InfraForge Docs

InfraNotes CORE · v1.35.9

Welcome

Select a document from the sidebar to read it.

InfraNotes Compliance Module

Overview

The Compliance Module integrates with the InfraNotes platform to provide policy enforcement, compliance monitoring, and validation for financial operations. It ensures that all financial transactions comply with organizational policies and regulatory requirements.

Key Features

  • Policy Management: Create, update, and manage compliance policies
  • Entity Validation: Validate expenses, invoices, and budgets against defined policies
  • Compliance Monitoring: Track compliance status and generate reports
  • Violation Detection: Automatically detect and log policy violations
  • Standard Templates: Pre-defined policy templates for common compliance needs

System Architecture

The compliance module is structured as follows:

  • Repositories: Handle data storage and retrieval for compliance entities
  • Services: Implement business logic for compliance checking and monitoring
  • Handlers: Process API requests and return appropriate responses
  • Middleware: Integrate compliance validation with existing entity endpoints
  • Models: Define data structures for compliance entities

Integration with Main Application

The compliance module is integrated with the main application in cmd/api/main.go via:

  1. Import of the compliance package
  2. Adapter for authentication middleware
  3. Integration of entity handlers (expense, invoice, budget)
  4. Registration of compliance API routes
// Integration code in main.go
authAdapter := middleware.NewAuthAdapter(authSvc)

compliance.IntegrateCompliance(
    mux,
    authAdapter,
    tracedDB.DB,
    expenseHandlerFunc,
    invoiceHandlerFunc,
    budgetHandlerFunc,
)

Database Schema

The compliance module uses the following tables:

  • policy_rules: Defines compliance policies and validation rules
  • policy_rule_actions: Actions to take when rules are triggered
  • policy_templates: Templates for common compliance policies
  • compliance_events: Log of compliance-related events
  • compliance_violations: Record of policy violations

API Endpoints

Policy Management

  • GET /api/compliance/templates/standard: Get standard policy templates

Compliance Monitoring

  • GET /api/compliance/dashboard: Get compliance dashboard data
  • GET /api/compliance/events: List compliance events
  • POST /api/compliance/events/resolve: Resolve a compliance event
  • GET /api/compliance/violations: List compliance violations
  • POST /api/compliance/violations/resolve: Resolve a compliance violation
  • GET /api/compliance/metrics: Get compliance metrics

Entity Status

  • GET /api/compliance/status/{entity_type}/{id}: Get compliance status for an entity

Testing the Compliance Module

A test script is provided to verify the functionality of the compliance module:

./test_compliance_api.sh

This script will:

  1. Authenticate with the API
  2. Test compliance dashboard endpoint
  3. Test standard policy templates
  4. Test compliance events listing
  5. Test compliance violations listing
  6. Test entity validation by creating a high-value expense

Development

To extend the compliance module:

  1. Add new policy types in models/policy_rule.go
  2. Implement validation logic in services/rule_engine.go
  3. Add new API endpoints in handlers/compliance_handlers.go
  4. Register new routes in routes.go

Troubleshooting

Common issues:

  • Database Migration: Ensure migration 000023_add_compliance_tables has been applied
  • Entity Handlers: Verify that expense, invoice, and budget handlers are properly integrated
  • Authentication: Check the AuthAdapter is correctly wrapping the auth service
  • Policy Rules: Confirm that standard policy templates are initialized properly