2016-03-05 04:09:16 +00:00
|
|
|
package code.api
|
|
|
|
|
|
2020-01-19 14:58:55 +00:00
|
|
|
import code.api.util.{APIUtil, ErrorMessages}
|
2025-12-31 07:16:59 +00:00
|
|
|
import code.api.cache.Redis
|
2017-04-19 19:09:58 +00:00
|
|
|
import code.util.Helper.MdcLoggable
|
2020-01-19 14:58:55 +00:00
|
|
|
import com.openbankproject.commons.util.ApiStandards
|
2025-12-31 07:16:59 +00:00
|
|
|
import net.liftweb.util.Props
|
2016-03-05 04:09:16 +00:00
|
|
|
|
|
|
|
|
|
2016-03-05 07:04:41 +00:00
|
|
|
// Note: Import this with: import code.api.Constant._
|
2017-04-19 19:09:58 +00:00
|
|
|
object Constant extends MdcLoggable {
|
2016-03-05 04:09:16 +00:00
|
|
|
logger.info("Instantiating Constants")
|
2023-10-09 15:47:38 +00:00
|
|
|
|
|
|
|
|
final val directLoginHeaderName = "directlogin"
|
2025-12-31 07:16:59 +00:00
|
|
|
|
2022-10-06 08:50:21 +00:00
|
|
|
object Pagination {
|
|
|
|
|
final val offset = 0
|
2024-06-18 07:34:31 +00:00
|
|
|
final val limit = 50
|
2022-10-06 08:50:21 +00:00
|
|
|
}
|
2025-12-31 07:16:59 +00:00
|
|
|
|
2023-08-16 09:15:03 +00:00
|
|
|
final val shortEndpointTimeoutInMillis = APIUtil.getPropsAsLongValue(nameOfProperty = "short_endpoint_timeout", 1L * 1000L)
|
|
|
|
|
final val mediumEndpointTimeoutInMillis = APIUtil.getPropsAsLongValue(nameOfProperty = "medium_endpoint_timeout", 7L * 1000L)
|
2023-09-11 09:26:10 +00:00
|
|
|
final val longEndpointTimeoutInMillis = APIUtil.getPropsAsLongValue(nameOfProperty = "long_endpoint_timeout", 55L * 1000L)
|
2025-12-31 07:16:59 +00:00
|
|
|
|
2022-07-15 13:03:16 +00:00
|
|
|
final val h2DatabaseDefaultUrlValue = "jdbc:h2:mem:OBPTest_H2_v2.1.214;NON_KEYWORDS=VALUE;DB_CLOSE_DELAY=10"
|
2016-03-05 07:04:41 +00:00
|
|
|
|
2025-06-11 12:21:01 +00:00
|
|
|
final val HostName = APIUtil.getPropsValue("hostname").openOrThrowException(ErrorMessages.HostnameNotSpecified)
|
2025-07-09 07:47:38 +00:00
|
|
|
final val CONNECTOR = APIUtil.getPropsValue("connector")
|
2025-06-11 12:21:01 +00:00
|
|
|
final val openidConnectEnabled = APIUtil.getPropsAsBoolValue("openid_connect.enabled", false)
|
2025-12-31 07:16:59 +00:00
|
|
|
|
2025-06-25 11:08:46 +00:00
|
|
|
final val bgRemoveSignOfAmounts = APIUtil.getPropsAsBoolValue("BG_remove_sign_of_amounts", false)
|
2025-12-31 07:16:59 +00:00
|
|
|
|
2023-10-12 13:05:59 +00:00
|
|
|
final val ApiInstanceId = {
|
2023-10-13 13:14:49 +00:00
|
|
|
val apiInstanceIdFromProps = APIUtil.getPropsValue("api_instance_id")
|
|
|
|
|
if(apiInstanceIdFromProps.isDefined){
|
|
|
|
|
if(apiInstanceIdFromProps.head.endsWith("final")){
|
|
|
|
|
apiInstanceIdFromProps.head
|
|
|
|
|
}else{
|
|
|
|
|
s"${apiInstanceIdFromProps.head}_${APIUtil.generateUUID()}"
|
2025-12-31 07:16:59 +00:00
|
|
|
}
|
2023-10-12 09:52:07 +00:00
|
|
|
}else{
|
2023-10-13 13:14:49 +00:00
|
|
|
APIUtil.generateUUID()
|
2023-10-12 09:52:07 +00:00
|
|
|
}
|
|
|
|
|
}
|
2025-12-31 07:16:59 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get the global cache namespace prefix for Redis keys.
|
|
|
|
|
* This prefix ensures that cache keys from different OBP instances and environments don't conflict.
|
|
|
|
|
*
|
|
|
|
|
* The prefix format is: {instance_id}_{environment}_
|
|
|
|
|
* Examples:
|
|
|
|
|
* - "mybank_prod_"
|
|
|
|
|
* - "mybank_test_"
|
|
|
|
|
* - "mybank_dev_"
|
|
|
|
|
* - "abc123_staging_"
|
|
|
|
|
*
|
|
|
|
|
* @return A string prefix to be prepended to all Redis cache keys
|
|
|
|
|
*/
|
|
|
|
|
def getGlobalCacheNamespacePrefix: String = {
|
|
|
|
|
val instanceId = APIUtil.getPropsValue("api_instance_id").getOrElse("obp")
|
|
|
|
|
val environment = Props.mode match {
|
|
|
|
|
case Props.RunModes.Production => "prod"
|
|
|
|
|
case Props.RunModes.Staging => "staging"
|
|
|
|
|
case Props.RunModes.Development => "dev"
|
|
|
|
|
case Props.RunModes.Test => "test"
|
|
|
|
|
case _ => "unknown"
|
|
|
|
|
}
|
|
|
|
|
s"${instanceId}_${environment}_"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get the current version counter for a cache namespace.
|
|
|
|
|
* This allows for easy cache invalidation by incrementing the counter.
|
|
|
|
|
*
|
|
|
|
|
* The counter is stored in Redis with a key like: "mybank_prod_cache_version_rd_localised"
|
|
|
|
|
* If the counter doesn't exist, it defaults to 1.
|
|
|
|
|
*
|
|
|
|
|
* @param namespaceId The cache namespace identifier (e.g., "rd_localised", "rd_dynamic", "connector")
|
|
|
|
|
* @return The current version counter for that namespace
|
|
|
|
|
*/
|
|
|
|
|
def getCacheNamespaceVersion(namespaceId: String): Long = {
|
|
|
|
|
val versionKey = s"${getGlobalCacheNamespacePrefix}cache_version_${namespaceId}"
|
|
|
|
|
try {
|
|
|
|
|
Redis.use(JedisMethod.GET, versionKey, None, None)
|
|
|
|
|
.map(_.toLong)
|
|
|
|
|
.getOrElse {
|
|
|
|
|
// Initialize counter to 1 if it doesn't exist
|
|
|
|
|
Redis.use(JedisMethod.SET, versionKey, None, Some("1"))
|
|
|
|
|
1L
|
|
|
|
|
}
|
|
|
|
|
} catch {
|
|
|
|
|
case _: Throwable =>
|
|
|
|
|
// If Redis is unavailable, return 1 as default
|
|
|
|
|
1L
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Increment the version counter for a cache namespace.
|
|
|
|
|
* This effectively invalidates all cached keys in that namespace by making them unreachable.
