AgentSkillsCN

development-best-practices

Odoo模块命名规范(thedevkitchen_前缀)、控制器安全模式(身份验证双重装饰器)、数据存储架构(PostgreSQL vs Redis),以及性能优化(缓存策略、查询模式)的快速参考。在创建模块、实现安全控制器,或优化性能时使用此功能。详细指南可参考ADR-004、ADR-011、ADR-017。

SKILL.md
--- frontmatter
name: development-best-practices
description: Quick reference for Odoo module naming conventions (thedevkitchen_ prefix), controller security patterns (authentication dual decorators), data storage architecture (PostgreSQL vs Redis), and performance optimization (cache strategies, query patterns). Use when creating modules, implementing secure controllers, or optimizing performance. References ADR-004, ADR-011, ADR-017 for detailed guidelines.

Development Best Practices - Odoo Real Estate

This skill provides quick reference for essential development patterns: module/table naming, controller security, and performance optimization.

Scope: Nomenclature, security/storage architecture, and performance Other areas: For testing, validation, API docs, and Git workflow, see ADRs in Quick Reference section

When to Use This Skill

  • Creating a new Odoo module (naming conventions)
  • Implementing controllers with proper authentication
  • Optimizing performance (Redis, queries)
  • Validating security patterns
  • Finding relevant ADRs by context

Prerequisites

  1. Read .github/copilot-instructions.md for authentication dual decorators rules
  2. Know project structure (working in 18.0/ directory)
  3. Access to ADRs: docs/adr/

1. Module Naming Conventions

Reference: ADR-004: Nomenclatura de Módulos e Tabelas

✅ Required Patterns

Module Directory Name:

code
Format: thedevkitchen_<functional_name>
Example: thedevkitchen_estate

Odoo Model Name (_name):

python
_name = 'thedevkitchen.<category>.<entity>'
# Examples:
# 'thedevkitchen.oauth.application'
# 'thedevkitchen.estate.property'
# 'thedevkitchen.estate.agent'

Database Table Name (auto-generated):

code
Format: thedevkitchen_<category>_<entity>
# Generated from _name

❌ Never Do

  • ❌ Generic module names: api_gateway, estate, property
  • ❌ Models without prefix: estate.property
  • ❌ Custom tables without thedevkitchen_
  • ❌ Generic XML IDs without module context

Checklist

  • Module name starts with thedevkitchen_
  • Model uses format thedevkitchen.<category>.<entity>
  • XML IDs follow <module>.<identifier>
  • Access rules use access_<model>_<group>

2. Controller Security & Storage

References:

Note: Authentication dual decorator rules (@require_jwt + @require_session) are in copilot-instructions.md

Storage Architecture

PostgreSQL (Persistence):

  • OAuth tokens (SHA256 hashed)
  • User credentials
  • Business data
  • Audit logs

Redis (Cache/Sessions):

  • Session IDs and user context
  • Query cache
  • Message bus

❌ NEVER store in plaintext:

  • Passwords
  • OAuth client_secret
  • Access tokens

Security Checklist

  • Endpoint uses @require_jwt AND @require_session (if private)
  • Public endpoint has # public endpoint comment
  • Multi-tenancy validated with @require_company
  • Sensitive data never in logs or plaintext
  • Consult copilot-instructions.md for auth patterns

3. Performance & Cache

Reference: ADR-011: Redis Cache Configuration

Redis Configuration

Redis is configured for:

  • HTTP sessions (DB index 1)
  • ORM cache
  • Asset cache
  • Message bus

Configuration in odoo.conf:

ini
session_redis = True
session_redis_host = redis
session_redis_port = 6379
session_redis_dbindex = 1
session_redis_prefix = odoo18_

❌ Performance Anti-patterns

  • ❌ N+1 queries (use read() or search_read())
  • ❌ Fetching all records without limit
  • ❌ Unnecessary sudo() (breaks cache)
  • ❌ Compute fields without store=True when needed

Performance Checklist

  • Queries optimized (no N+1)
  • Appropriate cache usage
  • Limits in search()
  • Indexes created for filtered fields
  • Redis configured and running

Quick Reference

This skill covers: Naming (ADR-004), Security/Storage (ADR-011, ADR-017), Performance (Redis/Cache)

For other areas, consult ADRs directly:

Module Development

Security & Authentication

Testing (consult ADRs)

APIs & Documentation (consult ADRs)

Data Modeling (consult ADRs)

Business Rules (consult ADRs)

Architecture Patterns (consult ADRs)

Git Workflow (consult ADRs)


Pre-Coding Checklist

Naming & Structure

  • Read ADR-004 for module/table naming
  • Module name follows thedevkitchen_<name>
  • Models follow thedevkitchen.<category>.<entity>

Security

  • Read copilot-instructions.md for auth rules
  • Know which security decorators to use (@require_jwt + @require_session)
  • Sensitive data will be stored correctly (PostgreSQL/Redis)

Performance

  • Understand Redis configuration (sessions/cache)
  • Queries optimized (no N+1)
  • Appropriate cache usage

Other Areas (consult ADRs)

  • Testing: ADR-003, ADR-002
  • Validation: ADR-018
  • Multi-tenancy: ADR-008, ADR-019
  • Documentation: ADR-005, ADR-016
  • Git: ADR-006

Related Resources


Enforcement

This skill covers naming, security/storage, and performance. For other areas (testing, validation, Git, etc.), consult ADRs directly in Quick Reference section.

Violations should be:

  1. Identified in code review
  2. Rejected in pull requests
  3. Corrected before merge
  4. Documented if justified exception exists

Remember: ADRs exist to prevent production issues, facilitate maintenance, and ensure quality. Follow them always!