diff --git a/api/handle_sanction_checks.go b/api/handle_sanction_checks.go index b6de4252e..2709c231d 100644 --- a/api/handle_sanction_checks.go +++ b/api/handle_sanction_checks.go @@ -59,6 +59,23 @@ func handleUpdateSanctionCheckMatchStatus(uc usecases.Usecases) func(c *gin.Cont } } +func handleListSanctionCheckMatchComments(uc usecases.Usecases) func(c *gin.Context) { + return func(c *gin.Context) { + ctx := c.Request.Context() + matchId := c.Param("id") + + uc := usecasesWithCreds(ctx, uc).NewSanctionCheckUsecase() + + comments, err := uc.MatchListComments(ctx, matchId) + + if presentError(ctx, c, err) { + return + } + + c.JSON(http.StatusCreated, pure_utils.Map(comments, dto.AdaptSanctionCheckMatchCommentDto)) + } +} + func handleCreateSanctionCheckMatchComment(uc usecases.Usecases) func(c *gin.Context) { return func(c *gin.Context) { ctx := c.Request.Context() diff --git a/api/routes.go b/api/routes.go index 3f96c0493..da34a801e 100644 --- a/api/routes.go +++ b/api/routes.go @@ -80,6 +80,8 @@ func addRoutes(r *gin.Engine, conf Configuration, uc usecases.Usecases, auth Aut router.PATCH("/sanction-checks/matches/:id", tom, handleUpdateSanctionCheckMatchStatus(uc)) router.POST("/sanction-checks/matches/:id/comment", tom, handleCreateSanctionCheckMatchComment(uc)) + router.GET("/sanction-checks/matches/:id/comments", tom, + handleListSanctionCheckMatchComments(uc)) router.GET("/scenario-publications", tom, handleListScenarioPublications(uc)) router.POST("/scenario-publications", tom, handleCreateScenarioPublication(uc)) diff --git a/repositories/sanction_check_repository.go b/repositories/sanction_check_repository.go index fa0262df7..644a74f55 100644 --- a/repositories/sanction_check_repository.go +++ b/repositories/sanction_check_repository.go @@ -159,5 +159,15 @@ func (*MarbleDbRepository) AddSanctionCheckMatchComment(ctx context.Context, func (*MarbleDbRepository) ListSanctionCheckMatchComments(ctx context.Context, exec Executor, matchId string, ) ([]models.SanctionCheckMatchComment, error) { - return nil, nil + if err := validateMarbleDbExecutor(exec); err != nil { + return nil, err + } + + sql := NewQueryBuilder(). + Select(dbmodels.SelectSanctionCheckMatchCommentsColumn...). + From(dbmodels.TABLE_SANCTION_CHECK_MATCH_COMMENTS). + Where(squirrel.Eq{"sanction_check_match_id": matchId}). + OrderBy("created_at ASC") + + return SqlToListOfModels(ctx, exec, sql, dbmodels.AdaptSanctionCheckMatchComment) } diff --git a/usecases/sanction_check_usecase.go b/usecases/sanction_check_usecase.go index f61f97455..08d0f331d 100644 --- a/usecases/sanction_check_usecase.go +++ b/usecases/sanction_check_usecase.go @@ -113,36 +113,14 @@ func (uc SanctionCheckUsecase) InsertResults(ctx context.Context, func (uc SanctionCheckUsecase) UpdateMatchStatus(ctx context.Context, matchId string, update models.SanctionCheckMatchUpdate, ) (models.SanctionCheckMatch, error) { - match, err := uc.repository.GetSanctionCheckMatch(ctx, uc.executorFactory.NewExecutor(), matchId) - if err != nil { - return models.SanctionCheckMatch{}, err - } - - sanctionCheck, err := uc.repository.GetSanctionCheck(ctx, uc.executorFactory.NewExecutor(), match.SanctionCheckId) + match, err := uc.enforceCanReadOrUpdateMatchCase(ctx, matchId) if err != nil { return models.SanctionCheckMatch{}, err } - decision, err := uc.decisionRepository.DecisionsById(ctx, uc.executorFactory.NewExecutor(), []string{sanctionCheck.DecisionId}) - if err != nil { - return models.SanctionCheckMatch{}, err - } - if len(decision) == 0 { - return models.SanctionCheckMatch{}, errors.Wrap(models.NotFoundError, "requested decision does not exist") - } - if decision[0].Case == nil { - return models.SanctionCheckMatch{}, errors.Wrap(err, "decision