|
|
|
|
|
*
|
|
|
|
|
* Usage example:
|
|
|
|
|
* Before: mybank_prod_rd_localised_1_en_US_v4.0.0
|
|
|
|
|
* After incrementing: mybank_prod_rd_localised_2_en_US_v4.0.0
|
|
|
|
|
* (old keys with "_1_" are now orphaned and will be ignored)
|
|
|
|
|
*
|
|
|
|
|
* @param namespaceId The cache namespace identifier (e.g., "rd_localised", "rd_dynamic")
|
|
|
|
|
* @return The new version number, or None if increment failed
|
|
|
|
|
*/
|
|
|
|
|
def incrementCacheNamespaceVersion(namespaceId: String): Option[Long] = {
|
|
|
|
|
val versionKey = s"${getGlobalCacheNamespacePrefix}cache_version_${namespaceId}"
|
|
|
|
|
try {
|
|
|
|
|
val newVersion = Redis.use(JedisMethod.INCR, versionKey, None, None)
|
|
|
|
|
.map(_.toLong)
|
|
|
|
|
logger.info(s"Cache namespace version incremented: ${namespaceId} -> ${newVersion.getOrElse("unknown")}")
|
|
|
|
|
newVersion
|
|
|
|
|
} catch {
|
|
|
|
|
case e: Throwable =>
|
|
|
|
|
logger.error(s"Failed to increment cache namespace version for ${namespaceId}: ${e.getMessage}")
|
|
|
|
|
None
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Build a versioned cache prefix with the namespace counter included.
|
|
|
|
|
* Format: {instance}_{env}_{prefix}_{version}_
|
|
|
|
|
*
|
|
|
|
|
* @param basePrefix The base prefix name (e.g., "rd_localised", "rd_dynamic")
|
|
|
|
|
* @return Versioned prefix string (e.g., "mybank_prod_rd_localised_1_")
|
|
|
|
|
*/
|
|
|
|
|
def getVersionedCachePrefix(basePrefix: String): String = {
|
|
|
|
|
val version = getCacheNamespaceVersion(basePrefix)
|
|
|
|
|
s"${getGlobalCacheNamespacePrefix}${basePrefix}_${version}_"
|
|
|
|
|
}
|
|
|
|
|
|
2025-06-11 12:21:01 +00:00
|
|
|
final val localIdentityProvider = APIUtil.getPropsValue("local_identity_provider", HostName)
|
2025-12-31 07:16:59 +00:00
|
|
|
|
2025-06-11 12:21:01 +00:00
|
|
|
final val mailUsersUserinfoSenderAddress = APIUtil.getPropsValue("mail.users.userinfo.sender.address", "sender-not-set")
|
2025-12-31 07:16:59 +00:00
|
|
|
|
2025-06-11 12:21:01 +00:00
|
|
|
final val oauth2JwkSetUrl = APIUtil.getPropsValue(nameOfProperty = "oauth2.jwk_set.url")
|
|
|
|
|
|
|
|
|
|
final val consumerDefaultLogoUrl = APIUtil.getPropsValue("consumer_default_logo_url")
|
|
|
|
|
final val serverMode = APIUtil.getPropsValue("server_mode", "apis,portal")
|
2016-03-05 07:04:41 +00:00
|
|
|
|
|
|
|
|
// This is the part before the version. Do not change this default!
|
2019-03-07 10:17:50 +00:00
|
|
|
final val ApiPathZero = APIUtil.getPropsValue("apiPathZero", ApiStandards.obp.toString)
|
2025-12-31 07:16:59 +00:00
|
|
|
|
2019-12-17 14:40:43 +00:00
|
|
|
final val CUSTOM_PUBLIC_VIEW_ID = "_public"
|
2019-12-19 11:40:44 +00:00
|
|
|
final val SYSTEM_OWNER_VIEW_ID = "owner" // From this commit new owner views are system views
|
2019-11-29 13:24:07 +00:00
|
|
|
final val SYSTEM_AUDITOR_VIEW_ID = "auditor"
|
|
|
|
|
final val SYSTEM_ACCOUNTANT_VIEW_ID = "accountant"
|
2019-12-16 13:03:56 +00:00
|
|
|
final val SYSTEM_FIREHOSE_VIEW_ID = "firehose"
|
2022-10-13 11:40:48 +00:00
|
|
|
final val SYSTEM_STANDARD_VIEW_ID = "standard"
|
2022-08-16 20:31:56 +00:00
|
|
|
final val SYSTEM_STAGE_ONE_VIEW_ID = "StageOne"
|
2023-07-13 09:50:18 +00:00
|
|
|
final val SYSTEM_MANAGE_CUSTOM_VIEWS_VIEW_ID = "ManageCustomViews"
|
2025-01-15 09:09:25 +00:00
|
|
|
// UK Open Banking
|
2020-10-12 10:45:17 +00:00
|
|
|
final val SYSTEM_READ_ACCOUNTS_BASIC_VIEW_ID = "ReadAccountsBasic"
|
|
|
|
|
final val SYSTEM_READ_ACCOUNTS_DETAIL_VIEW_ID = "ReadAccountsDetail"
|
|
|
|
|
final val SYSTEM_READ_BALANCES_VIEW_ID = "ReadBalances"
|
|
|
|
|
final val SYSTEM_READ_TRANSACTIONS_BASIC_VIEW_ID = "ReadTransactionsBasic"
|
|
|
|
|
final val SYSTEM_READ_TRANSACTIONS_DEBITS_VIEW_ID = "ReadTransactionsDebits"
|
|
|
|
|
final val SYSTEM_READ_TRANSACTIONS_DETAIL_VIEW_ID = "ReadTransactionsDetail"
|
2021-02-15 15:18:35 +00:00
|
|
|
// Berlin Group
|
|
|
|
|
final val SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID = "ReadAccountsBerlinGroup"
|
2021-03-03 18:40:09 +00:00
|
|
|
final val SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID = "ReadBalancesBerlinGroup"
|
|
|
|
|
final val SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID = "ReadTransactionsBerlinGroup"
|
2024-08-09 13:41:38 +00:00
|
|
|
final val SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID = "InitiatePaymentsBerlinGroup"
|
2020-05-05 20:11:07 +00:00
|
|
|
|
2024-07-05 11:39:37 +00:00
|
|
|
//This is used for the canRevokeAccessToViews_ and canGrantAccessToViews_ fields of SYSTEM_OWNER_VIEW_ID or SYSTEM_STANDARD_VIEW_ID.
|
2025-12-31 07:16:59 +00:00
|
|
|
final val DEFAULT_CAN_GRANT_AND_REVOKE_ACCESS_TO_VIEWS =
|
2024-06-12 11:46:49 +00:00
|
|
|
SYSTEM_OWNER_VIEW_ID::
|
|
|
|
|
SYSTEM_AUDITOR_VIEW_ID::
|
|
|
|
|
SYSTEM_ACCOUNTANT_VIEW_ID::
|
|
|
|
|
SYSTEM_FIREHOSE_VIEW_ID::
|
|
|
|
|
SYSTEM_STANDARD_VIEW_ID::
|
|
|
|
|
SYSTEM_STAGE_ONE_VIEW_ID::
|
|
|
|
|
SYSTEM_MANAGE_CUSTOM_VIEWS_VIEW_ID::
|
|
|
|
|
SYSTEM_READ_ACCOUNTS_BASIC_VIEW_ID::
|
|
|
|
|
SYSTEM_READ_ACCOUNTS_DETAIL_VIEW_ID::
|
|
|
|
|
SYSTEM_READ_BALANCES_VIEW_ID::
|
|
|
|
|
SYSTEM_READ_TRANSACTIONS_BASIC_VIEW_ID::
|
|
|
|
|
SYSTEM_READ_TRANSACTIONS_DEBITS_VIEW_ID::
|
|
|
|
|
SYSTEM_READ_TRANSACTIONS_DETAIL_VIEW_ID::
|
|
|
|
|
SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID::
|
|
|
|
|
SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID::
|
2025-12-31 07:16:59 +00:00
|
|
|
SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID ::
|
2024-08-09 13:41:38 +00:00
|
|
|
SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID :: Nil
|
2025-12-31 07:16:59 +00:00
|
|
|
|
2024-07-05 11:39:37 +00:00
|
|
|
//We allow CBS side to generate views by getBankAccountsForUser.viewsToGenerate filed.
|
|
|
|
|
// viewsToGenerate can be any views, and OBP will check the following list, to make sure only allowed views are generated
|
|
|
|
|
// If some views are not allowed, obp just log it, do not throw exceptions.
