Fixes for individual AML

[tomer-shvadron]

Description

Elaborate on the subject, motivation, and context.

Related issues

• Provide a link to each related issue.

Breaking changes

• Describe the breaking changes that this pull request introduces.

How these changes were tested

• Describe the tests that you ran to verify your changes, including devices, operating systems, browsers and versions.

Examples and references

• Links, screenshots, and other resources related to this change.

Checklist

• [] I have read the contribution guidelines of this project
• [] I have read the style guidelines of this project
• [] I have performed a self-review of my own code
• [] I have commented my code, particularly in hard-to-understand areas
• [] I have made corresponding changes to the documentation
• [] My changes generate no new warnings and errors
• [] New and existing tests pass locally with my changes

Summary by CodeRabbit

• New Features

  • Added validation checks for endUserId in webhook data processing.

• Enhancements

  • Simplified data structures in various modules to directly include relevant arrays like warnings, sanctions, pep, and adverseMedia.

• Bug Fixes

  • Adjusted data validation types for apiVersion and timestamp from string to number in webhook inputs.

• Refactor

  • Made BusinessReportSchema optional in business reports fetcher.
  • Updated handling of user identifiers in the anti-money laundering (AML) workflow.

[changeset-bot]

⚠️ No Changeset found

Latest commit: d0ce465

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[coderabbitai]

Warning

Rate Limit Exceeded

@tomer-shvadron has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 14 minutes and 23 seconds before requesting another review.

How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.
Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.
Please see our FAQ for further information.

Commits

Files that changed from the base of the PR and between 5721b6b and d0ce465.

Walkthrough

The recent updates bring a focus on simplifying data structures across components related to business reporting and anti-money laundering (AML) processes. Changes include making schemas optional, restructuring data arrays for clarity, and updating validations and method parameters for improved data handling and error management.

Changes

File Path	Change Summary
.../business-reports/fetchers.ts	Made BusinessReportSchema optional.
.../lib/blocks/components/AmlBlock/utils/aml-adapter.ts .../pages/Entity/hooks/useEntityLogic/mock-workflow-with-children.ts .../services/workflows-service/scripts/workflows/workflow-runtime.ts	Simplified data structures by directly including warnings, sanctions, pep, and adverseMedia.
.../services/workflows-service/prisma/data-migrations .../services/workflows-service/src/webhooks/dtos/individual-aml-webhook-input.ts .../services/workflows-service/src/webhooks/webhooks.controller.ts	Updated references and validations; adjusted handling of user IDs.

Poem

🐇💻✨
In the burrow of code, where the data trees grow,
A rabbit tweaked the wires, with a soft, gentle glow.
Schemas dance, arrays align,
With every commit, the stars realign.
Hop and cheer, for changes clear,
Our digital warren evolves, have no fear!
🌟📊🚀

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai help to get help.

Additionally, you can add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[github-actions]

PR Description updated to latest commit (b027c3a)

[github-actions]

PR Review

⏱️ Estimated effort to review [1-5]	3, because the PR includes multiple changes across different files and domains, including schema modifications, data structure changes, and webhook handling logic. Understanding the impact of these changes requires a good grasp of the existing codebase and the specific functionalities being altered.
🧪 Relevant tests	No
🔍 Possible issues	Possible Bug: The timestamp field in IndividualAmlWebhookInput is changed from String to Number, which might not correctly handle date-time values expressed as timestamps.
🔒 Security concerns	No

Code feedback:

---

relevant file	services/workflows-service/src/webhooks/webhooks.controller.ts
suggestion	Consider validating the eventName along with endUserId in the amlHook method to ensure that the webhook is processing the expected event. This adds an extra layer of security and data integrity. [important]
relevant line	if (!(isObject(data) && 'endUserId' in data && data.endUserId)) {

---

relevant file	services/workflows-service/src/webhooks/dtos/individual-aml-webhook-input.ts
suggestion	Revert the timestamp field back to String type or ensure that the timestamp handling on the client and server side is properly synchronized and can handle the Number type without issues. [important]
relevant line	@IsNumber()

---

relevant file	apps/backoffice-v2/src/lib/blocks/components/AmlBlock/utils/aml-adapter.ts
suggestion	Refactor the mapping logic inside amlAdapter to a separate function to improve readability and maintainability. This function could handle the transformation of individual hit data to the desired format. [medium]
relevant line	}) => ({

---

relevant file	apps/backoffice-v2/src/domains/business-reports/fetchers.ts
suggestion	Ensure that making BusinessReportSchema optional does not affect existing functionalities where a business report is expected to be mandatory. Consider adding fallbacks or additional checks if necessary. [medium]
relevant line	.optional();

---

---

✨ Review tool usage guide:

---

Overview:
The review tool scans the PR code changes, and generates a PR review which includes several types of feedbacks, such as possible PR issues, security threats and relevant test in the PR. More feedbacks can be added by configuring the tool.

