andromeda.Web\Views\HR\TrainingNeeds.cshtml) - Model:
IEnumerable<Andromeda.Core.Entities.Catchment>
Detailed Analysis
Key Flows - Summary: Retrieve and filter actor data by CurrentActorId, then load and prepare related training details for display. - Load catchment trainings - Retrieve actors list and filter by CurrentActorId, Filter and select distinct control training details for view preparation
Error Flows - Summary: Handle missing or invalid CurrentActorId to prevent exceptions and logic errors. - Missing CurrentActorId in actor list causing exceptions or null assignment - Malformed conditional checking CurrentActorId causing unexpected behavior
Security Issues - Summary: Prevent SQL injection by sanitizing projectId and ActorId before model usage. - SQL injection risk from unsanitized projectId, SQL injection risk from unsanitized Registry.CurrentActor.ActorId
Performance Issues - Summary: Reduce database calls and avoid loading entire actor list into memory for filtering. - Loading entire actor list into memory before filtering is inefficient for large datasets - Multiple database calls in one method degrade performance under load
Maintainability Issues - Summary: The method's complexity and malformed conditionals reduce maintainability and testability. - High cyclomatic complexity with multiple distinct operations, Incomplete or malformed conditional statements, Code formatting issues reducing readability
UX Impact Notes - Summary: Data retrieval or processing issues degrade user experience in views. - Data retrieval issues, Data processing issues, Negative impact on user experience
Test Case Ideas - Summary: Verify data retrieval, conditional branches, correctness, and performance under load. - Valid CurrentActorId data retrieval and assignment
Dependencies & Called Services - Summary: Uses data conversion and collection types for training needs processing. - Data conversion utilities, Enumerable collections, IHRModel data model, List collection, String manipulation
TrainingPlan¶
Summary: Manage project actors, load and process training data, optimize talent, and handle currency settings.
ActionResult HRController.TrainingPlan(int? CurrentActorId)
Routing
- HTTP:
GET - URL:
/HR/TrainingPlan
View Metadata
- View:
TrainingPlan(Andromeda.Web\Views\HR\TrainingPlan.cshtml) - Model:
IEnumerable<Andromeda.Core.Entities.CatchmentTraining>
Detailed Analysis
Key Flows - and handle currency settings. - Calculate training cost metrics from salary data with rounding - Load training-related datasets: catchments - set default codes - Redirect if Id parameter is zero - Set current actor by matching ActorId
Error Flows - Summary: Fix incomplete code and null references to prevent compilation and runtime errors. - Incomplete and incorrect code causing compilation errors, Null reference risks from idpointRounding and Registry.CurrentActor, Truncated code leading to runtime failures
Security Issues - Summary: Fix SQL injection risks and syntax errors to ensure secure, reliable code. - SQL injection vulnerability in LoadInput, LoadOutput, and LoadBRule due to unsanitized projectId and ActorId, Syntax errors causing unexpected behavior and security risks
Performance Issues - Summary: Optimize data queries and collection operations to reduce memory use and redundant processing. - Loading currency data inside loops triggers multiple database calls - ToList() degrade performance on large data sets - Repeated model.GetCatchmentTrainings calls cause redundant database queries
Maintainability Issues - Summary: Tight coupling, unclear code, and poor naming reduce maintainability and testability. - Tight coupling with Registry and model classes, Incomplete and syntactically incorrect code fragments, Use of magic strings and magic numbers, Typo and unclear variable names, Repeated method calls without variable extraction, Complex anonymous types and LINQ queries, Incomplete or malformed conditional statements
UX Impact Notes - Summary: Redirect on zero Id disrupts navigation; ViewBag data shapes training plan UI. - Redirect on zero Id disrupts user navigation - ViewBag properties populate training and currency data, Training and currency data influence UI presentation
Test Case Ideas - Summary: Verify data retrieval, calculations, method calls, currency handling, and ViewBag population in TrainingPlan. - HighCost with varied teamCatchments data - Handle currency defaults - Load and filter catchments - Return list of actors for valid project ID - Set current actor based on ActorId match
Dependencies & Called Services - Summary: Uses data conversion, collection handling, mathematical operations, and string manipulation. - Data conversion utilities, Collection handling interfaces and classes, Mathematical functions, String manipulation
SaveTP¶
Summary: SaveTP deserializes JSON training plans from POST requests and saves them for the current project and actor.
void HRController.SaveTP()
Routing
- HTTP:
POST - URL:
/HR/SaveTP
Detailed Analysis
Key Flows - Summary: SaveTP deserializes JSON training plans from POST requests and saves them for the current project and actor. - Deserialize JSON training plans from request, Save training plans using model for current project and actor
Error Flows - Summary: SaveTP lacks explicit exception handling for JSON deserialization and saving errors. - Missing exception handling during JSON deserialization, Missing exception handling during training plan saving
Security Issues - Summary: Prevent JSON deserialization attacks by validating input before decoding. - JSON deserialization vulnerability, Lack of input validation before Json.Decode
Performance Issues - Summary: No performance issues identified in SaveTP method.