|
2025-12-31 07:16:59 +00:00
|
|
|
final val VIEWS_GENERATED_FROM_CBS_WHITE_LIST =
|
2024-06-12 11:46:49 +00:00
|
|
|
SYSTEM_OWNER_VIEW_ID::
|
|
|
|
|
SYSTEM_ACCOUNTANT_VIEW_ID::
|
|
|
|
|
SYSTEM_AUDITOR_VIEW_ID::
|
|
|
|
|
SYSTEM_STAGE_ONE_VIEW_ID::
|
|
|
|
|
SYSTEM_STANDARD_VIEW_ID::
|
|
|
|
|
SYSTEM_MANAGE_CUSTOM_VIEWS_VIEW_ID::
|
|
|
|
|
SYSTEM_READ_ACCOUNTS_BERLIN_GROUP_VIEW_ID::
|
|
|
|
|
SYSTEM_READ_BALANCES_BERLIN_GROUP_VIEW_ID::
|
2024-08-09 13:41:38 +00:00
|
|
|
SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_ID ::
|
|
|
|
|
SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_VIEW_ID :: Nil
|
2024-06-10 12:18:06 +00:00
|
|
|
|
2020-05-05 20:11:07 +00:00
|
|
|
//These are the default incoming and outgoing account ids. we will create both during the boot.scala.
|
2025-12-31 07:16:59 +00:00
|
|
|
final val INCOMING_SETTLEMENT_ACCOUNT_ID = "OBP-INCOMING-SETTLEMENT-ACCOUNT"
|
|
|
|
|
final val OUTGOING_SETTLEMENT_ACCOUNT_ID = "OBP-OUTGOING-SETTLEMENT-ACCOUNT"
|
|
|
|
|
final val ALL_CONSUMERS = "ALL_CONSUMERS"
|
2020-05-05 20:11:07 +00:00
|
|
|
|
2023-01-09 13:27:24 +00:00
|
|
|
final val PARAM_LOCALE = "locale"
|
|
|
|
|
final val PARAM_TIMESTAMP = "_timestamp_"
|
2023-11-07 15:43:15 +00:00
|
|
|
|
2025-12-31 07:16:59 +00:00
|
|
|
// Cache Namespace IDs - Single source of truth for all namespace identifiers
|
|
|
|
|
final val CALL_COUNTER_NAMESPACE = "call_counter"
|
|
|
|
|
final val RL_ACTIVE_NAMESPACE = "rl_active"
|
|
|
|
|
final val RD_LOCALISED_NAMESPACE = "rd_localised"
|
|
|
|
|
final val RD_DYNAMIC_NAMESPACE = "rd_dynamic"
|
|
|
|
|
final val RD_STATIC_NAMESPACE = "rd_static"
|
|
|
|
|
final val RD_ALL_NAMESPACE = "rd_all"
|
|
|
|
|
final val SWAGGER_STATIC_NAMESPACE = "swagger_static"
|
|
|
|
|
final val CONNECTOR_NAMESPACE = "connector"
|
|
|
|
|
final val METRICS_STABLE_NAMESPACE = "metrics_stable"
|
|
|
|
|
final val METRICS_RECENT_NAMESPACE = "metrics_recent"
|
|
|
|
|
final val ABAC_RULE_NAMESPACE = "abac_rule"
|
|
|
|
|
|
|
|
|
|
// List of all versioned cache namespaces
|
|
|
|
|
final val ALL_CACHE_NAMESPACES = List(
|
|
|
|
|
CALL_COUNTER_NAMESPACE,
|
|
|
|
|
RL_ACTIVE_NAMESPACE,
|
|
|
|
|
RD_LOCALISED_NAMESPACE,
|
|
|
|
|
RD_DYNAMIC_NAMESPACE,
|
|
|
|
|
RD_STATIC_NAMESPACE,
|
|
|
|
|
RD_ALL_NAMESPACE,
|
|
|
|
|
SWAGGER_STATIC_NAMESPACE,
|
|
|
|
|
CONNECTOR_NAMESPACE,
|
|
|
|
|
METRICS_STABLE_NAMESPACE,
|
|
|
|
|
METRICS_RECENT_NAMESPACE,
|
|
|
|
|
ABAC_RULE_NAMESPACE
|
|
|
|
|
)
|
2023-11-07 15:43:15 +00:00
|
|
|
|
2025-12-31 07:16:59 +00:00
|
|
|
// Cache key prefixes with global namespace and versioning for easy invalidation
|
|
|
|
|
// Version counter allows invalidating entire cache namespaces by incrementing the counter
|
|
|
|
|
// Example: rd_localised_1_ → rd_localised_2_ (all old keys with _1_ become unreachable)
|
|
|
|
|
def LOCALISED_RESOURCE_DOC_PREFIX: String = getVersionedCachePrefix(RD_LOCALISED_NAMESPACE)
|
|
|
|
|
def DYNAMIC_RESOURCE_DOC_CACHE_KEY_PREFIX: String = getVersionedCachePrefix(RD_DYNAMIC_NAMESPACE)
|
|
|
|
|
def STATIC_RESOURCE_DOC_CACHE_KEY_PREFIX: String = getVersionedCachePrefix(RD_STATIC_NAMESPACE)
|
|
|
|
|
def ALL_RESOURCE_DOC_CACHE_KEY_PREFIX: String = getVersionedCachePrefix(RD_ALL_NAMESPACE)
|
|
|
|
|
def STATIC_SWAGGER_DOC_CACHE_KEY_PREFIX: String = getVersionedCachePrefix(SWAGGER_STATIC_NAMESPACE)
|
2023-11-16 08:28:21 +00:00
|
|
|
final val CREATE_LOCALISED_RESOURCE_DOC_JSON_TTL: Int = APIUtil.getPropsValue(s"createLocalisedResourceDocJson.cache.ttl.seconds", "3600").toInt
|
|
|
|
|
final val GET_DYNAMIC_RESOURCE_DOCS_TTL: Int = APIUtil.getPropsValue(s"dynamicResourceDocsObp.cache.ttl.seconds", "3600").toInt
|
|
|
|
|
final val GET_STATIC_RESOURCE_DOCS_TTL: Int = APIUtil.getPropsValue(s"staticResourceDocsObp.cache.ttl.seconds", "3600").toInt
|
2023-11-16 10:49:30 +00:00
|
|
|
final val SHOW_USED_CONNECTOR_METHODS: Boolean = APIUtil.getPropsAsBoolValue(s"show_used_connector_methods", false)
|
2025-12-28 13:46:43 +00:00
|
|
|
|
2025-12-31 07:16:59 +00:00
|
|
|
// Rate Limiting Cache Prefixes (with global namespace and versioning)
|
|
|
|
|
// Both call_counter and rl_active are versioned for consistent cache invalidation
|
|
|
|
|
def CALL_COUNTER_PREFIX: String = getVersionedCachePrefix(CALL_COUNTER_NAMESPACE)
|
|
|
|
|
def RATE_LIMIT_ACTIVE_PREFIX: String = getVersionedCachePrefix(RL_ACTIVE_NAMESPACE)
|
2025-12-28 13:46:43 +00:00
|
|
|
final val RATE_LIMIT_ACTIVE_CACHE_TTL: Int = APIUtil.getPropsValue("rateLimitActive.cache.ttl.seconds", "3600").toInt
|
|
|
|
|
|
2025-12-31 07:16:59 +00:00
|
|
|
// Connector Cache Prefixes (with global namespace and versioning)
|
|
|
|
|
def CONNECTOR_PREFIX: String = getVersionedCachePrefix(CONNECTOR_NAMESPACE)
|
|
|
|
|
|
|
|
|
|
// Metrics Cache Prefixes (with global namespace and versioning)
|
|
|
|
|
def METRICS_STABLE_PREFIX: String = getVersionedCachePrefix(METRICS_STABLE_NAMESPACE)
|
|
|
|
|
def METRICS_RECENT_PREFIX: String = getVersionedCachePrefix(METRICS_RECENT_NAMESPACE)
|
2025-12-28 13:46:43 +00:00
|
|
|
|
2025-12-31 07:16:59 +00:00
|
|
|
// ABAC Cache Prefixes (with global namespace and versioning)
|
|
|
|
|
def ABAC_RULE_PREFIX: String = getVersionedCachePrefix(ABAC_RULE_NAMESPACE)
|
2025-12-28 13:46:43 +00:00
|
|
|
|
2026-01-14 08:32:23 +00:00
|
|
|
