Sanction check base

api/handle_organization.go

@@ -78,6 +78,10 @@ func handlePatchOrganization(uc usecases.Usecases) func(c *gin.Context) {
 		organization, err := usecase.UpdateOrganization(ctx, models.UpdateOrganizationInput{
 			Id:                      organizationID,
 			DefaultScenarioTimezone: data.DefaultScenarioTimezone,
+			SanctionCheckConfig: models.OrganizationOpenSanctionsConfig{
+				MatchThreshold: data.SanctionsThreshold,
+				MatchLimit:     data.SanctionsLimit,
+			},
 		})
 
 		if presentError(ctx, c, err) {

api/handle_sanction_checks.go

@@ -0,0 +1,164 @@
+package api
+
+import (
+	"net/http"
+
+	"github.com/checkmarble/marble-backend/dto"
+	"github.com/checkmarble/marble-backend/models"
+	"github.com/checkmarble/marble-backend/pure_utils"
+	"github.com/checkmarble/marble-backend/usecases"
+	"github.com/checkmarble/marble-backend/utils"
+	"github.com/gin-gonic/gin"
+)
+
+func handleSanctionCheckDataset(uc usecases.Usecases) func(c *gin.Context) {
+	return func(c *gin.Context) {
+		ctx := c.Request.Context()
+		uc := usecasesWithCreds(ctx, uc).NewSanctionCheckUsecase()
+
+		dataset, err := uc.CheckDataset(ctx)
+
+		if presentError(ctx, c, err) {
+			return
+		}
+
+		c.JSON(http.StatusOK, dto.AdaptSanctionCheckDataset(dataset))
+	}
+}
+
+func handleListSanctionChecks(uc usecases.Usecases) func(c *gin.Context) {
+	return func(c *gin.Context) {
+		ctx := c.Request.Context()
+		decisionId := c.Query("decision_id")
+
+		if decisionId == "" {
+			c.Status(http.StatusBadRequest)
+			return
+		}
+
+		uc := usecasesWithCreds(ctx, uc).NewSanctionCheckUsecase()
+		sanctionChecks, err := uc.ListSanctionChecks(ctx, decisionId)
+
+		if presentError(ctx, c, err) {
+			return
+		}
+
+		c.JSON(http.StatusOK, pure_utils.Map(sanctionChecks, dto.AdaptSanctionCheckDto))
+	}
+}
+
+func handleUpdateSanctionCheckMatchStatus(uc usecases.Usecases) func(c *gin.Context) {
+	return func(c *gin.Context) {
+		ctx := c.Request.Context()
+		matchId := c.Param("id")
+
+		var payload dto.SanctionCheckMatchUpdateDto
+
+		if presentError(ctx, c, c.ShouldBindJSON(&payload)) {
+			return
+		}
+
+		creds, ok := utils.CredentialsFromCtx(ctx)
+
+		if !ok {
+			presentError(ctx, c, models.ErrUnknownUser)
+			return
+		}
+
+		update, err := dto.AdaptSanctionCheckMatchUpdateInputDto(matchId, creds.ActorIdentity.UserId, payload)
+
+		if presentError(ctx, c, err) {
+			return
+		}
+
+		uc := usecasesWithCreds(ctx, uc).NewSanctionCheckUsecase()
+
+		match, err := uc.UpdateMatchStatus(ctx, update)
+
+		if presentError(ctx, c, err) {
+			return
+		}
+
+		c.JSON(http.StatusOK, dto.AdaptSanctionCheckMatchDto(match))
+	}
+}
+
+func handleListSanctionCheckMatchComments(uc usecases.Usecases) func(c *gin.Context) {
+	return func(c *gin.Context) {
+		ctx := c.Request.Context()
+		matchId := c.Param("id")
+
+		uc := usecasesWithCreds(ctx, uc).NewSanctionCheckUsecase()
+
+		comments, err := uc.MatchListComments(ctx, matchId)
+
+		if presentError(ctx, c, err) {
+			return
+		}
+
+		c.JSON(http.StatusOK, pure_utils.Map(comments, dto.AdaptSanctionCheckMatchCommentDto))
+	}
+}
+
+func handleCreateSanctionCheckMatchComment(uc usecases.Usecases) func(c *gin.Context) {
+	return func(c *gin.Context) {
+		ctx := c.Request.Context()
+		matchId := c.Param("id")
+
+		var payload dto.SanctionCheckMatchCommentDto
+
+		if presentError(ctx, c, c.ShouldBindJSON(&payload)) {
+			return
+		}
+
+		creds, ok := utils.CredentialsFromCtx(ctx)
+
+		if !ok {
+			presentError(ctx, c, models.ErrUnknownUser)
+			return
+		}
+
+		uc := usecasesWithCreds(ctx, uc).NewSanctionCheckUsecase()
+		comment, err := dto.AdaptSanctionCheckMatchCommentInputDto(matchId, creds.ActorIdentity.UserId, payload)
+
+		if presentError(ctx, c, err) {
+			return
+		}
+
+		comment, err = uc.MatchAddComment(ctx, matchId, comment)
+
+		if presentError(ctx, c, err) {
+			return
+		}
+
+		c.JSON(http.StatusCreated, dto.AdaptSanctionCheckMatchCommentDto(comment))
+	}
+}
+
+func handleRefineSanctionCheck(uc usecases.Usecases) func(c *gin.Context) {
+	return func(c *gin.Context) {
+		ctx := c.Request.Context()
+
+		var payload dto.SanctionCheckRefineDto
+
+		if presentError(ctx, c, c.ShouldBindJSON(&payload)) {
+			return
+		}
+
+		creds, ok := utils.CredentialsFromCtx(ctx)
+
+		if !ok {
+			presentError(ctx, c, models.ErrUnknownUser)
+			return
+		}
+
+		uc := usecasesWithCreds(ctx, uc).NewSanctionCheckUsecase()
+		sanctionCheck, err := uc.Refine(ctx, dto.AdaptSanctionCheckRefineDto(payload), creds.ActorIdentity.UserId)
+
+		if presentError(ctx, c, err) {
+			return
+		}
+
+		c.JSON(http.StatusOK, dto.AdaptSanctionCheckDto(sanctionCheck))
+	}
+}