Maintainability Issues - Summary: Commented out code reduces maintainability by indicating dead or incomplete functionality. - Commented out code indicating dead or incomplete functionality
Test Case Ideas - Summary: Verify SaveTP handles HTTP POST and saves valid training plans correctly. - Save training plans with valid project ID and CatchmentTraining objects
Dependencies & Called Services - Summary: SaveTP method depends on IHRModel service. - IHRModel service dependency
SaveTrainingPlan¶
Summary: SaveTrainingPlan handles POST requests, saves the training plan, and returns updated trainings as JSON.
JsonResult HRController.SaveTrainingPlan(FormCollection frm)
Routing
- HTTP:
POST - URL:
/HR/SaveTrainingPlan
Detailed Analysis
Key Flows - Summary: SaveTrainingPlan handles POST requests - and returns updated trainings as JSON. - Retrieve current actor's trainings via GetCatchmentTrainings - Return trainings list as JSON response - Handle HTTP POST request
Error Flows - Summary: Handle errors explicitly and fix return statement typo to prevent failures. - Lack of explicit error handling for SaveTP and GetCatchmentTrainings failures - Return statement typo causing compilation error
Security Issues - Summary: SaveTrainingPlan exposes training data without authorization checks. - Lack of authorization checks
Performance Issues - Summary: Sequential SaveTP and GetCatchmentTrainings calls cause performance bottlenecks. - Sequential SaveTP and GetCatchmentTrainings calls
Maintainability Issues - Summary: Method mixes saving and retrieving training plans, contains a typo causing compilation errors. - Typo in return statement causing compilation errors
UX Impact Notes - Summary: Returns JSON for AJAX or API use - JSON response format, Supports asynchronous user interactions
Test Case Ideas - Summary: Verify SaveTrainingPlan saves data via POST and returns correct training list without errors. - Handle return statement typo to prevent compilation errors - Return correct training list for current actor
Dependencies & Called Services - Summary: SaveTrainingPlan uses HR and IHRModel services for data handling. - HR service dependency, IHRModel service dependency
Selection¶
Summary: The method handles an HTTP GET request and returns the 'Selection' view with an empty CatchmentSummary list.
ActionResult HRController.Selection()
Routing
- HTTP:
GET - URL:
/HR/Selection
View Metadata
- View:
Selection(Andromeda.Web\Views\HR\Selection.cshtml) - Model:
IEnumerable<Andromeda.Core.Entities.CatchmentSummary>
Detailed Analysis
Key Flows - Summary: The method handles an HTTP GET request and returns the 'Selection' view with an empty CatchmentSummary list. - Create empty CatchmentSummary list - Return 'Selection' view with empty list model
Maintainability Issues - Summary: Commented out code indicates incomplete implementation, reducing maintainability. - Commented out code indicating incomplete implementation
UX Impact Notes - Summary: Users see an empty 'Selection' view, potentially causing confusion. - Empty 'Selection' view rendering, Potential user confusion due to missing data
Test Case Ideas - Summary: Verify HTTP GET routing and empty CatchmentSummary list in Selection view. - Return Selection view with empty CatchmentSummary list
OptimizeActor¶
Summary: No key flows are defined for the OptimizeActor method.
JsonResult HRController.OptimizeActor()
Routing
- HTTP:
POST - URL:
/HR/OptimizeActor
Detailed Analysis
Key Flows - Summary: No key flows are defined for the OptimizeActor method.
Error Flows - Summary: Handle exceptions from JSON deserialization - Exceptions from invalid JSON deserialization, Exceptions from invalid numeric conversion of optimization flag, Null reference exceptions from missing form data or keys
Security Issues - Summary: Fix JSON deserialization and XSS vulnerabilities in OptimizeActor method. - Unvalidated JSON deserialization from request form data
Performance Issues - Summary: Avoid dynamic typing for optimization results to improve performance. - Dynamic typing causes runtime type checking overhead
Maintainability Issues - Summary: Improve naming, remove magic numbers, avoid dynamic types, and fix syntax errors for maintainability. - Unclear and inconsistent method and variable naming, Use of magic numbers in flag comparisons, Use of dynamic types complicating debugging, Incomplete and incorrect code syntax
UX Impact Notes - Summary: Displaying unsanitized implementation details risks harming user experience. - Exposure of implementation details to users, Lack of proper sanitization, Negative impact on user experience
Test Case Ideas - Summary: Test OptimizeActor with valid JSON input and verify OptimizeByActor output correctness. - Handle valid JSON input for Actor object - Verify OptimizeByActor returns expected results for various inputs
Dependencies & Called Services - Summary: OptimizeActor uses data conversion, enumeration, HR and actor models, math, and string operations. - Data conversion utilities, Enumerable collections, HR domain models, Actor interface models, Mathematical functions, String manipulation
Optimise¶
Summary: Filter and optimize actors by team and cost, generate scheduling data, and prepare project impact and trade-off views.