// ABAC Policy Constants
|
|
|
|
|
final val ABAC_POLICY_ACCOUNT_ACCESS = "account-access"
|
|
|
|
|
|
|
|
|
|
// List of all ABAC Policies
|
|
|
|
|
final val ABAC_POLICIES: List[String] = List(
|
|
|
|
|
ABAC_POLICY_ACCOUNT_ACCESS
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// Map of ABAC Policies to their descriptions
|
|
|
|
|
final val ABAC_POLICY_DESCRIPTIONS: Map[String, String] = Map(
|
|
|
|
|
ABAC_POLICY_ACCOUNT_ACCESS -> "Rules for controlling access to account information and account-related operations"
|
|
|
|
|
)
|
|
|
|
|
|
2025-07-10 11:57:22 +00:00
|
|
|
final val CAN_SEE_TRANSACTION_OTHER_BANK_ACCOUNT = "can_see_transaction_other_bank_account"
|
|
|
|
|
final val CAN_SEE_TRANSACTION_METADATA = "can_see_transaction_metadata"
|
|
|
|
|
final val CAN_SEE_TRANSACTION_DESCRIPTION = "can_see_transaction_description"
|
|
|
|
|
final val CAN_SEE_TRANSACTION_AMOUNT = "can_see_transaction_amount"
|
|
|
|
|
final val CAN_SEE_TRANSACTION_TYPE = "can_see_transaction_type"
|
|
|
|
|
final val CAN_SEE_TRANSACTION_CURRENCY = "can_see_transaction_currency"
|
|
|
|
|
final val CAN_SEE_TRANSACTION_START_DATE = "can_see_transaction_start_date"
|
|
|
|
|
final val CAN_SEE_TRANSACTION_FINISH_DATE = "can_see_transaction_finish_date"
|
|
|
|
|
final val CAN_SEE_TRANSACTION_BALANCE = "can_see_transaction_balance"
|
|
|
|
|
final val CAN_SEE_COMMENTS = "can_see_comments"
|
|
|
|
|
final val CAN_SEE_OWNER_COMMENT = "can_see_owner_comment"
|
|
|
|
|
final val CAN_SEE_TAGS = "can_see_tags"
|
|
|
|
|
final val CAN_SEE_IMAGES = "can_see_images"
|
|
|
|
|
final val CAN_SEE_BANK_ACCOUNT_OWNERS = "can_see_bank_account_owners"
|
|
|
|
|
final val CAN_SEE_BANK_ACCOUNT_TYPE = "can_see_bank_account_type"
|
|
|
|
|
final val CAN_SEE_BANK_ACCOUNT_BALANCE = "can_see_bank_account_balance"
|
|
|
|
|
final val CAN_QUERY_AVAILABLE_FUNDS = "can_query_available_funds"
|
|
|
|
|
final val CAN_SEE_BANK_ACCOUNT_LABEL = "can_see_bank_account_label"
|
|
|
|
|
final val CAN_SEE_BANK_ACCOUNT_NATIONAL_IDENTIFIER = "can_see_bank_account_national_identifier"
|
|
|
|
|
final val CAN_SEE_BANK_ACCOUNT_SWIFT_BIC = "can_see_bank_account_swift_bic"
|
|
|
|
|
final val CAN_SEE_BANK_ACCOUNT_IBAN = "can_see_bank_account_iban"
|
|
|
|
|
final val CAN_SEE_BANK_ACCOUNT_NUMBER = "can_see_bank_account_number"
|
|
|
|
|
final val CAN_SEE_BANK_ACCOUNT_BANK_NAME = "can_see_bank_account_bank_name"
|
|
|
|
|
final val CAN_SEE_BANK_ACCOUNT_BANK_PERMALINK = "can_see_bank_account_bank_permalink"
|
|
|
|
|
final val CAN_SEE_BANK_ROUTING_SCHEME = "can_see_bank_routing_scheme"
|
|
|
|
|
final val CAN_SEE_BANK_ROUTING_ADDRESS = "can_see_bank_routing_address"
|
|
|
|
|
final val CAN_SEE_BANK_ACCOUNT_ROUTING_SCHEME = "can_see_bank_account_routing_scheme"
|
|
|
|
|
final val CAN_SEE_BANK_ACCOUNT_ROUTING_ADDRESS = "can_see_bank_account_routing_address"
|
|
|
|
|
final val CAN_SEE_OTHER_ACCOUNT_NATIONAL_IDENTIFIER = "can_see_other_account_national_identifier"
|
|
|
|
|
final val CAN_SEE_OTHER_ACCOUNT_SWIFT_BIC = "can_see_other_account_swift_bic"
|
|
|
|
|
final val CAN_SEE_OTHER_ACCOUNT_IBAN = "can_see_other_account_iban"
|
|
|
|
|
final val CAN_SEE_OTHER_ACCOUNT_BANK_NAME = "can_see_other_account_bank_name"
|
|
|
|
|
final val CAN_SEE_OTHER_ACCOUNT_NUMBER = "can_see_other_account_number"
|
|
|
|
|
final val CAN_SEE_OTHER_ACCOUNT_METADATA = "can_see_other_account_metadata"
|
|
|
|
|
final val CAN_SEE_OTHER_ACCOUNT_KIND = "can_see_other_account_kind"
|
|
|
|
|
final val CAN_SEE_OTHER_BANK_ROUTING_SCHEME = "can_see_other_bank_routing_scheme"
|
|
|
|
|
final val CAN_SEE_OTHER_BANK_ROUTING_ADDRESS = "can_see_other_bank_routing_address"
|
|
|
|
|
final val CAN_SEE_OTHER_ACCOUNT_ROUTING_SCHEME = "can_see_other_account_routing_scheme"
|
|
|
|
|
final val CAN_SEE_OTHER_ACCOUNT_ROUTING_ADDRESS = "can_see_other_account_routing_address"
|
|
|
|
|
final val CAN_SEE_MORE_INFO = "can_see_more_info"
|
|
|
|
|
final val CAN_SEE_URL = "can_see_url"
|
|
|
|
|
final val CAN_SEE_IMAGE_URL = "can_see_image_url"
|
|
|
|
|
final val CAN_SEE_OPEN_CORPORATES_URL = "can_see_open_corporates_url"
|
|
|
|
|
final val CAN_SEE_CORPORATE_LOCATION = "can_see_corporate_location"
|
|
|
|
|
final val CAN_SEE_PHYSICAL_LOCATION = "can_see_physical_location"
|
|
|
|
|
final val CAN_SEE_PUBLIC_ALIAS = "can_see_public_alias"
|
|
|
|
|
final val CAN_SEE_PRIVATE_ALIAS = "can_see_private_alias"
|
|
|
|
|
final val CAN_ADD_MORE_INFO = "can_add_more_info"
|
|
|
|
|
final val CAN_ADD_URL = "can_add_url"
|
|
|
|
|
final val CAN_ADD_IMAGE_URL = "can_add_image_url"
|
|
|
|
|
final val CAN_ADD_OPEN_CORPORATES_URL = "can_add_open_corporates_url"
|
|
|
|
|
final val CAN_ADD_CORPORATE_LOCATION = "can_add_corporate_location"
|
|
|
|
|
final val CAN_ADD_PHYSICAL_LOCATION = "can_add_physical_location"
|
|
|
|
|
final val CAN_ADD_PUBLIC_ALIAS = "can_add_public_alias"
|
|
|
|
|
final val CAN_ADD_PRIVATE_ALIAS = "can_add_private_alias"
|
|
|
|
|
final val CAN_ADD_COUNTERPARTY = "can_add_counterparty"
|
|
|
|
|
final val CAN_GET_COUNTERPARTY = "can_get_counterparty"
|
|
|
|
|
final val CAN_DELETE_COUNTERPARTY = "can_delete_counterparty"
|
|
|
|
|
final val CAN_DELETE_CORPORATE_LOCATION = "can_delete_corporate_location"
|
|
|
|
|
final val CAN_DELETE_PHYSICAL_LOCATION = "can_delete_physical_location"
|
|
|
|
|
