-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
improve module pages and add missing ones.
- Loading branch information
Showing
106 changed files
with
1,227 additions
and
131 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,48 @@ | ||
| # g2p_auth_id_oidc Module | ||
|
|
||
| ```{warning} | ||
| **Work in Progress**: This document is actively being developed and updated. Content may be incomplete or subject to change. | ||
| ``` | ||
|
|
||
| This module extends the OpenG2P Auth module to allow user authentication and registration using OIDC (OpenID Connect) while linking them to their existing G2P Registrant IDs. | ||
|
|
||
| **Purpose:** | ||
|
|
||
| The primary goal of this module is to streamline the user registration and login process by leveraging existing G2P Registrant IDs within the OpenG2P system. Instead of creating new user accounts from scratch, this module allows users to authenticate using their OIDC credentials and then links them to their pre-existing G2P registration data. | ||
|
|
||
| **Key Features:** | ||
|
|
||
| * **OIDC Integration for Authentication:** Users can authenticate using their credentials from an OIDC provider. | ||
| * **G2P Registrant ID Mapping:** The module maps the authenticated OIDC user to their corresponding G2P Registrant ID stored in the [g2p_registry_base](g2p_registry_base) module. | ||
| * **Automated Partner/User Creation:** If a matching G2P Registrant ID is found, the module automatically creates a linked Partner and User in DCI, pulling relevant data from the registration record. | ||
| * **Customizable Data Mapping:** Administrators can configure how data from the OIDC provider and the G2P registry is mapped to DCI Partner and User fields. | ||
|
|
||
| **How it Works:** | ||
|
|
||
| 1. **OIDC Authentication:** A user initiates the login process via an OIDC provider. | ||
| 2. **G2P ID Lookup:** The module extracts the user's ID from the OIDC response and attempts to find a matching G2P Registrant ID. | ||
| 3. **Account Creation/Linking:** | ||
| * **Match Found:** If a match is found, the module retrieves the registration data and creates/updates the corresponding Partner and User records in DCI. | ||
| * **No Match:** The module can be configured to either deny access or initiate a more detailed registration process, potentially pulling additional data from the OIDC provider. | ||
| 4. **User Login:** Upon successful authentication and account linking, the user is logged into the OpenG2P system. | ||
|
|
||
| **Dependencies:** | ||
|
|
||
| * **[g2p_registry_base](g2p_registry_base):** This module depends on the base registry module for accessing and retrieving G2P Registrant data. | ||
|
|
||
| **Benefits:** | ||
|
|
||
| * **Simplified User Experience:** Easier registration and login process for beneficiaries already registered within the OpenG2P system. | ||
| * **Improved Data Accuracy:** Leveraging existing G2P Registrant data ensures consistency and reduces the risk of duplicate records. | ||
| * **Enhanced Security:** Integration with trusted OIDC providers enhances the security of the OpenG2P platform. | ||
|
|
||
| **Notes:** | ||
|
|
||
| * The module relies on a consistent and accurate mapping between OIDC user identifiers and G2P Registrant IDs. | ||
| * Proper configuration of OIDC settings and data mapping is crucial for the module's functionality. | ||
|
|
||
| **TODOs:** | ||
|
|
||
| * The original module references an `auth_oidc` module that has been removed. A suitable replacement needs to be integrated into the codebase for the OIDC functionality. | ||
| * The code comments highlight areas that require further improvement, such as refining the data mapping logic and enhancing error handling. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,34 @@ | ||
| # g2p_bank_rest_api Module | ||
|
|
||
| ```{warning} | ||
| **Work in Progress**: This document is actively being developed and updated. Content may be incomplete or subject to change. | ||
| ``` | ||
|
|
||
| This module extends the REST API functionalities of the OpenSPP system by providing endpoints specifically for managing bank details related to beneficiaries and/or programs. | ||
|
|
||
| **Purpose:** | ||
|
|
||
| The primary purpose of the [g2p_bank_rest_api](g2p_bank_rest_api) module is to expose bank-related data and operations through a standardized RESTful interface. This allows external systems, such as financial institutions or payment gateways, to interact with the OpenSPP platform and access or modify bank information. | ||
|
|
||
| **Integration and Functionality:** | ||
|
|
||
| This module builds upon the core functionalities provided by the following modules: | ||
|
|
||
| - **[g2p_registry_rest_api](g2p_registry_rest_api):** It leverages the base REST API infrastructure and authentication mechanisms provided by this module. | ||
