add some cursor rules

2025-12-20 19:09:33 +01:00 · 2025-12-20 19:09:33 +01:00 · eccad00513
commit eccad00513
parent 820c01097c
3 changed files with 31 additions and 0 deletions
--- a/.cursor/rules/python_coding_standards.mdc
+++ b/.cursor/rules/python_coding_standards.mdc
@ -0,0 +1,9 @@
+---
+description: Coding standards that should be respect when working on Python code.
+alwaysApply: false
+---
+
+- Use type hinting. Check regularly with mypy via the `Makefile` command `make typecheck`.
+- Use docstrings following the style of the existing code. 
+- Avoid bloaty comments. Instead, favour using descriptive functions and variable names to make what's happening obvious.
+- Use tests frequently to detect errors early. Make sure that tests are kept up to date. Remove dead code tests when removing code.
--- a/.cursor/rules/running_tests.mdc
+++ b/.cursor/rules/running_tests.mdc
@ -0,0 +1,8 @@
+---
+description: How to run tests
+alwaysApply: false
+---
+
+There are backend, frontend and e2e tests.
+
+They should be run with the `test-` commands found in the `Makefile`.
--- a/.cursor/rules/security_authorization.mdc
+++ b/.cursor/rules/security_authorization.mdc
@ -0,0 +1,14 @@
+---
+description: Instructions on ensuring that authorization gets respected in the app.
+alwaysApply: false
+---
+
+The app has users with roles and permissions. These should be respected.
+
+When working on the frontend, make sure that the users can only access the pages and contents they are expected to due to their role in the app.
+
+When working on the backend, ensure that endpoints are only accessible by those who need them.
+
+When building new features, reflect on whether there is the need to create new permissions or modify existing ones, as well as changing roles.
+
+Add tests that try "sneaky" approaches to overcoming authorization limits and verify that the app is properly protected against them.