api/routes.go

@@ -76,6 +76,15 @@ func addRoutes(r *gin.Engine, conf Configuration, uc usecases.Usecases, auth Aut
 	router.PATCH("/scenario-iteration-rules/:rule_id", tom, handleUpdateRule(uc))
 	router.DELETE("/scenario-iteration-rules/:rule_id", tom, handleDeleteRule(uc))
 
+	router.GET("/sanction-checks/dataset", tom, handleSanctionCheckDataset(uc))
+	router.GET("/sanction-checks", tom, handleListSanctionChecks(uc))
+	router.POST("/sanction-checks/refine", tom, handleRefineSanctionCheck(uc))
+	router.PATCH("/sanction-checks/matches/:id", tom, handleUpdateSanctionCheckMatchStatus(uc))
+	router.POST("/sanction-checks/matches/:id/comments", tom,
+		handleCreateSanctionCheckMatchComment(uc))
+	router.GET("/sanction-checks/matches/:id/comments", tom,
+		handleListSanctionCheckMatchComments(uc))
+
 	router.GET("/scenario-publications", tom, handleListScenarioPublications(uc))
 	router.POST("/scenario-publications", tom, handleCreateScenarioPublication(uc))
 	router.GET("/scenario-publications/preparation", tom,

cmd/server.go

@@ -65,6 +65,13 @@ func RunServer() error {
 		RateLimit: utils.GetEnv("CONVOY_RATE_LIMIT", 50),
 	}
 
+	openSanctionsConfig := infra.InitializeOpenSanctions(
+		http.DefaultClient,
+		utils.GetEnv("OPENSANCTIONS_API_HOST", ""),
+		utils.GetEnv("OPENSANCTIONS_AUTH_METHOD", ""),
+		utils.GetEnv("OPENSANCTIONS_API_KEY", ""),
+	)
+
 	seedOrgConfig := models.SeedOrgConfiguration{
 		CreateGlobalAdminEmail: utils.GetEnv("CREATE_GLOBAL_ADMIN_EMAIL", ""),
 		CreateOrgName:          utils.GetEnv("CREATE_ORG_NAME", ""),
@@ -133,6 +140,7 @@ func RunServer() error {
 			infra.InitializeConvoyRessources(convoyConfiguration),
 			convoyConfiguration.RateLimit,
 		),
+		repositories.WithOpenSanctions(openSanctionsConfig),
 		repositories.WithClientDbConfig(clientDbConfig),
 		repositories.WithTracerProvider(telemetryRessources.TracerProvider),
 	)

dto/decision_dto.go

@@ -93,6 +93,11 @@ type DecisionRule struct {
 	RuleEvaluation *ast.NodeEvaluationDto `json:"rule_evaluation,omitempty"`
 }
 