List<CatchmentSummary> HRController.Optimise(short OptimiseOnCost, int? CurrentPId, string TeamIds)
Routing
- HTTP:
GET - URL:
/HR/Optimise
Cross-layer call chain - HRController.Optimise → Andromeda.Core.Entities.Gantt.HourlyEffortByActor - HRController.Optimise → Andromeda.Core.Entities.Actor.GetLocation - Andromeda.Core.Entities.Gantt.HourlyEffortByActor → Andromeda.Core.Entities.Sched.GetHourEffort - Andromeda.Core.Entities.Gantt.HourlyEffortByActor → Andromeda.Core.Entities.Sched.StartTimeHour - Andromeda.Core.Entities.Actor.GetLocation → Andromeda.Core.DataManager.GetData
Call Chain Diagram¶
flowchart TD
Andromeda_Core_DataManager_GetData["Andromeda.Core.DataManager.GetData"]
Andromeda_Core_Entities_Actor_GetLocation["Andromeda.Core.Entities.Actor.GetLocation"]
Andromeda_Core_Entities_Gantt_HourlyEffortByActor["Andromeda.Core.Entities.Gantt.HourlyEffortByActor"]
Andromeda_Core_Entities_Sched_GetHourEffort["Andromeda.Core.Entities.Sched.GetHourEffort"]
Andromeda_Core_Entities_Sched_StartTimeHour["Andromeda.Core.Entities.Sched.StartTimeHour"]
HRController_Optimise["HRController.Optimise"]
Andromeda_Core_Entities_Actor_GetLocation --> Andromeda_Core_DataManager_GetData
Andromeda_Core_Entities_Gantt_HourlyEffortByActor --> Andromeda_Core_Entities_Sched_GetHourEffort
Andromeda_Core_Entities_Gantt_HourlyEffortByActor --> Andromeda_Core_Entities_Sched_StartTimeHour
HRController_Optimise --> Andromeda_Core_Entities_Actor_GetLocation
HRController_Optimise --> Andromeda_Core_Entities_Gantt_HourlyEffortByActor
Detailed Analysis
Key Flows - Summary: Filter and optimize actors by team and cost, generate scheduling data, and prepare project impact and trade-off views. - Set project impact status in views - Update actor cost properties based on salary data
Error Flows - Summary: No error flows defined for optimisation method.
Security Issues - Summary: Storing sensitive actor data in TempData risks unauthorized information disclosure. - Sensitive actor data stored in TempData, Risk of unauthorized access to TempData
Performance Issues - Summary: Optimize data retrieval, filtering, and repeated method calls to improve performance. - Slow projection with multiple null checks on large collections
Maintainability Issues - Summary: Code suffers from tight coupling, inconsistent naming, unclear dependencies, and incomplete implementation. - Tight coupling to multiple models complicates maintenance, Inconsistent variable naming violates standards, Typo in method call causes errors, Dynamic typing and commented-out code indicate incomplete implementation, Unclear dependencies from multiple method calls reduce understandability, Complex anonymous object projections harm readability and maintainability
UX Impact Notes - Summary: TempData storage and project impact status affect user flows and views. - TempData storage affects user experience across application, Project impact status influences HR review and actors summary views
Test Case Ideas - Summary: Validate correct data filtering - and accurate output assignments. - Correct catchment summaries based on inputs - Performance with large datasets for actors - Salaries method invocation and TempData assignment - Correct impact status setting in project views - Foreign exchange rate retrieval and ViewData assignment
Dependencies & Called Services - Summary: Uses core data types, collections, interfaces, and domain-specific models. - Core data types: Int32, String, Collections: List, Enumerable, Domain interfaces: IActorModel, IHRModel, IImpactModel, Domain classes: Actor, Gantt
OptimiseOnCost¶
Summary: No key flows are defined for the OptimiseOnCost method.
ActionResult HRController.OptimiseOnCost()
Routing
- HTTP:
GET - URL:
/HR/OptimiseOnCost
Detailed Analysis
Key Flows - Summary: No key flows are defined for the OptimiseOnCost method.
Error Flows - Summary: No error flows defined for OptimiseOnCost method.
Security Issues - Summary: No security issues identified in OptimiseOnCost method.
Maintainability Issues - Summary: Replace magic string with constant and complete code for better maintainability. - Use constant instead of magic string 'cost', Complete all code sections for clarity
UX Impact Notes - Summary: Displays optimization results and implementation plan messages to the user. - Set ViewData to show implementation plan or optimization messages
Test Case Ideas - and correct ViewData setup. - Set ViewData correctly after implementation plan creation
Dependencies & Called Services - Summary: Uses HR service, IActorModel interface, and String type dependencies. - HR service dependency, IActorModel interface dependency, String type usage
OptimiseOnTime¶
Summary: Call Optimise method with specific parameters and store result in ViewBag.