is not linked to a case") - } - - inboxes := []string{decision[0].Case.InboxId} - - if err := uc.enforceSecurityCase.ReadOrUpdateCase(*decision[0].Case, inboxes); err != nil { - return models.SanctionCheckMatch{}, err - } - creds, ok := utils.CredentialsFromCtx(ctx) if !ok { - return models.SanctionCheckMatch{}, errors.Wrap(err, "could not retrieve user identity") + return models.SanctionCheckMatch{}, errors.Wrap(models.UnAuthorizedError, "could not retrieve user identity") } update.ReviewerId = creds.ActorIdentity.UserId @@ -152,45 +130,61 @@ func (uc SanctionCheckUsecase) UpdateMatchStatus(ctx context.Context, matchId st return uc.repository.UpdateSanctionCheckMatchStatus(ctx, uc.executorFactory.NewExecutor(), match, update) } +func (uc SanctionCheckUsecase) MatchListComments(ctx context.Context, matchId string) ([]models.SanctionCheckMatchComment, error) { + if _, err := uc.enforceCanReadOrUpdateMatchCase(ctx, matchId); err != nil { + return nil, err + } + + return uc.repository.ListSanctionCheckMatchComments(ctx, uc.executorFactory.NewExecutor(), matchId) +} + func (uc SanctionCheckUsecase) MatchAddComment(ctx context.Context, matchId string, comment models.SanctionCheckMatchComment, ) (models.SanctionCheckMatchComment, error) { + if _, err := uc.enforceCanReadOrUpdateMatchCase(ctx, matchId); err != nil { + return models.SanctionCheckMatchComment{}, err + } + + creds, ok := utils.CredentialsFromCtx(ctx) + if !ok { + return models.SanctionCheckMatchComment{}, + errors.Wrap(models.UnAuthorizedError, "could not get principal ID from credentials") + } + + comment.CommenterId = creds.ActorIdentity.UserId + + return uc.repository.AddSanctionCheckMatchComment(ctx, uc.executorFactory.NewExecutor(), comment) +} + +func (uc SanctionCheckUsecase) enforceCanReadOrUpdateMatchCase(ctx context.Context, matchId string) (models.SanctionCheckMatch, error) { match, err := uc.repository.GetSanctionCheckMatch(ctx, uc.executorFactory.NewExecutor(), matchId) if err != nil { - return models.SanctionCheckMatchComment{}, err + return models.SanctionCheckMatch{}, err } sanctionCheck, err := uc.repository.GetSanctionCheck(ctx, uc.executorFactory.NewExecutor(), match.SanctionCheckId) if err != nil { - return models.SanctionCheckMatchComment{}, err + return models.SanctionCheckMatch{}, err } decision, err := uc.decisionRepository.DecisionsById(ctx, uc.executorFactory.NewExecutor(), []string{sanctionCheck.DecisionId}) if err != nil { - return models.SanctionCheckMatchComment{}, err + return models.SanctionCheckMatch{}, err } if len(decision) == 0 { - return models.SanctionCheckMatchComment{}, - errors.Wrap(models.NotFoundError, "could not find the decision linked to the sanction check") + return models.SanctionCheckMatch{}, errors.Wrap(models.NotFoundError, + "could not find the decision linked to the sanction check") } if decision[0].Case == nil { - return models.SanctionCheckMatchComment{}, - errors.Wrap(models.NotFoundError, "this sanction check is not linked to a case") + return models.SanctionCheckMatch{}, errors.Wrap(models.NotFoundError, + "this sanction check is not linked to a case") } inboxes := []string{decision[0].Case.InboxId} if err := uc.enforceSecurityCase.ReadOrUpdateCase(*decision[0].Case, inboxes); err != nil { - return models.SanctionCheckMatchComment{}, err - } - - creds, ok := utils.CredentialsFromCtx(ctx) - if !ok { - return models.SanctionCheckMatchComment{}, - errors.Wrap(models.UnAuthorizedError, "could not get principal ID from credentials") + return models.SanctionCheckMatch{}, err } - comment.CommenterId = creds.ActorIdentity.UserId - - return uc.repository.AddSanctionCheckMatchComment(ctx, uc.executorFactory.NewExecutor(), comment) + return match, nil }