+type DecisionSanctionCheck struct {
+	Partial bool `json:"partial"`
+	Count   int  `json:"count"`
+}
+
 type ErrorDto struct {
 	Code    int    `json:"code"`
 	Message string `json:"message"`
@@ -128,7 +133,8 @@ type Decision struct {
 
 type DecisionWithRules struct {
 	Decision
-	Rules []DecisionRule `json:"rules"`
+	Rules         []DecisionRule         `json:"rules"`
+	SanctionCheck *DecisionSanctionCheck `json:"sanction_check,omitempty"`
 }
 
 func NewDecisionDto(decision models.Decision, marbleAppHost string) Decision {
@@ -190,6 +196,13 @@ func NewDecisionWithRuleDto(decision models.DecisionWithRuleExecutions, marbleAp
 		decisionDto.Rules[i] = NewDecisionRuleDto(ruleExecution, withRuleExecution)
 	}
 
+	if decision.SanctionCheckExecution != nil {
+		decisionDto.SanctionCheck = &DecisionSanctionCheck{
+			Partial: decision.SanctionCheckExecution.Partial,
+			Count:   decision.SanctionCheckExecution.Count,
+		}
+	}
+
 	return decisionDto
 }
 

dto/organization_dto.go

@@ -6,13 +6,17 @@ type APIOrganization struct {
 	Id                      string  `json:"id"`
 	Name                    string  `json:"name"`
 	DefaultScenarioTimezone *string `json:"default_scenario_timezone"`
+	SanctionsThreshold      *int    `json:"sanctions_threshold"`
+	SanctionsLimit          *int    `json:"sanctions_limit"`
 }
 
 func AdaptOrganizationDto(org models.Organization) APIOrganization {
 	return APIOrganization{
 		Id:                      org.Id,
 		Name:                    org.Name,
 		DefaultScenarioTimezone: org.DefaultScenarioTimezone,
+		SanctionsThreshold:      org.OpenSanctionsConfig.MatchThreshold,
+		SanctionsLimit:          org.OpenSanctionsConfig.MatchLimit,
 	}
 }
 
@@ -23,4 +27,6 @@ type CreateOrganizationBodyDto struct {
 
 type UpdateOrganizationBodyDto struct {
 	DefaultScenarioTimezone *string `json:"default_scenario_timezone,omitempty"`
+	SanctionsThreshold      *int    `json:"sanctions_threshold,omitempty"`
+	SanctionsLimit          *int    `json:"sanctions_limit,omitempty"`
 }

dto/sanction_check_dataset_dto.go

@@ -0,0 +1,31 @@
+package dto
+
+import (
+	"time"
+
+	"github.com/checkmarble/marble-backend/models"
+)
+
+type OpenSanctionsDataset struct {
+	Upstream OpenSanctionsUpstreamDataset `json:"upstream"`
+	Version  string                       `json:"version"`
+	UpToDate bool                         `json:"up_to_date"`
+}
+
+type OpenSanctionsUpstreamDataset struct {
+	Version    string    `json:"version"`
+	Name       string    `json:"name"`
+	LastExport time.Time `json:"last_export"`
+}
+
+func AdaptSanctionCheckDataset(model models.OpenSanctionsDataset) OpenSanctionsDataset {
+	return OpenSanctionsDataset{
+		Upstream: OpenSanctionsUpstreamDataset{
+			Version:    model.Upstream.Version,
+			Name:       model.Upstream.Name,
+			LastExport: model.Upstream.LastExport,
+		},
+		Version:  model.Version,
+		UpToDate: model.UpToDate,
+	}
+}