ActionResult HRController.OptimiseOnTime()
Routing
- HTTP:
GET - URL:
/HR/OptimiseOnTime
Detailed Analysis
Key Flows - Summary: Call Optimise method with specific parameters and store result in ViewBag. - Call Optimise method with parameters (2, Registry.CurrentProjectId, ""), Store result in ViewBag.OptimizeResult
Maintainability Issues - and complete return statements. - Incomplete return statement causing compilation errors
UX Impact Notes - Summary: Sets 'screen' in ViewData to control rendered view and affect user experience. - Set 'screen' variable in ViewData
Test Case Ideas - Summary: Verify method calls with correct parameters and proper view and ViewBag results. - Set ViewBag.OptimizeResult correctly - Call CreateImplementationPlan with correct parameters - Return expected view
Dependencies & Called Services - Summary: Uses HR service, IActorModel interface, and String type dependencies. - HR service dependency, IActorModel interface usage, String type usage
SaveTrainingNeeds¶
Summary: SaveTrainingNeeds processes POST requests by saving training needs and returning a JSON response.
JsonResult HRController.SaveTrainingNeeds(FormCollection frm)
Routing
- HTTP:
POST - URL:
/HR/SaveTrainingNeeds
Detailed Analysis
Key Flows - Summary: SaveTrainingNeeds processes POST requests by saving training needs and returning a JSON response. - Return JsonResult response to client
Error Flows - Summary: The method lacks error handling and returns an undefined variable causing runtime errors. - Returning undefined variable 'tru' causes runtime or compilation errors
Maintainability Issues - Summary: Remove unused parameters and define all variables to prevent compilation errors. - Undefined variable 'tru' causes compilation errors, Unused FormCollection parameter 'frm' indicates dead code
Test Case Ideas - Summary: Verify SaveTrainingNeeds calls saveTN and returns JsonResult on HTTP POST with varied inputs. - Handle varied FormCollection inputs without failure - Return JsonResult response
Dependencies & Called Services - Summary: SaveTrainingNeeds method depends on HR service. - HR service dependency
saveTN¶
Summary: The saveTN method handles the process of saving a telephone number with validation and persistence.
void HRController.saveTN()
Routing
- HTTP:
POST - URL:
/HR/saveTN
Detailed Analysis
Key Flows - Summary: The saveTN method handles the process of saving a telephone number with validation and persistence. - Handle save operation errors - Persist telephone number to database, Confirm successful save to user - Validate telephone number format
Security Issues - Summary: No security issues identified in saveTN method.
Maintainability Issues - Summary: Tight coupling with Registry and model dependencies reduces flexibility and complicates testing. - Tight coupling with Registry class, Strong model dependencies, Reduced flexibility, Complicated testing and future changes
Test Case Ideas - and impact status update on POST. - Invoke saveTN method on HTTP POST, Save training needs for valid project ID - Update impact status after saving training needs
Dependencies & Called Services - Summary: saveTN method depends on IHRModel and IImpactModel services. - Dependency on IHRModel service, Dependency on IImpactModel service
GetSelectedTraings¶
Summary: GetSelectedTrainings processes a GET request with a category code, fetches trainings for the user, and returns them as JSON.
JsonResult HRController.GetSelectedTraings(string CatCode)
Routing
- HTTP:
GET - URL:
/HR/GetSelectedTraings
Detailed Analysis
Key Flows - and returns them as JSON. - Call GetCatchmentTrainings with actor ID and category code - Return trainings list as JSON response
Error Flows - Summary: Handle invalid 'CatCode' parameter conversion to prevent exceptions. - Invalid 'CatCode' parameter conversion, Lack of explicit error handling for conversion
Security Issues - Summary: Sanitize 'CatCode' to prevent SQL injection in GetSelectedTrainings. - SQL injection risk from unsanitized 'CatCode'
Performance Issues - Summary: GetSelectedTrainings risks poor performance if GetCatchmentTrainings handles large datasets inefficiently. - Unoptimized GetCatchmentTrainings method for large datasets
Maintainability Issues - Summary: Correct variable name typo to improve code clarity. - Typo in variable name 'OldLis' instead of 'OldList'
Test Case Ideas - and large dataset performance. - Handle HTTP GET requests correctly - Evaluate performance with large datasets
Dependencies & Called Services - Summary: Uses IHRModel conversion service. - IHRModel conversion
Supervisors¶
Summary: Fetch project activities and actors, validate data, process governance relationships, and build control and handoff lookups.