final val CAN_EDIT_OWNER_COMMENT = "can_edit_owner_comment"
|
|
|
|
|
final val CAN_ADD_COMMENT = "can_add_comment"
|
|
|
|
|
final val CAN_DELETE_COMMENT = "can_delete_comment"
|
|
|
|
|
final val CAN_ADD_TAG = "can_add_tag"
|
|
|
|
|
final val CAN_DELETE_TAG = "can_delete_tag"
|
|
|
|
|
final val CAN_ADD_IMAGE = "can_add_image"
|
|
|
|
|
final val CAN_DELETE_IMAGE = "can_delete_image"
|
|
|
|
|
final val CAN_ADD_WHERE_TAG = "can_add_where_tag"
|
|
|
|
|
final val CAN_SEE_WHERE_TAG = "can_see_where_tag"
|
|
|
|
|
final val CAN_DELETE_WHERE_TAG = "can_delete_where_tag"
|
|
|
|
|
final val CAN_ADD_TRANSACTION_REQUEST_TO_OWN_ACCOUNT = "can_add_transaction_request_to_own_account"
|
|
|
|
|
final val CAN_ADD_TRANSACTION_REQUEST_TO_ANY_ACCOUNT = "can_add_transaction_request_to_any_account"
|
|
|
|
|
final val CAN_SEE_BANK_ACCOUNT_CREDIT_LIMIT = "can_see_bank_account_credit_limit"
|
|
|
|
|
final val CAN_CREATE_DIRECT_DEBIT = "can_create_direct_debit"
|
|
|
|
|
final val CAN_CREATE_STANDING_ORDER = "can_create_standing_order"
|
|
|
|
|
final val CAN_REVOKE_ACCESS_TO_CUSTOM_VIEWS = "can_revoke_access_to_custom_views"
|
|
|
|
|
final val CAN_GRANT_ACCESS_TO_CUSTOM_VIEWS = "can_grant_access_to_custom_views"
|
|
|
|
|
final val CAN_SEE_TRANSACTION_REQUESTS = "can_see_transaction_requests"
|
|
|
|
|
final val CAN_SEE_TRANSACTION_REQUEST_TYPES = "can_see_transaction_request_types"
|
|
|
|
|
final val CAN_SEE_AVAILABLE_VIEWS_FOR_BANK_ACCOUNT = "can_see_available_views_for_bank_account"
|
|
|
|
|
final val CAN_UPDATE_BANK_ACCOUNT_LABEL = "can_update_bank_account_label"
|
|
|
|
|
final val CAN_CREATE_CUSTOM_VIEW = "can_create_custom_view"
|
|
|
|
|
final val CAN_DELETE_CUSTOM_VIEW = "can_delete_custom_view"
|
|
|
|
|
final val CAN_UPDATE_CUSTOM_VIEW = "can_update_custom_view"
|
|
|
|
|
final val CAN_GET_CUSTOM_VIEW = "can_get_custom_view"
|
|
|
|
|
final val CAN_SEE_VIEWS_WITH_PERMISSIONS_FOR_ALL_USERS = "can_see_views_with_permissions_for_all_users"
|
|
|
|
|
final val CAN_SEE_VIEWS_WITH_PERMISSIONS_FOR_ONE_USER = "can_see_views_with_permissions_for_one_user"
|
|
|
|
|
final val CAN_SEE_TRANSACTION_THIS_BANK_ACCOUNT = "can_see_transaction_this_bank_account"
|
|
|
|
|
final val CAN_SEE_TRANSACTION_STATUS = "can_see_transaction_status"
|
|
|
|
|
final val CAN_SEE_BANK_ACCOUNT_CURRENCY = "can_see_bank_account_currency"
|
|
|
|
|
final val CAN_ADD_TRANSACTION_REQUEST_TO_BENEFICIARY = "can_add_transaction_request_to_beneficiary"
|
|
|
|
|
final val CAN_GRANT_ACCESS_TO_VIEWS = "can_grant_access_to_views"
|
|
|
|
|
final val CAN_REVOKE_ACCESS_TO_VIEWS = "can_revoke_access_to_views"
|
2025-07-04 10:55:48 +00:00
|
|
|
|
2025-07-12 13:43:30 +00:00
|
|
|
final val SYSTEM_OWNER_VIEW_PERMISSION_ADMIN = List(
|
|
|
|
|
CAN_SEE_AVAILABLE_VIEWS_FOR_BANK_ACCOUNT,
|
|
|
|
|
CAN_SEE_TRANSACTION_REQUESTS,
|
|
|
|
|
CAN_SEE_TRANSACTION_REQUEST_TYPES,
|
|
|
|
|
CAN_UPDATE_BANK_ACCOUNT_LABEL,
|
|
|
|
|
CAN_SEE_VIEWS_WITH_PERMISSIONS_FOR_ONE_USER,
|
|
|
|
|
CAN_SEE_VIEWS_WITH_PERMISSIONS_FOR_ALL_USERS,
|
|
|
|
|
CAN_SEE_TRANSACTION_DESCRIPTION,
|
|
|
|
|
CAN_ADD_TRANSACTION_REQUEST_TO_ANY_ACCOUNT,
|
|
|
|
|
CAN_ADD_TRANSACTION_REQUEST_TO_BENEFICIARY,
|
|
|
|
|
CAN_GRANT_ACCESS_TO_VIEWS,
|
|
|
|
|
CAN_REVOKE_ACCESS_TO_VIEWS
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
final val SYSTEM_MANAGER_VIEW_PERMISSION = List(
|
|
|
|
|
CAN_REVOKE_ACCESS_TO_CUSTOM_VIEWS,
|
|
|
|
|
CAN_GRANT_ACCESS_TO_CUSTOM_VIEWS,
|
|
|
|
|
CAN_CREATE_CUSTOM_VIEW,
|
|
|
|
|
CAN_DELETE_CUSTOM_VIEW,
|
|
|
|
|
CAN_UPDATE_CUSTOM_VIEW,
|
|
|
|
|
CAN_GET_CUSTOM_VIEW
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
final val SYSTEM_INITIATE_PAYMENTS_BERLIN_GROUP_PERMISSION = List(
|
|
|
|
|
CAN_ADD_TRANSACTION_REQUEST_TO_ANY_ACCOUNT,
|
|
|
|
|
CAN_ADD_TRANSACTION_REQUEST_TO_BENEFICIARY
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
final val SYSTEM_PUBLIC_VIEW_PERMISSION = List(
|
|
|
|
|
CAN_SEE_TRANSACTION_THIS_BANK_ACCOUNT,
|
|
|
|
|
CAN_SEE_TRANSACTION_OTHER_BANK_ACCOUNT,
|
|
|
|
|
CAN_SEE_TRANSACTION_METADATA,
|
|
|
|
|
CAN_SEE_TRANSACTION_AMOUNT,
|
|
|
|
|
CAN_SEE_TRANSACTION_TYPE,
|
|
|
|
|
CAN_SEE_TRANSACTION_CURRENCY,
|
|
|
|
|
CAN_SEE_TRANSACTION_START_DATE,
|
|
|
|
|
CAN_SEE_TRANSACTION_FINISH_DATE,
|
|
|
|
|
CAN_SEE_TRANSACTION_BALANCE,
|
|
|
|
|
CAN_SEE_COMMENTS,
|
|
|
|
|
CAN_SEE_OWNER_COMMENT,
|
|
|
|
|
CAN_SEE_TAGS,
|
|
|
|
|
CAN_SEE_IMAGES,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_OWNERS,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_TYPE,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_BALANCE,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_CURRENCY,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_LABEL,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_NATIONAL_IDENTIFIER,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_IBAN,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_NUMBER,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_BANK_NAME,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_BANK_PERMALINK,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_NATIONAL_IDENTIFIER,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_IBAN,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_BANK_NAME,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_NUMBER,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_METADATA,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_KIND,
