{
  "context": "This criteria evaluates how well the engineer uses Flask-WTF's file upload validation capabilities, specifically the FileAllowed validator for extension whitelisting. The focus is on proper usage of FileField and FileAllowed validator to implement secure document type validation.",
  "type": "weighted_checklist",
  "checklist": [
    {
      "name": "FileField usage",
      "description": "Uses Flask-WTF's FileField (from flask_wtf.file or wtforms) to create the file upload field in the form class",
      "max_score": 25
    },
    {
      "name": "FileAllowed validator",
      "description": "Uses the FileAllowed validator from flask_wtf.file to validate file extensions against the required whitelist (['pdf', 'doc', 'docx', 'txt'])",
      "max_score": 35
    },
    {
      "name": "Extension list",
      "description": "Correctly specifies all required extensions (pdf, doc, docx, txt) in the FileAllowed validator",
      "max_score": 15
    },
    {
      "name": "Form integration",
      "description": "Properly integrates the FileField with FileAllowed validator into a FlaskForm subclass and uses it in the Flask route to handle file uploads",
      "max_score": 15
    },
    {
      "name": "Validation handling",
      "description": "Correctly handles validation results using form.validate_on_submit() or similar Flask-WTF methods to distinguish between valid and invalid uploads",
      "max_score": 10
    }
  ]
}