feat(compliance): admin verification gate + durable submission evidence
Per request: after the customer signs but BEFORE we submit to the government, hold the order for a human to verify the prepared filing is correct. - MCS-150 handler (mcs150-update + usdot-reactivation): new admin-verification gate after the signature gate -- if not admin_approved, set fulfillment_status= 'ready_to_file', create a HIGH-priority 'VERIFY before filing' admin todo, and STOP (no FMCSA submission). job_server injects admin_approved from the dispatch payload (mirrors client_approved). - New admin endpoint POST /api/v1/admin/compliance-orders/:id/approve-submit (requireAdmin): verifies status=ready_to_file, re-dispatches the worker with admin_approved=true to proceed to actual submission. - Durable submission EVIDENCE: the web/fax submitters only wrote confirmation screenshots to an ephemeral temp dir. Now _upload_submission_evidence copies the FMCSA confirmation screenshot + attested PDF + fax_log_id to MinIO under filings/<slug>/<order>/evidence/ and records the keys on the order, so we keep proof of every government submission. (state-trucking + the FCC handlers already gate via admin todos / auto_filing.py; this brings MCS-150 to parity and adds evidence retention.)
This commit is contained in:
parent
e87715aee7
commit
058d4d426a
3 changed files with 205 additions and 0 deletions
|
|
@ -1240,6 +1240,10 @@ def handle_process_compliance_service(payload: dict) -> dict:
|
|||
order["esign_document_type"] = payload["esign_document_type"]
|
||||
if payload.get("esign_signer_email"):
|
||||
order["esign_signer_email"] = payload["esign_signer_email"]
|
||||
# Inject admin-approval flag (set when an admin clears the post-signature
|
||||
# verification gate and re-dispatches the order for submission).
|
||||
if payload.get("admin_approved"):
|
||||
order["admin_approved"] = True
|
||||
|
||||
# Final entity check before dispatch
|
||||
ent = order.get("entity", {})
|
||||
|
|
|
|||
|
|
@ -87,6 +87,7 @@ class MCS150UpdateHandler:
|
|||
from scripts.workers.services.dot_esign import requires_signature, request_dot_esign
|
||||
needs_signature = requires_signature(slug)
|
||||
client_approved = bool(order_data.get("client_approved"))
|
||||
admin_approved = bool(order_data.get("admin_approved"))
|
||||
|
||||
# Validate required fields
|
||||
if not dot_number:
|
||||
|
|
@ -172,6 +173,23 @@ class MCS150UpdateHandler:
|
|||
# Past this point: either no signature is required for this service, or
|
||||
# the client has signed (re-dispatched with client_approved=True).
|
||||
|
||||
# Step 4b: ADMIN VERIFICATION GATE. Before we submit anything to the
|
||||
# government, a human verifies the prepared filing is correct (right
|
||||
# form, right DOT#, right data, signed by the client). We STOP here and
|
||||
# create an admin todo; an admin reviews the generated PDF and, when
|
||||
# satisfied, re-dispatches this order with admin_approved=True (via the
|
||||
# admin "Approve & Submit" action) to proceed to actual submission. This
|
||||
# prevents a wrong/auto-generated filing from being submitted to FMCSA.
|
||||
if not admin_approved:
|
||||
self._set_fulfillment_status(order_number, "ready_to_file")
|
||||
self._create_admin_review_todo(
|
||||
order_number, entity_name, dot_number, slug, minio_path, customer_email,
|
||||
client_signed=(needs_signature and client_approved),
|
||||
)
|
||||
LOG.info("[%s] Prepared + signed; HELD for admin verification before FMCSA submission",
|
||||
order_number)
|
||||
return [minio_path] if minio_path else []
|
||||
|
||||
# Step 5: Submit electronically (3x web → fax fallback)
|
||||
# GUARD: Skip actual submission in dev/test environments
|
||||
is_production = os.environ.get("NODE_ENV") == "production" or os.environ.get("ENV") == "production"
|
||||
|
|
@ -215,6 +233,14 @@ class MCS150UpdateHandler:
|
|||
except Exception as exc:
|
||||
LOG.error("[%s] Filing submission error: %s", order_number, exc)