ActionResult HRController.Supervisors()
Routing
- HTTP:
GET - URL:
/HR/Supervisors
Cross-layer call chain - HRController.Supervisors → Andromeda.Core.Services.ProcessExtensions.FindByID
Call Chain Diagram¶
flowchart TD
Andromeda_Core_Services_ProcessExtensions_FindByID["Andromeda.Core.Services.ProcessExtensions.FindByID"]
HRController_Supervisors["HRController.Supervisors"]
HRController_Supervisors --> Andromeda_Core_Services_ProcessExtensions_FindByID
View Metadata
- View:
Supervisors(Andromeda.Web\Views\HR\Supervisors.cshtml)
Detailed Analysis
Key Flows - validate data - Fetch governance matrix and remove unmatched entries - Redirect to ProcessCreation if no activities found - Iterate actors to create governance matrix objects and control dictionaries
Error Flows - Summary: Prevent null reference exceptions and fix incomplete code to avoid runtime errors. - Null reference exceptions from unchecked collections
Performance Issues - Summary: Optimize data access and resource management to improve performance on large datasets. - Multiple Count() and Where() on large datasets degrade performance
Maintainability Issues - Summary: Code suffers from syntax errors, tight coupling, unclear constants, and poor readability. - Syntax errors and incomplete code fragments, Use of anonymous types complicating data transformations, Tight coupling to specific riskModel properties reducing flexibility, Direct use of magic boolean values instead of named constants, Complex, dense LINQ queries and conditional statements, Incomplete or improperly formatted method calls and dictionary initializations
UX Impact Notes - Summary: Redirecting users without activities disrupts workflow. - Workflow interruption from redirecting users without activities - No other UX issues beyond data preparation and redirection
Test Case Ideas - governance matrix updates - Handle empty actor and governance matrix data - Redirect to ProcessCreation when no activities or condition met - Return expected activities for given project ID - Iterate actors to create GovernanceMatrix objects with correct properties - Assign FromActorLocation property correctly and call View with expected parameters
Dependencies & Called Services - Summary: Uses collections, interfaces, and utility extensions for data handling and profiling. - Dictionary and List collections, Enumerable utilities, IActorModel, IHRModel, IRiskModel interfaces, MiniProfilerExtensions for performance profiling, String utilities - ProcessExtensions for process management
SaveSupervisors¶
Summary: Decode JSON data from the request and process each actor in the collection.
JsonResult HRController.SaveSupervisors()
Routing
- HTTP:
POST - URL:
/HR/SaveSupervisors
Detailed Analysis
Key Flows - Summary: Decode JSON data from the request and process each actor in the collection. - Decode JSON from request form, Iterate and process each actor
Error Flows - Summary: The method lacks explicit error handling for JSON decoding and data conversion failures. - Missing explicit handling of invalid or absent JSON data, No exception handling for JSON decoding errors, No exception handling for data conversion errors
Security Issues - Summary: Direct JSON deserialization from request data risks security vulnerabilities. - Unvalidated JSON deserialization
Performance Issues - Summary: Repeated Convert.ToInt32 calls inside loops degrade performance on large collections. - Repeated Convert.ToInt32 calls inside loops, Performance degradation on large collections
Maintainability Issues - Summary: Improve variable naming and remove incomplete commented code to enhance maintainability. - Non-descriptive variable name 'Actors', Incomplete and commented out code sections
Test Case Ideas - Summary: Verify JSON decoding and ensure no unintended external state changes. - Correctly decode JSON from request form, Prevent unexpected external state modifications
Dependencies & Called Services - Summary: Convert and IRiskModel services are used in SaveSupervisors. - Convert service, IRiskModel service
SaveSpanMag¶
Summary: SaveSpanMag processes a save operation and returns a JSON response indicating the result.
JsonResult HRController.SaveSpanMag()
Routing
- HTTP:
POST - URL:
/HR/SaveSpanMag
Detailed Analysis
Key Flows - Summary: SaveSpanMag processes a save operation and returns a JSON response indicating the result. - Process save operation - Return JSON response with save result
Performance Issues - Summary: Repeated Convert.ToInt32 and Convert.ToDecimal calls degrade performance if executed frequently. - Repeated Convert.ToInt32 calls, Repeated Convert.ToDecimal calls, Performance impact from frequent conversions
Maintainability Issues - Summary: Commented-out and incomplete code reduces clarity and complicates maintenance. - Multiple commented-out code blocks, Incomplete code fragments, Commented-out code causing developer confusion, Complicated future enhancements and debugging
Test Case Ideas - saving logic - Saving logic for span data remains inactive when commented out - Method returns expected JSON response if saving and status-setting code enabled
Dependencies & Called Services - Summary: Uses conversion services for impact and risk models. - Convert service, IImpactModel dependency, IRiskModel dependency
RemoveCatchments¶
Summary: RemoveCatchments deletes catchments and resets actor cost based on actor ID from POST data.