|
|
|
|
|
CAN_SEE_MORE_INFO,
|
|
|
|
|
CAN_SEE_URL,
|
|
|
|
|
CAN_SEE_IMAGE_URL,
|
|
|
|
|
CAN_SEE_OPEN_CORPORATES_URL,
|
|
|
|
|
CAN_SEE_CORPORATE_LOCATION,
|
|
|
|
|
CAN_SEE_PHYSICAL_LOCATION,
|
|
|
|
|
CAN_SEE_PUBLIC_ALIAS,
|
|
|
|
|
CAN_SEE_PRIVATE_ALIAS,
|
|
|
|
|
CAN_ADD_MORE_INFO,
|
|
|
|
|
CAN_ADD_URL,
|
|
|
|
|
CAN_ADD_IMAGE_URL,
|
|
|
|
|
CAN_ADD_OPEN_CORPORATES_URL,
|
|
|
|
|
CAN_ADD_CORPORATE_LOCATION,
|
|
|
|
|
CAN_ADD_PHYSICAL_LOCATION,
|
|
|
|
|
CAN_ADD_PUBLIC_ALIAS,
|
|
|
|
|
CAN_ADD_PRIVATE_ALIAS,
|
|
|
|
|
CAN_ADD_COUNTERPARTY,
|
|
|
|
|
CAN_GET_COUNTERPARTY,
|
|
|
|
|
CAN_EDIT_OWNER_COMMENT,
|
|
|
|
|
CAN_ADD_COMMENT,
|
|
|
|
|
CAN_ADD_TAG,
|
|
|
|
|
CAN_ADD_IMAGE,
|
|
|
|
|
CAN_ADD_WHERE_TAG,
|
|
|
|
|
CAN_SEE_WHERE_TAG,
|
|
|
|
|
CAN_SEE_BANK_ROUTING_SCHEME,
|
|
|
|
|
CAN_SEE_BANK_ROUTING_ADDRESS,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_ROUTING_SCHEME,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_ROUTING_ADDRESS,
|
|
|
|
|
CAN_SEE_OTHER_BANK_ROUTING_SCHEME,
|
|
|
|
|
CAN_SEE_OTHER_BANK_ROUTING_ADDRESS,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_ROUTING_SCHEME,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_ROUTING_ADDRESS,
|
|
|
|
|
CAN_SEE_TRANSACTION_STATUS
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
final val SYSTEM_READ_TRANSACTIONS_BERLIN_GROUP_VIEW_PERMISSION = List(
|
|
|
|
|
CAN_SEE_TRANSACTION_AMOUNT,
|
|
|
|
|
CAN_SEE_TRANSACTION_BALANCE,
|
|
|
|
|
CAN_SEE_TRANSACTION_CURRENCY,
|
|
|
|
|
CAN_SEE_TRANSACTION_DESCRIPTION,
|
|
|
|
|
CAN_SEE_TRANSACTION_FINISH_DATE,
|
|
|
|
|
CAN_SEE_TRANSACTION_START_DATE,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_IBAN,
|
|
|
|
|
CAN_SEE_TRANSACTION_OTHER_BANK_ACCOUNT,
|
|
|
|
|
CAN_SEE_TRANSACTION_THIS_BANK_ACCOUNT,
|
|
|
|
|
CAN_SEE_TRANSACTION_TYPE,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_LABEL,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_BALANCE,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_ROUTING_ADDRESS,
|
2025-08-29 08:33:35 +00:00
|
|
|
CAN_SEE_BANK_ACCOUNT_CURRENCY,
|
2025-08-29 09:26:49 +00:00
|
|
|
CAN_SEE_TRANSACTION_STATUS
|
2025-07-12 13:43:30 +00:00
|
|
|
)
|
2025-12-31 07:16:59 +00:00
|
|
|
|
2025-07-12 13:43:30 +00:00
|
|
|
final val SYSTEM_VIEW_PERMISSION_COMMON = List(
|
|
|
|
|
CAN_SEE_TRANSACTION_THIS_BANK_ACCOUNT,
|
|
|
|
|
CAN_SEE_TRANSACTION_OTHER_BANK_ACCOUNT,
|
|
|
|
|
CAN_SEE_TRANSACTION_METADATA,
|
|
|
|
|
CAN_SEE_TRANSACTION_AMOUNT,
|
|
|
|
|
CAN_SEE_TRANSACTION_TYPE,
|
|
|
|
|
CAN_SEE_TRANSACTION_CURRENCY,
|
|
|
|
|
CAN_SEE_TRANSACTION_START_DATE,
|
|
|
|
|
CAN_SEE_TRANSACTION_FINISH_DATE,
|
|
|
|
|
CAN_SEE_TRANSACTION_BALANCE,
|
|
|
|
|
CAN_SEE_COMMENTS,
|
|
|
|
|
CAN_SEE_OWNER_COMMENT,
|
|
|
|
|
CAN_SEE_TAGS,
|
|
|
|
|
CAN_SEE_IMAGES,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_OWNERS,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_TYPE,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_BALANCE,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_CURRENCY,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_LABEL,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_NATIONAL_IDENTIFIER,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_SWIFT_BIC,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_IBAN,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_NUMBER,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_BANK_NAME,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_BANK_PERMALINK,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_NATIONAL_IDENTIFIER,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_SWIFT_BIC,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_IBAN,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_BANK_NAME,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_NUMBER,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_METADATA,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_KIND,
|
|
|
|
|
CAN_SEE_MORE_INFO,
|
|
|
|
|
CAN_SEE_URL,
|
|
|
|
|
CAN_SEE_IMAGE_URL,
|
|
|
|
|
CAN_SEE_OPEN_CORPORATES_URL,
|
|
|
|
|
CAN_SEE_CORPORATE_LOCATION,
|
|
|
|
|
CAN_SEE_PHYSICAL_LOCATION,
|
|
|
|
|
CAN_SEE_PUBLIC_ALIAS,
|
|
|
|
|
CAN_SEE_PRIVATE_ALIAS,
|
|
|
|
|
CAN_ADD_MORE_INFO,
|
|
|
|
|
CAN_ADD_URL,
|
|
|
|
|
CAN_ADD_IMAGE_URL,
|
|
|
|
|
CAN_ADD_OPEN_CORPORATES_URL,
|
|
|
|
|
CAN_ADD_CORPORATE_LOCATION,
|
|
|
|
|
CAN_ADD_PHYSICAL_LOCATION,
|
|
|
|
|
CAN_ADD_PUBLIC_ALIAS,
|
|
|
|
|
CAN_ADD_PRIVATE_ALIAS,
|
|
|
|
|
CAN_ADD_COUNTERPARTY,
|
|
|
|
|
CAN_GET_COUNTERPARTY,
|
|
|
|
|
CAN_DELETE_COUNTERPARTY,
|
|
|
|
|
CAN_DELETE_CORPORATE_LOCATION,
|
|
|
|
|
CAN_DELETE_PHYSICAL_LOCATION,
|
|
|
|
|
CAN_EDIT_OWNER_COMMENT,
|
|
|
|
|
CAN_ADD_COMMENT,
|
|
|
|
|
CAN_DELETE_COMMENT,
|
|
|
|
|
CAN_ADD_TAG,
|
|
|
|
|
CAN_DELETE_TAG,
|
|
|
|
|
CAN_ADD_IMAGE,
|
|
|
|
|
CAN_DELETE_IMAGE,
|
|
|
|
|
CAN_ADD_WHERE_TAG,
|
|
|
|
|
CAN_SEE_WHERE_TAG,
|
|
|
|
|
CAN_DELETE_WHERE_TAG,
|
|
|
|
|
CAN_SEE_BANK_ROUTING_SCHEME,
|
|
|
|
|
CAN_SEE_BANK_ROUTING_ADDRESS,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_ROUTING_SCHEME,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_ROUTING_ADDRESS,
|
|
|
|
|
CAN_SEE_OTHER_BANK_ROUTING_SCHEME,
|
|
|
|
|