The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on any PR.

• When commenting, to edit configurations related to the review tool (pr_reviewer section), use the following template:

/review --pr_reviewer.some_config1=... --pr_reviewer.some_config2=...

• With a configuration file, use the following template:

[pr_reviewer]
some_config1=...
some_config2=...

See the review usage page for a comprehensive guide on using this tool.

[github-actions]

PR Code Suggestions

Category	Suggestions
Best practice	Define the type of the z object explicitly to ensure correct usage. It's recommended to explicitly define the type of the z object used for schema definitions to avoid runtime errors due to incorrect imports or undefined variables. apps/backoffice-v2/src/domains/business-reports/fetchers.ts [6-12] -export const BusinessReportSchema = z +import { ZodSchema } from 'zod'; // Ensure this import exists in your file +export const BusinessReportSchema: ZodSchema = z .object({ report: z.object({ reportFileId: z.string(), }), }) .optional();
Maintainability	Refactor repetitive mapping logic into a utility function for better code maintainability. Refactor the mapping functions for sanctions, warnings, pep, and adverseMedia to a utility function to avoid code duplication and improve maintainability. apps/backoffice-v2/src/lib/blocks/components/AmlBlock/utils/aml-adapter.ts [54-65] -sanctions: - sanctions?.map(sanction => ({ - sanction: sanction?.sourceName, - date: sanction?.date, - source: sanction?.sourceUrl, - })) ?? [], -warnings: - warnings?.map(warning => ({ - warning: warning?.sourceName, - date: warning?.date, - source: warning?.sourceUrl, - })) ?? [], +function mapSourceInfo(items: Array<{ sourceName?: string; date?: string; sourceUrl?: string }>) { + return items?.map(item => ({ + name: item?.sourceName, + date: item?.date, + source: item?.sourceUrl, + })) ?? []; +} +sanctions: mapSourceInfo(sanctions), +warnings: mapSourceInfo(warnings),
Reliability	Implement error handling around service method calls to enhance reliability and error reporting. Add error handling for the handleIndividualAmlHit method call to manage exceptions and provide more detailed error responses. services/workflows-service/src/webhooks/webhooks.controller.ts [44] -await this.webhooksService.handleIndividualAmlHit({ endUserId: data.endUserId, data }); +try { + await this.webhooksService.handleIndividualAmlHit({ endUserId: data.endUserId, data }); +} catch (error) { + throw new BadRequestException(`Error processing AML hit: ${error.message}`); +}
Enhancement	Use unique URLs in mock data to better simulate real-world scenarios. Ensure the use of unique URLs in the mock data to reflect more realistic scenarios and avoid potential confusion during testing. apps/backoffice-v2/src/pages/Entity/hooks/useEntityLogic/mock-workflow-with-children.ts [664-685] sourceUrl: - 'http://www.treasury.gov/resource-center/sanctions/SDN-List/Pages/default.aspx', + 'http://www.treasury.gov/resource-center/sanctions/SDN-List/Pages/unique-id.aspx',
Bug	Correct the data type annotation for timestamp to match its actual type. Correct the data type of timestamp to string and ensure it is properly formatted as a string in related code, as it is currently incorrectly annotated as Number. services/workflows-service/src/webhooks/dtos/individual-aml-webhook-input.ts [21-24] @ApiProperty({ required: true, - type: Number, + type: String, }) -@IsNumber() +@IsString() timestamp!: string;

---

✨ Improve tool usage guide:

---

Overview:
The improve tool scans the PR code changes, and automatically generates suggestions for improving the PR code. The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on a PR.

• When commenting, to edit configurations related to the improve tool (pr_code_suggestions section), use the following template:

/improve --pr_code_suggestions.some_config1=... --pr_code_suggestions.some_config2=...

• With a configuration file, use the following template:

[pr_code_suggestions]
some_config1=...
some_config2=...

See the improve usage page for a comprehensive guide on using this tool.

[coderabbitai]

Actionable comments posted: 1