JsonResult HRController.RemoveCatchments()
Routing
- HTTP:
POST - URL:
/HR/RemoveCatchments
Detailed Analysis
Key Flows - Summary: RemoveCatchments deletes catchments and resets actor cost based on actor ID from POST data. - Call IHRModel.deletecatchments with actor ID - Call IHRModel.updateactorcosttozero with actor ID - Return JSON result to client
Error Flows - Summary: Validate actor ID to prevent method failure or exceptions. - Missing actor ID, Malformed actor ID, Invalid actor ID, Lack of validation or sanitization
Security Issues - Summary: RemoveCatchments risks SQL injection by using unvalidated actor ID from request data. - Unvalidated actor ID from request form data
Maintainability Issues - Summary: Replace magic strings with named constants to improve code readability and maintainability. - Use named constants instead of magic strings for form data keys
Test Case Ideas - Summary: Verify RemoveCatchments handles HTTP POST - valid and invalid input securely and updates data correctly. - Delete catchments and update actor cost with valid actor IDs - Handle missing 'actId' parameter gracefully - Restrict RemoveCatchments to HTTP POST requests - Validate robustness against malformed or tampered form data
Dependencies & Called Services - Summary: RemoveCatchments uses Convert and IHRModel services. - Convert service usage, IHRModel service usage
SaveTeamSalaries¶
Summary: SaveTeamSalaries handles an HTTP POST request, loads training and skill data, and returns it as JSON.
JsonResult HRController.SaveTeamSalaries()
Routing
- HTTP:
POST - URL:
/HR/SaveTeamSalaries
Detailed Analysis
Key Flows - Summary: SaveTeamSalaries handles an HTTP POST request - and returns it as JSON. - Handle HTTP POST request - Load training and skill level data via model methods - Return training and skill data as JSON
Error Flows - Summary: Handle invalid form data and database query failures during salary saving. - Invalid or missing form data causes save failures, Database query failures cause errors without explicit exception handling
Security Issues - Summary: Prevent SQL injection by sanitizing request form data before database queries. - SQL injection risk from unsanitized form data, Need input validation and sanitization before queries
Performance Issues - Summary: Multiple database queries degrade performance on large or complex datasets. - Multiple database queries, Performance impact on large or complex data
Maintainability Issues - Summary: The method's complexity hinders understanding and maintainability. - High method complexity, Excessive use of variables and methods
UX Impact Notes - Summary: Returns JSON to update UI or show success message. - JSON result for UI update
Test Case Ideas - Summary: Verify SaveTeamSalaries handles HTTP POST - Invoke SaveTeamSalaries on HTTP POST request, Save skill costs for various actor types - Load correct training and skill level data for actors
Dependencies & Called Services - Summary: Uses data conversion and collection types for actor and HR models. - Data conversion utilities, Enumerable collections, Actor model interface, HR model interface, List collection, String type
GetTalentPools¶
Summary: Retrieve actors for a project, validate the current actor, then return total talents and tags with success status.
JsonResult HRController.GetTalentPools(int? actorId, int? ProjID)
Routing
- HTTP:
GET - URL:
/HR/GetTalentPools
Detailed Analysis
Key Flows - validate the current actor - then return total talents and tags with success status. - Load business rules to create tags list - Return JSON with total talents
Error Flows - Summary: Validate actor and location; return failure JSON if invalid. - Return JSON with IsSuccess false on validation failure
Security Issues - Summary: Fix SQL injection risk from unsanitized Convert.ToInt32(CurrentActorId). - SQL injection risk from unsanitized Convert.ToInt32(CurrentActorId)
Performance Issues - Summary: Avoid unnecessary ToList() and Distinct() calls on large collections to reduce memory and CPU usage. - Excessive ToList() causes large memory allocations for actor lists, Distinct() and ToList() on large policy lists degrade performance
Maintainability Issues - and fix incomplete return statement. - Incomplete return statement referencing undefined JsonRequestBeh
UX Impact Notes - Summary: Display error message when GetTalentPools operation fails. - Error message on operation failure, Indicate IsSuccess false status
Test Case Ideas - Summary: Verify GetTalentPools returns correct data and valid JSON for various inputs and failure cases. - Return correct actor by actor ID - Return correct actors list by project ID - Return correct total talents by location and actor - Return correct tags by business rules - Return JSON with IsSuccess false on failure - Return valid JSON response in all cases
Dependencies & Called Services - Summary: Uses data conversion and enumeration utilities for HR model string processing. - Data conversion utilities, Enumerable collections, HR model processing, String manipulation
GetBenchmarkCost¶
Summary: GetBenchmarkCost processes a POST request and extracts the 'actId' form value.