CAN_SEE_OTHER_BANK_ROUTING_ADDRESS,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_ROUTING_SCHEME,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_ROUTING_ADDRESS,
|
|
|
|
|
CAN_SEE_TRANSACTION_STATUS,
|
|
|
|
|
CAN_ADD_TRANSACTION_REQUEST_TO_OWN_ACCOUNT
|
|
|
|
|
)
|
|
|
|
|
|
2025-07-12 17:44:30 +00:00
|
|
|
final val ALL_VIEW_PERMISSION_NAMES = List(
|
2025-07-07 08:46:43 +00:00
|
|
|
CAN_SEE_TRANSACTION_OTHER_BANK_ACCOUNT,
|
|
|
|
|
CAN_SEE_TRANSACTION_METADATA,
|
|
|
|
|
CAN_SEE_TRANSACTION_DESCRIPTION,
|
|
|
|
|
CAN_SEE_TRANSACTION_AMOUNT,
|
|
|
|
|
CAN_SEE_TRANSACTION_TYPE,
|
|
|
|
|
CAN_SEE_TRANSACTION_CURRENCY,
|
|
|
|
|
CAN_SEE_TRANSACTION_START_DATE,
|
|
|
|
|
CAN_SEE_TRANSACTION_FINISH_DATE,
|
|
|
|
|
CAN_SEE_TRANSACTION_BALANCE,
|
|
|
|
|
CAN_SEE_COMMENTS,
|
|
|
|
|
CAN_SEE_OWNER_COMMENT,
|
|
|
|
|
CAN_SEE_TAGS,
|
|
|
|
|
CAN_SEE_IMAGES,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_OWNERS,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_TYPE,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_BALANCE,
|
|
|
|
|
CAN_QUERY_AVAILABLE_FUNDS,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_LABEL,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_NATIONAL_IDENTIFIER,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_SWIFT_BIC,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_IBAN,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_NUMBER,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_BANK_NAME,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_BANK_PERMALINK,
|
|
|
|
|
CAN_SEE_BANK_ROUTING_SCHEME,
|
|
|
|
|
CAN_SEE_BANK_ROUTING_ADDRESS,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_ROUTING_SCHEME,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_ROUTING_ADDRESS,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_NATIONAL_IDENTIFIER,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_SWIFT_BIC,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_IBAN,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_BANK_NAME,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_NUMBER,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_METADATA,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_KIND,
|
|
|
|
|
CAN_SEE_OTHER_BANK_ROUTING_SCHEME,
|
|
|
|
|
CAN_SEE_OTHER_BANK_ROUTING_ADDRESS,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_ROUTING_SCHEME,
|
|
|
|
|
CAN_SEE_OTHER_ACCOUNT_ROUTING_ADDRESS,
|
|
|
|
|
CAN_SEE_MORE_INFO,
|
|
|
|
|
CAN_SEE_URL,
|
|
|
|
|
CAN_SEE_IMAGE_URL,
|
|
|
|
|
CAN_SEE_OPEN_CORPORATES_URL,
|
|
|
|
|
CAN_SEE_CORPORATE_LOCATION,
|
|
|
|
|
CAN_SEE_PHYSICAL_LOCATION,
|
|
|
|
|
CAN_SEE_PUBLIC_ALIAS,
|
|
|
|
|
CAN_SEE_PRIVATE_ALIAS,
|
|
|
|
|
CAN_ADD_MORE_INFO,
|
|
|
|
|
CAN_ADD_URL,
|
|
|
|
|
CAN_ADD_IMAGE_URL,
|
|
|
|
|
CAN_ADD_OPEN_CORPORATES_URL,
|
|
|
|
|
CAN_ADD_CORPORATE_LOCATION,
|
|
|
|
|
CAN_ADD_PHYSICAL_LOCATION,
|
|
|
|
|
CAN_ADD_PUBLIC_ALIAS,
|
|
|
|
|
CAN_ADD_PRIVATE_ALIAS,
|
|
|
|
|
CAN_ADD_COUNTERPARTY,
|
|
|
|
|
CAN_GET_COUNTERPARTY,
|
|
|
|
|
CAN_DELETE_COUNTERPARTY,
|
|
|
|
|
CAN_DELETE_CORPORATE_LOCATION,
|
|
|
|
|
CAN_DELETE_PHYSICAL_LOCATION,
|
|
|
|
|
CAN_EDIT_OWNER_COMMENT,
|
|
|
|
|
CAN_ADD_COMMENT,
|
|
|
|
|
CAN_DELETE_COMMENT,
|
|
|
|
|
CAN_ADD_TAG,
|
|
|
|
|
CAN_DELETE_TAG,
|
|
|
|
|
CAN_ADD_IMAGE,
|
|
|
|
|
CAN_DELETE_IMAGE,
|
|
|
|
|
CAN_ADD_WHERE_TAG,
|
|
|
|
|
CAN_SEE_WHERE_TAG,
|
|
|
|
|
CAN_DELETE_WHERE_TAG,
|
|
|
|
|
CAN_ADD_TRANSACTION_REQUEST_TO_OWN_ACCOUNT,
|
|
|
|
|
CAN_ADD_TRANSACTION_REQUEST_TO_ANY_ACCOUNT,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_CREDIT_LIMIT,
|
|
|
|
|
CAN_CREATE_DIRECT_DEBIT,
|
|
|
|
|
CAN_CREATE_STANDING_ORDER,
|
|
|
|
|
CAN_REVOKE_ACCESS_TO_CUSTOM_VIEWS,
|
|
|
|
|
CAN_GRANT_ACCESS_TO_CUSTOM_VIEWS,
|
|
|
|
|
CAN_SEE_TRANSACTION_REQUESTS,
|
|
|
|
|
CAN_SEE_TRANSACTION_REQUEST_TYPES,
|
|
|
|
|
CAN_SEE_AVAILABLE_VIEWS_FOR_BANK_ACCOUNT,
|
|
|
|
|
CAN_UPDATE_BANK_ACCOUNT_LABEL,
|
|
|
|
|
CAN_CREATE_CUSTOM_VIEW,
|
|
|
|
|
CAN_DELETE_CUSTOM_VIEW,
|
|
|
|
|
CAN_UPDATE_CUSTOM_VIEW,
|
|
|
|
|
CAN_GET_CUSTOM_VIEW,
|
|
|
|
|
CAN_SEE_VIEWS_WITH_PERMISSIONS_FOR_ALL_USERS,
|
|
|
|
|
CAN_SEE_VIEWS_WITH_PERMISSIONS_FOR_ONE_USER,
|
|
|
|
|
CAN_SEE_TRANSACTION_THIS_BANK_ACCOUNT,
|
|
|
|
|
CAN_SEE_TRANSACTION_STATUS,
|
|
|
|
|
CAN_SEE_BANK_ACCOUNT_CURRENCY,
|
2025-07-08 09:21:28 +00:00
|
|
|
CAN_ADD_TRANSACTION_REQUEST_TO_BENEFICIARY,
|
|
|
|
|
CAN_GRANT_ACCESS_TO_VIEWS,
|
|
|
|
|
CAN_REVOKE_ACCESS_TO_VIEWS,
|
2025-07-04 10:55:48 +00:00
|
|
|
)
|
2026-01-29 13:49:48 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
final val TECHNOLOGY_LIFTWEB = "liftweb"
|
|
|
|
|
final val TECHNOLOGY_HTTP4S = "http4s"
|
|
|
|
|
|
2016-03-05 04:09:16 +00:00
|
|
|
}
|
2017-02-21 10:31:34 +00:00
|
|
|
|
|
|
|
|
|
2024-11-21 12:57:39 +00:00
|
|
|
object CertificateConstants {
|
|
|
|
|
final val BEGIN_CERT: String = "-----BEGIN CERTIFICATE-----"
|
|
|
|
|
final val END_CERT: String = "-----END CERTIFICATE-----"
|
|
|
|
|
}
|
2025-04-04 13:23:10 +00:00
|
|
|
object PrivateKeyConstants {
|
|
|
|
|
final val BEGIN_KEY: String = "-----BEGIN PRIVATE KEY-----"
|
|
|
|
|
final val END_KEY: String = "-----END PRIVATE KEY-----"
|
|
|
|
|
}
|
2017-02-21 10:31:34 +00:00
|
|
|
|
2023-11-10 14:18:07 +00:00
|
|
|
object JedisMethod extends Enumeration {
|
|
|
|
|
type JedisMethod = Value
|
