ScriptCode best practices
Context
The rules for writing ScriptCode on the Eximee platform will help ensure consistency, readability, and code security, and will also make onboarding new employees easier.
Create ScriptCode according to the rules described below.
Consistent naming convention
Write code in English - use English names for variables, functions, etc.
Exceptions: top-down business naming decisions or a high level of script complexity (in this case, the decision belongs to the low-code developer). If you decide on a Polish naming convention - be consistent within a single script.
Literal constants hard-coded in code, name them in UPPER_SNAKE_CASE format, e.g. const MOBILE_CHANNEL = "mobile"
Name other variables and functions in camelCase format, e.g. const correlationId = context.getFirstParameter('correlationId'), let motherBranchNumber, function generateBranch()
Order in the code structure
Organize code according to the following order:
Literal constants- declare at the beginning of the script
Variables - then declare variables that will be used in the main logic
Main logic - the main sequence of operations performed by the code (e.g. data processing, function calls)
Helper functions - place at the end
Logging
Do not duplicate platform logs - if any parameters are automatically generated by the platform, do not log them again in the script
Use the sensitive logger to log sensitive data, pattern: Logger.info("Customer's PESEL filled in on the form: {}", pesel)
Learn more: Logging in ScriptCode
Variable declaration
Do not use vars
Primitive types: use let only when you change the variable's value in the script. In other cases, use const
Complex types: do not use let if you only modify the contents of an object - including arrays (Array), sets (Set), maps (Map).
There is no need to use let when declaring objects - including arrays (Array), sets (Set), maps (Map) - as long as the reference (i.e. the reference to a specific object or array) will not be changed. In most cases, const should be used to declare arrays and other objects, even if their contents will be modified.
Example using const:
const array = [1, 2, 3]; array.push(4); // Works correctly, we are modifying the contents of the array
const obj = { name: "Alice" }; obj.age = 30; // Works correctly, we are modifying the object properties
Note: As long as the Rhino engine does not properly support block scope for const, variables inside a "for" loop should be declared using let. More about the bug can be found in the material linked below.
Learn more: Data types in JavaScript,
Reference, mutability, primitive types - JavaScript recap!
A table listing which features are currently not properly supported by the Rhino engine Rhino: error when declaring const inside a for loop
Error handling
Use blocks
try-catchin places where exceptions may occur. If an error occurs, log it using the logger to make it easy to track the problem.
Code readability
Right-click → choose Format Document. This will make the code more clear and readable
Remove code that is commented out and no longer needed
Write comments concisely and clearly, explaining more difficult parts of the code, intentions, and unusual solutions. Avoid obvious comments that merely repeat what is already readable in the code.
Code repetition
If you repeat a fragment of code several times - create a helper function
Script description
When creating a new script/validator - add a description
Tests
Create unit tests whenever possible, including edge cases.
Security
Treat any parameters entering ScriptCode as untrusted when sending them to services
Sample code:
Bad:
Good:
Do not use authorization data directly in ScriptCode
Retrieve remote resources (images, documents, card images, etc.) from a trusted source (e.g. the Eximee platform, a bank resource)
If you need to use any link in the application, make sure it is trusted and that its use results directly from the requirements
If a given feature does not exist on the platform, submit a request - do not use external tools
Learn more: OWASP_Application_Security_Verification_Standard_4.0 - scriptCode
Mathematical operations with BigDecimal
Perform mathematical operations using BigDecimal
Learn more: Mathematical operations in ScriptCode
Handling falsy values
Before using properties or methods, check whether the variable's value is not
nullorundefined, to prevent errors related to missing values. In situations where you also want to catch0, an empty string orNaN, you can use the general conditionif(value).
Review
If you are not the only low-code developer on the team - ask someone from the team to review the code.
Materials
Last updated
Was this helpful?