JsonResult HRController.GetBenchmarkCost()
Routing
- HTTP:
POST - URL:
/HR/GetBenchmarkCost
Cross-layer call chain - HRController.GetBenchmarkCost → Andromeda.Core.DataManager.GetData - HRController.GetBenchmarkCost → Andromeda.Core.Database.DataExtensions.GetInt32Ex - HRController.GetBenchmarkCost → Andromeda.Core.Database.DataExtensions.GetDecimalEx - HRController.GetBenchmarkCost → Andromeda.Core.Database.DataExtensions.GetStringEx
Call Chain Diagram¶
flowchart TD
Andromeda_Core_DataManager_GetData["Andromeda.Core.DataManager.GetData"]
Andromeda_Core_Database_DataExtensions_GetDecimalEx["Andromeda.Core.Database.DataExtensions.GetDecimalEx"]
Andromeda_Core_Database_DataExtensions_GetInt32Ex["Andromeda.Core.Database.DataExtensions.GetInt32Ex"]
Andromeda_Core_Database_DataExtensions_GetStringEx["Andromeda.Core.Database.DataExtensions.GetStringEx"]
HRController_GetBenchmarkCost["HRController.GetBenchmarkCost"]
HRController_GetBenchmarkCost --> Andromeda_Core_DataManager_GetData
HRController_GetBenchmarkCost --> Andromeda_Core_Database_DataExtensions_GetDecimalEx
HRController_GetBenchmarkCost --> Andromeda_Core_Database_DataExtensions_GetInt32Ex
HRController_GetBenchmarkCost --> Andromeda_Core_Database_DataExtensions_GetStringEx
Detailed Analysis
Key Flows - Summary: GetBenchmarkCost processes a POST request and extracts the 'actId' form value. - Receive POST request, Decode 'actId' from form data, Initialize TalentPools object (unused)
Error Flows - Summary: The method lacks error handling for deserialization failures of 'actId'. - No explicit error or exception handling, Unmanaged deserialization errors from invalid 'actId' input
Security Issues - Summary: Deserialization vulnerability from unvalidated JSON input risks code execution. - Unvalidated input from Request.Form['actId']
Maintainability Issues - Summary: The method's incomplete and commented-out code reduces maintainability. - Incomplete code, Commented-out code causing confusion
Test Case Ideas - Summary: Ensure GetBenchmarkCost returns a valid JsonResult despite incomplete implementation. - Return valid JsonResult with incomplete implementation
Dependencies & Called Services - Summary: GetBenchmarkCost depends on the IHRModel service. - Dependency on IHRModel service
SaveBenchmarkCost¶
Summary: SaveBenchmarkCost processes JSON data from an HTTP POST request and returns a JsonResult.
JsonResult HRController.SaveBenchmarkCost()
Routing
- HTTP:
POST - URL:
/HR/SaveBenchmarkCost
Cross-layer call chain - HRController.SaveBenchmarkCost → Andromeda.Core.DataManager.Execute - Andromeda.Core.DataManager.Execute → Andromeda.Core.LoggingManager.Debug - Andromeda.Core.DataManager.Execute → Andromeda.Core.Database.helper.SqlParameters
Call Chain Diagram¶
flowchart TD
Andromeda_Core_DataManager_Execute["Andromeda.Core.DataManager.Execute"]
Andromeda_Core_Database_helper_SqlParameters["Andromeda.Core.Database.helper.SqlParameters"]
Andromeda_Core_LoggingManager_Debug["Andromeda.Core.LoggingManager.Debug"]
HRController_SaveBenchmarkCost["HRController.SaveBenchmarkCost"]
Andromeda_Core_DataManager_Execute --> Andromeda_Core_Database_helper_SqlParameters
Andromeda_Core_DataManager_Execute --> Andromeda_Core_LoggingManager_Debug
HRController_SaveBenchmarkCost --> Andromeda_Core_DataManager_Execute
Detailed Analysis
Key Flows - Summary: SaveBenchmarkCost processes JSON data from an HTTP POST request and returns a JsonResult. - Return JsonResult after saving
Security Issues - Summary: Direct JSON decoding from request form risks deserialization attacks. - JSON deserialization vulnerability, Lack of input validation and sanitization
Maintainability Issues - Summary: The controller tightly couples with the model by directly calling SaveBenchmarkCost with many parameters. - Tight coupling between controller and model, Controller directly calls model method with multiple parameters
Test Case Ideas - Summary: Verify SaveBenchmarkCost handles POST requests - and returns JsonResult. - Return JsonResult after saving benchmark cost
Dependencies & Called Services - Summary: SaveBenchmarkCost depends on the IHRModel service. - Dependency on IHRModel service
GetCurrencies¶
Summary: Retrieve actors, initialize currencies with USD and project currency, load additional currencies, remove duplicates, and return JSON.
JsonResult HRController.GetCurrencies(int? ActorId)
Routing
- HTTP:
GET - URL:
/HR/GetCurrencies
Detailed Analysis
Key Flows - and return JSON. - Load and add currencies from infrastructure model - Retrieve all actors and set current actor by ActorId - Remove duplicate currencies and return JSON list
Error Flows - Summary: Handle null ActorId to prevent null reference exceptions. - Null reference exception from null ActorId, Missing actor lookup handling
Security Issues - Summary: No security issues identified in GetCurrencies method.