| - **[g2p_bank](g2p_bank):** This module depends on the data models and business logic related to bank details, which are defined and managed by the [g2p_bank](g2p_bank) module. | ||
|
|
||
| **Additional Functionality:** | ||
|
|
||
| The [g2p_bank_rest_api](g2p_bank_rest_api) module introduces the following specific functionalities: | ||
|
|
||
| - **API Endpoints:** It defines and implements REST API endpoints for operations such as: | ||
| - Retrieving bank details for a specific beneficiary or program. | ||
| - Updating bank information. | ||
| - Potentially, verifying bank account details through integration with external services (depending on implementation). | ||
|
|
||
| **Example Use Case:** | ||
|
|
||
| Consider a scenario where a payment gateway needs to access the bank account details of a beneficiary to process a payment. The [g2p_bank_rest_api](g2p_bank_rest_api) module enables this by providing a secure and standardized API endpoint. The payment gateway can send a request to this endpoint with the necessary authentication and beneficiary identifiers, and the module would return the required bank information in a structured format (e.g., JSON). | ||
|
|
||
| **Note:** This documentation provides a general overview. Specific API endpoints, request/response formats, and authentication mechanisms are detailed in the API documentation generated by the [g2p_registry_rest_api](g2p_registry_rest_api) module. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,44 @@ | ||
| # Module: g2p_connect_demo | ||
|
|
||
| ```{warning} | ||
| **Work in Progress**: This document is actively being developed and updated. Content may be incomplete or subject to change. | ||
| ``` | ||
|
|
||
| ## Overview | ||
|
|
||
| The `g2p_connect_demo` module serves as a demonstration and testing ground for the OpenSPP system, particularly showcasing the capabilities of the G2P Connect system. This module is not intended for production use but rather for development, testing, and demonstration purposes. | ||
|
|
||
| ## Purpose | ||
|
|
||
| The primary purpose of `g2p_connect_demo` is to: | ||
|
|
||
| - **Generate Sample Data:** Provide a mechanism to create realistic but anonymized sample data for registries, individuals, groups, and change requests. This data can be used to populate the OpenSPP system for testing, training, and demonstration purposes. | ||
| - **Showcase System Functionality:** Demonstrate the integration and interaction between different OpenSPP modules in a realistic scenario. This includes modules related to registry management ([g2p_registry_base](g2p_registry_base)), individual and group registration ([g2p_registry_individual](g2p_registry_individual), [g2p_registry_group](g2p_registry_group), [g2p_registry_membership](g2p_registry_membership)), programs ([g2p_programs](g2p_programs)), and custom fields ([spp_custom_field](spp_custom_field)). | ||
| - **Facilitate Testing and Development:** Provide a controlled environment with pre-populated data to facilitate the testing and development of new features and modifications to the OpenSPP system. | ||
|
|
||
| ## Key Features | ||
|
|
||
| - Generates a configurable number of groups and individuals with realistic demographic data. | ||
| - Creates various relationships between individuals within groups, simulating households or families. | ||
| - Populates custom fields with relevant data to illustrate the flexibility of the system. | ||
| - Includes functionalities to generate change requests, mimicking real-world scenarios like adding children to a household. | ||
|
|
||
| ## Integration with other modules | ||
|
|
||
| `g2p_connect_demo` builds upon the foundation laid by several other OpenSPP modules: | ||
|
|
||
| - **[spp_base_demo](spp_base_demo):** Utilizes the base demo module for generating localized sample data. | ||
| - **Registry Modules:** Leverages the functionality of [g2p_registry_base](g2p_registry_base), [g2p_registry_individual](g2p_registry_individual), [g2p_registry_group](g2p_registry_group), and [g2p_registry_membership](g2p_registry_membership) to create and manage individuals, groups, and their relationships. | ||
| - **[g2p_programs](g2p_programs):** Integrates with program definitions to simulate the enrollment of generated individuals and groups into social protection programs. | ||
| - **[spp_custom_field](spp_custom_field):** Utilizes the custom field framework to demonstrate how additional data points can be captured and managed within the registry. | ||
|
|
||
| ## Usage | ||
|
|
||
| The `g2p_connect_demo` module is primarily intended for developers and implementers working with the OpenSPP system. | ||
|
|
||
| By using the provided interface, users can generate a specified number of groups and individuals. The module takes care of creating realistic relationships, assigning custom field values, and populating other relevant data. | ||
