Backend Django IDA for checking users against Specially Designated Nationals (SDN) - Treasury Department and Nonproliferation Sanctions (ISN) - State Department, as well as managing these sanctions hit records. This service also maintains a fallback copy that saves data from the Consolidated Screening List provided by the ITA, which is only utilized when our primary approach by calling the government's SDN API is not an option, due to an API outage/timeout.
# Clone the repository git clone git@github.com:edx/sanctions.git cd sanctions # Set up a virtual environment with the same name as the repo # Here's how you might do that if you have virtualenvwrapper setup mkvirtualenv -p python3.8 sanctions # Or using virtualenv setup python3 -m venv <venv> # Activate the virtual environment source <venv>/bin/activate # Install/update the dev requirements inside the virtual environment make requirements # Start this app, worker, and db containers make dev.up # Return to sanctions repo directory and provision your service bash provision-sanctions.sh # Run sanctions locally inside the virtual envioment python manage.py runserver localhost:18770 --settings=sanctions.settings.local
# Activate the virtualenv # Here's how you might do that if you're using virtualenvwrapper. workon sanctions # Grab the latest code git checkout main git pull # Install/update the dev requirements make requirements # Run the tests and quality checks (to verify the status before you make any changes) make validate # Make a new branch for your changes git checkout -b <your_github_username>/<ticket_number>/<short_description> # Using your favorite editor, edit the code to make your change. vim ... # Run your new tests pytest ./path/to/new/tests # Run all the tests and quality checks make validate # Commit all your changes git commit ... git push # Open a PR and ask for review.
Deployment is done via our internal GoCD service: gocd.tools.edx.org. If you need to deploy, please notify the Purchase Squad before doing so.
The sanctions endpoint will check users against the SDN API and return a hit count - if there is a match found, a record in the sanctions database (SanctionsCheckFailure) will be created.
Example of making a POST request to the api/v1/sdn-check/ endpoint:
response = self.client.post(
'https://sanctions.edx.org/api/v1/sdn-check/',
timeout=settings.SANCTIONS_CLIENT_TIMEOUT,
json={
'lms_user_id': user.lms_user_id,
'username': user.username, # optional
'full_name': full_name,
'city': city,
'country': country,
'metadata': { # optional, any key/value can be added
'order_identifer': 'EDX-123456',
'purchase_type': 'program',
'order_total': '989.00'
},
'system_identifier': 'commerce-coordinator', # optional
},
)
# Expected response if there is no SDN match
{"hit_count": 0, "sdn_response": {"total": 0, "sources": [], "results": []}, "sanctions_check_failure_id": null}
# Expected response if there is a SDN match
{"hit_count": 1, "sdn_response": { # SDN API RESPONSE HERE }, "sanctions_check_failure_id": 1}
# Please note that if there is match, but there is an issue in making a SanctionsCheckFailure record,
# sanctions_check_failure_id will be null. The presence/absence of the ID value is not always directly correlated to the hit_count.
Please reach out to someone on the Purchase Squad if you have questions.
The code in this repository is licensed under the AGPL 3.0 unless otherwise noted.
Please see LICENSE.txt for details.
Please do not report security issues in public. Please email security@openedx.org.