2025-12-28 13:46:43 +00:00
|
|
|
val GET, SET, EXISTS, DELETE, TTL, INCR, FLUSHDB, SCAN = Value
|
2023-11-10 14:18:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2017-02-21 10:31:34 +00:00
|
|
|
object ChargePolicy extends Enumeration {
|
|
|
|
|
type ChargePolicy = Value
|
|
|
|
|
val SHARED, SENDER, RECEIVER = Value
|
|
|
|
|
}
|
2019-03-07 09:32:17 +00:00
|
|
|
|
|
|
|
|
object RequestHeader {
|
2020-01-31 12:54:43 +00:00
|
|
|
final lazy val `Consumer-Key` = "Consumer-Key"
|
2020-03-11 12:11:31 +00:00
|
|
|
@deprecated("Use Consent-JWT","11-03-2020")
|
2019-03-07 09:32:17 +00:00
|
|
|
final lazy val `Consent-Id` = "Consent-Id"
|
2021-02-10 12:31:00 +00:00
|
|
|
final lazy val `Consent-ID` = "Consent-ID" // Berlin Group
|
2020-03-11 12:11:31 +00:00
|
|
|
final lazy val `Consent-JWT` = "Consent-JWT"
|
2019-06-20 12:00:02 +00:00
|
|
|
final lazy val `PSD2-CERT` = "PSD2-CERT"
|
2023-05-02 13:37:09 +00:00
|
|
|
final lazy val `If-None-Match` = "If-None-Match"
|
2025-02-14 14:59:58 +00:00
|
|
|
|
2025-05-07 14:42:26 +00:00
|
|
|
final lazy val `PSU-Geo-Location` = "PSU-Geo-Location" // Berlin Group
|
2025-05-08 14:04:44 +00:00
|
|
|
final lazy val `PSU-Device-Name` = "PSU-Device-Name" // Berlin Group
|
2025-05-07 09:22:43 +00:00
|
|
|
final lazy val `PSU-Device-ID` = "PSU-Device-ID" // Berlin Group
|
|
|
|
|
final lazy val `PSU-IP-Address` = "PSU-IP-Address" // Berlin Group
|
2025-02-14 14:59:58 +00:00
|
|
|
final lazy val `X-Request-ID` = "X-Request-ID" // Berlin Group
|
2025-04-09 09:56:37 +00:00
|
|
|
final lazy val `TPP-Redirect-URI` = "TPP-Redirect-URI" // Berlin Group
|
2025-04-16 11:24:16 +00:00
|
|
|
final lazy val `TPP-Nok-Redirect-URI` = "TPP-Nok-Redirect-URI" // Redirect URI in case of an error.
|
2025-02-14 14:59:58 +00:00
|
|
|
final lazy val Date = "Date" // Berlin Group
|
|
|
|
|
// Headers to support the signature function of Berlin Group
|
|
|
|
|
final lazy val Digest = "Digest" // Berlin Group
|
|
|
|
|
final lazy val Signature = "Signature" // Berlin Group
|
2025-02-07 12:39:54 +00:00
|
|
|
final lazy val `TPP-Signature-Certificate` = "TPP-Signature-Certificate" // Berlin Group
|
2025-02-14 14:59:58 +00:00
|
|
|
|
2023-05-31 11:38:56 +00:00
|
|
|
/**
|
2025-12-31 07:16:59 +00:00
|
|
|
* The If-Modified-Since request HTTP header makes the request conditional:
|
|
|
|
|
* the server sends back the requested resource, with a 200 status,
|
|
|
|
|
* only if it has been last modified after the given date.
|
|
|
|
|
* If the resource has not been modified since, the response is a 304 without any body;
|
|
|
|
|
* the Last-Modified response header of a previous request contains the date of last modification.
|
2023-05-31 11:38:56 +00:00
|
|
|
* Unlike If-Unmodified-Since, If-Modified-Since can only be used with a GET or HEAD.
|
|
|
|
|
*
|
2025-12-31 07:16:59 +00:00
|
|
|
* When used in combination with If-None-Match, it is ignored, unless the server doesn't support If-None-Match.
|
2023-05-31 11:38:56 +00:00
|
|
|
*/
|
2023-05-05 12:40:24 +00:00
|
|
|
final lazy val `If-Modified-Since` = "If-Modified-Since"
|
2019-03-07 09:32:17 +00:00
|
|
|
}
|
|
|
|
|
object ResponseHeader {
|
2025-05-19 12:38:30 +00:00
|
|
|
final lazy val `ASPSP-SCA-Approach` = "ASPSP-SCA-Approach" // Berlin Group
|
2019-03-07 09:32:17 +00:00
|
|
|
final lazy val `Correlation-Id` = "Correlation-Id"
|
2020-04-24 08:14:17 +00:00
|
|
|
final lazy val `WWW-Authenticate` = "WWW-Authenticate"
|
2023-04-28 06:57:27 +00:00
|
|
|
final lazy val ETag = "ETag"
|
|
|
|
|
final lazy val `Cache-Control` = "Cache-Control"
|
2023-08-16 03:22:33 +00:00
|
|
|
final lazy val Connection = "Connection"
|
2019-03-07 09:32:17 +00:00
|
|
|
}
|
|
|
|
|
|
2019-06-29 20:44:42 +00:00
|
|
|
object BerlinGroup extends Enumeration {
|
|
|
|
|
object ScaStatus extends Enumeration{
|
|
|
|
|
type ChargePolicy = Value
|
|
|
|
|
val received, psuIdentified, psuAuthenticated, scaMethodSelected, started, finalised, failed, exempted = Value
|
|
|
|
|
}
|
|
|
|
|
object AuthenticationType extends Enumeration{
|
|
|
|
|
type ChargePolicy = Value
|
2020-08-20 20:44:36 +00:00
|
|
|
// - 'SMS_OTP': An SCA method, where an OTP linked to the transaction to be authorised is sent to the PSU through a SMS channel.
|
|
|
|
|
// - 'CHIP_OTP': An SCA method, where an OTP is generated by a chip card, e.g. a TOP derived from an EMV cryptogram.
|
|
|
|
|
// To contact the card, the PSU normally needs a (handheld) device.
|
|
|
|
|
// With this device, the PSU either reads the challenging data through a visual interface like flickering or
|
|
|
|
|
// the PSU types in the challenge through the device key pad.
|
|
|
|
|
// The device then derives an OTP from the challenge data and displays the OTP to the PSU.
|
|
|
|
|
// - 'PHOTO_OTP': An SCA method, where the challenge is a QR code or similar encoded visual data
|
|
|
|
|
// which can be read in by a consumer device or specific mobile app.
|
|
|
|
|
// The device resp. the specific app than derives an OTP from the visual challenge data and displays
|
|
|
|
|
// the OTP to the PSU.
|
|
|
|
|
// - 'PUSH_OTP': An OTP is pushed to a dedicated authentication APP and displayed to the PSU.
|
2019-06-29 20:44:42 +00:00
|
|
|
val SMS_OTP, CHIP_OTP, PHOTO_OTP, PUSH_OTP = Value
|
|
|
|
|
}
|
2019-11-27 11:15:08 +00:00
|
|
|
}
|