|
|
||
| ## Disclaimer | ||
|
|
||
| It is important to reiterate that this module is for **demonstration and development purposes only**. The generated data, while designed to appear realistic, should not be used in a production environment or for any real-world social protection programs. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
| # g2p_encryption_keymanager Module | ||
|
|
||
| ```{warning} | ||
| **Work in Progress**: This document is actively being developed and updated. Content may be incomplete or subject to change. | ||
| ``` | ||
|
|
||
| This module extends the functionality of the [g2p_encryption](g2p_encryption) module by providing integration with a Keymanager service for encryption and signing operations. This allows OpenSPP to leverage external key management systems for enhanced security and compliance. | ||
|
|
||
| ### Purpose | ||
|
|
||
| The primary purpose of this module is to: | ||
|
|
||
| * **Delegate encryption and signing operations to an external Keymanager service:** This offloads the burden of key management from the OpenSPP application to a dedicated, potentially more secure, external service. | ||
| * **Provide a configurable interface:** System administrators can configure various parameters of the Keymanager integration, such as API endpoints, authentication credentials, and application-specific identifiers. | ||
| * **Seamlessly integrate with the existing encryption framework:** The module extends the existing encryption provider mechanism in OpenSPP, allowing for easy switching between different encryption providers, including the Keymanager-based provider. | ||
|
|
||
| ### Functionality | ||
|
|
||
| The [g2p_encryption_keymanager](g2p_encryption_keymanager) module provides the following features: | ||
|
|
||
| * **Encryption and Decryption using Keymanager:** The module allows OpenSPP to encrypt and decrypt data using encryption keys managed by the Keymanager service. | ||
| * **JWT Signing and Verification with Keymanager:** The module enables OpenSPP to digitally sign and verify JSON Web Tokens (JWTs) using the Keymanager service, ensuring authenticity and integrity of sensitive data. | ||
| * **Keymanager Authentication and Authorization:** The module implements secure communication with the Keymanager service using OAuth 2.0 client credentials grant type for authentication and authorization. | ||
| * **Configuration Options for Keymanager Integration:** The module provides a user-friendly interface within the OpenSPP settings to configure various aspects of the Keymanager integration, including API endpoints, authentication credentials, and application-specific identifiers for encryption and signing. | ||
|
|
||
| ### Integration with Other Modules | ||
|
|
||
| This module directly interacts with the [g2p_encryption](g2p_encryption) module: | ||
|
|
||
| * It inherits and extends the `g2p.encryption.provider` model to include Keymanager-specific configuration fields and methods. | ||
| * It provides a new "Keymanager" option for the encryption provider type. | ||
| * It overrides the default encryption and signing methods to utilize the Keymanager API when selected. | ||
|
|
||
| ### Benefits of Using Keymanager Integration | ||
|
|
||
| * **Enhanced Security:** Key management is handled by a dedicated service, potentially with stronger security measures than what might be feasible within the OpenSPP application itself. | ||
| * **Centralized Key Management:** Provides a central location for managing encryption keys across different parts of the OpenSPP system or even across multiple applications. | ||
| * **Compliance and Auditing:** Using a dedicated Keymanager service can simplify compliance with data security regulations and facilitate auditing of cryptographic operations. | ||
| * **Scalability and Performance:** Offloading cryptographic operations to a dedicated service can potentially improve the performance and scalability of the OpenSPP application. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,27 @@ | ||
| # OpenG2P Entitlement: In-Kind Module | ||
|
|
||
| ```{warning} | ||
| **Work in Progress**: This document is actively being developed and updated. Content may be incomplete or subject to change. | ||
| ``` | ||
|
|
||
| This module extends the functionality of the OpenSPP platform specifically for managing **in-kind** entitlements within social protection programs. | ||
|
|
||
| **Purpose:** | ||
|
|
||
| The primary purpose of the [g2p_entitlement_in_kind](g2p_entitlement_in_kind) module is to adapt the existing OpenSPP framework for programs that distribute benefits in the form of goods or services rather than cash transfers. | ||
|
|
||
| **Key Features & Functionality:** | ||
|
|
||