Performance Issues - Summary: Inefficient data retrieval and processing cause performance issues with large currency datasets. - Inefficient retrieval of all actors before filtering, Performance impact from looping to add currency objects, Slow grouping and filtering to remove duplicates in large lists
Maintainability Issues - Summary: Replace magic strings with constants, fix variable names, and add explanatory comments. - Add comments explaining grouping and filtering logic
UX Impact Notes - Summary: Slow API responses can degrade user experience despite minimal direct UX impact. - Backend API method, Potential slow response times, User experience degradation due to performance
Test Case Ideas - Summary: Verify correct actor setting - Confirm LoadCurrency returns expected data and updates list - Assess method performance with large datasets - Handle empty currency collections without errors - Validate correct actor assignment with valid ActorId
Dependencies & Called Services - Summary: Uses collections and model interfaces for currency data handling. - Enumerable for data operations, IHRModel interface, IInfraModel interface, List collection, String type
SaveContinueTeamAddTalent¶
Summary: The method obtains the project ID from the request or defaults, then fetches talent pools using the ActorId and project ID.
JsonResult HRController.SaveContinueTeamAddTalent()
Routing
- HTTP:
POST - URL:
/HR/SaveContinueTeamAddTalent
Detailed Analysis
Key Flows - Summary: The method obtains the project ID from the request or defaults, then fetches talent pools using the ActorId and project ID. - Fetch talent pools with ActorId and project ID - Retrieve project ID from request or default registry, Convert project ID to integer if present
Error Flows - Summary: Handle invalid ActorId/AddTalent by skipping CatchmentSet; invalid project ID causes FormatException. - Skip CatchmentSet if ActorId or AddTalent validation fails
Security Issues - Summary: Sanitize Request.Form["ProjId"] to prevent SQL injection and XSS vulnerabilities. - Unsanitized Request.Form["ProjId"] input, SQL injection risk, Cross-site scripting (XSS) risk
Maintainability Issues - Summary: Simplify complex conditions and centralize magic strings for better maintainability. - Complex, lengthy if condition reduces readability, Magic string 'ProjId' used without constant definition
UX Impact Notes - Summary: Users face errors and unexpected behavior from missing validation and error handling. - Invalid or missing project ID triggers unhandled errors
Test Case Ideas - Summary: Validate input handling - Valid ActorId triggers CatchmentSet and returns expected talent pools - ActorId <= 0 skips CatchmentSet but returns talent pools - CatchmentSet called only after validation passes
Dependencies & Called Services - Summary: Convert HR IHRModel to String Uri for service calls. - Convert HR IHRModel, String Uri usage
SaveTeamSalariesBenchmark¶
Summary: Retrieve project ID and mark team salaries observation as reviewed.
JsonResult HRController.SaveTeamSalariesBenchmark()
Routing
- HTTP:
POST - URL:
/HR/SaveTeamSalariesBenchmark
Cross-layer call chain - HRController.SaveTeamSalariesBenchmark → Andromeda.Core.LoggingManager.Error
Call Chain Diagram¶
flowchart TD
Andromeda_Core_LoggingManager_Error["Andromeda.Core.LoggingManager.Error"]
HRController_SaveTeamSalariesBenchmark["HRController.SaveTeamSalariesBenchmark"]
HRController_SaveTeamSalariesBenchmark --> Andromeda_Core_LoggingManager_Error
Detailed Analysis
Key Flows - Summary: Retrieve project ID and mark team salaries observation as reviewed. - Retrieve current project ID from request or default - Update team salaries observation tab reviewed status
Error Flows - Summary: The method fails to save data or update status on invalid input without explicit error handling. - Reviewed status update may fail
Security Issues - Summary: Prevent SQL injection and XSS by sanitizing and encoding input data. - XSS risk from unencoded input in output or logs
Performance Issues - Summary: Excessive Convert.ToDecimal() calls degrade performance on large or complex data. - Multiple Convert.ToDecimal() calls on input data, Performance impact on large or complex data
Maintainability Issues - Summary: The method's long chained calls with many parameters reduce readability and maintainability. - Long chained method calls, Excessive parameters in single call, Reduced code readability, Difficult maintenance due to complexity
UX Impact Notes - Summary: Returns JsonResult requiring proper formatting and error handling to ensure good UX. - JsonResult return type
Test Case Ideas - updates status - Restrict SaveTeamSalariesBenchmark to HTTP POST requests, Save team salary benchmark data with valid input - Update reviewed status of team salaries observation tab after saving
Dependencies & Called Services - Summary: Uses services for data conversion, logging, and mathematical operations. - DateTime conversion, IHRModel access, IProcessModel access, Math operations - LoggingManager for logging