| * **Modified Program Views:** The module customizes program views inherited from the [spp_programs](spp_programs) module to accommodate in-kind distribution workflows. This includes: | ||
| * Hiding the "Import Eligible Registrants" button as it might not be directly applicable to in-kind programs. | ||
| * Adjusting access rights for the "Enroll Eligible Registrants" button. Enrollment in in-kind programs might follow a different process requiring involvement from specific user roles like Program Validators, Cycle Approvers, and Program Managers (as defined by the [g2p_programs](g2p_programs) module). | ||
|
|
||
| **Integration with other Modules:** | ||
|
|
||
| * **[spp_programs](spp_programs):** This module builds upon the core program management features provided by [spp_programs](spp_programs), adapting them for in-kind distribution. | ||
| * **[spp_entitlement_in_kind](spp_entitlement_in_kind):** This module likely provides the foundational data models and logic specific to in-kind entitlements, which this module then extends with user interface elements and program-level integration. | ||
|
|
||
| **Note:** | ||
|
|
||
| This module is part of a larger ecosystem aimed at providing flexible and configurable tools for managing diverse social protection programs. The specific configurations and adaptations offered by this module highlight its focus on supporting programs with in-kind benefit delivery mechanisms. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| # OpenG2P Entitlement: Voucher Module | ||
|
|
||
| ```{warning} | ||
| **Work in Progress**: This document is actively being developed and updated. Content may be incomplete or subject to change. | ||
| ``` | ||
|
|
||
| ## Overview | ||
|
|
||
| The [g2p_entitlement_voucher](g2p_entitlement_voucher) module extends the OpenG2P Entitlement functionality by providing a mechanism to generate and manage vouchers associated with entitlements. This module is particularly useful for social protection programs that utilize vouchers as a means of delivering benefits to beneficiaries. | ||
|
|
||
| ## Features | ||
|
|
||
| * **Voucher Generation:** The module enables the generation of vouchers for approved entitlements. This process can be automated to trigger upon entitlement approval or manually initiated by authorized users. | ||
| * **Voucher Configuration:** Program administrators can define voucher templates and configure various aspects of voucher generation, such as the file format, content, and storage location. | ||
| * **Voucher Printing:** The module provides a convenient way to print generated vouchers directly from the entitlement record. | ||
| * **Integration with Payment Files:** Leverages the [g2p_payment_files](g2p_payment_files) module to facilitate voucher creation using predefined templates and configurations. | ||
| * **Encryption Support:** Integrates with the [g2p_encryption](g2p_encryption) module to allow for the secure encryption of sensitive data within the vouchers. | ||
|
|
||
| ## Dependencies | ||
|
|
||
| - **[g2p_encryption](g2p_encryption):** This dependency is used for encrypting sensitive data included in the vouchers. | ||
| - **[g2p_programs](g2p_programs):** This module provides the core functionality for managing social protection programs and entitlements, upon which this module builds. | ||
| - **[g2p_payment_files](g2p_payment_files):** This module provides the framework for defining and managing payment file configurations, which are utilized for voucher generation. | ||
|
|
||
| ## Workflow | ||
|
|
||
| 1. **Configuration:** Program administrators configure voucher generation settings within the [Entitlement Manager]([g2p_programs](g2p_programs)#entitlement-manager) associated with the program. This includes selecting a voucher file configuration, storage location for generated vouchers, and optional encryption settings. | ||
|
|
||
| 2. **Entitlement Approval:** When an entitlement is approved, the system can automatically generate a voucher based on the predefined configurations. | ||
| 3. **Voucher Access:** Users can access and print the generated voucher directly from the entitlement record. | ||
|
|
||
| ## Benefits | ||
|
|
||
| * **Streamlined Benefit Delivery:** Automating voucher generation reduces manual effort and ensures timely delivery of benefits to beneficiaries. | ||
| * **Enhanced Security:** Integration with encryption capabilities protects sensitive data stored within the vouchers. | ||
| * **Improved Accountability:** The module maintains a record of generated vouchers, providing an audit trail for tracking and accountability purposes. | ||
| * **Flexibility and Customization:** Administrators have the flexibility to tailor voucher generation and content according to program-specific requirements. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.