|
||||
|
||||
# Persist durable submission EVIDENCE to MinIO (confirmation screenshot
|
||||
# for web, attested PDF + fax log for fax) so we keep proof of every
|
||||
# government submission -- the submitters only write to an ephemeral
|
||||
# temp dir otherwise.
|
||||
evidence = {}
|
||||
if filing_result and filing_result.get("success") and filing_result.get("method") != "dev_skip":
|
||||
evidence = self._upload_submission_evidence(order_number, slug, filing_result)
|
||||
|
||||
# Step 5: Update order status in database
|
||||
try:
|
||||
import psycopg2
|
||||
|
|
@ -229,6 +255,7 @@ class MCS150UpdateHandler:
|
|||
"screenshot_path": filing_result.get("screenshot_path") if filing_result else None,
|
||||
"submitted_at": filing_result.get("submitted_at") if filing_result else None,
|
||||
"attested_pdf": filing_result.get("attested_pdf") if filing_result else None,
|
||||
"evidence": evidence, # durable MinIO keys for proof of submission
|
||||
}
|
||||
cur.execute("""
|
||||
UPDATE compliance_orders SET intake_data = jsonb_set(
|
||||
|
|
@ -363,6 +390,120 @@ class MCS150UpdateHandler:
|
|||
except Exception as exc:
|
||||
LOG.warning("[%s] Failed to create pending-signature todo: %s", order_number, exc)
|
||||
|
||||
def _set_fulfillment_status(self, order_number, status):
|
||||
"""Persist the fulfillment_status on the compliance order (e.g.
|
||||
'ready_to_file' = prepared + signed, held for admin verification)."""
|
||||
try:
|
||||
import psycopg2
|
||||
conn = psycopg2.connect(os.environ.get("DATABASE_URL", ""))
|
||||
with conn.cursor() as cur:
|
||||
cur.execute(
|
||||
"UPDATE compliance_orders SET fulfillment_status=%s, "
|
||||
"fulfillment_status_at=now() WHERE order_number=%s",
|
||||
(status, order_number),
|
||||
)
|
||||
conn.commit()
|
||||
conn.close()
|
||||
except Exception as exc:
|
||||
LOG.warning("[%s] Failed to set fulfillment_status=%s: %s", order_number, status, exc)
|
||||
|
||||
def _create_admin_review_todo(self, order_number, entity_name, dot_number,
|
||||
slug, minio_path, customer_email, client_signed):
|
||||
"""High-priority admin todo: verify the prepared filing BEFORE submission.
|
||||
|
||||
The order is held at fulfillment_status='ready_to_file'. An admin opens
|
||||
the generated PDF (minio_path), confirms it is correct (right form, DOT#,
|
||||
data, signature), and then re-dispatches with admin_approved=True via the
|
||||
admin 'Approve & Submit' action to proceed to actual FMCSA submission.
|
||||
"""
|
||||
try:
|
||||
import psycopg2
|
||||
conn = psycopg2.connect(os.environ.get("DATABASE_URL", ""))
|
||||
sig = "client SIGNED" if client_signed else "no signature required"
|
||||
todo_title = f"VERIFY before filing — {entity_name} (DOT {dot_number})"
|
||||
todo_description = (
|
||||
f"{slug} for {entity_name} (DOT {dot_number}).\n"
|
||||
f"Status: READY TO FILE — held for admin verification ({sig}).\n"
|
||||
f"ACTION: review the prepared PDF, confirm it is correct, then\n"
|
||||
f"approve & submit (re-dispatch with admin_approved=true).\n"
|
||||
f"We do NOT submit to FMCSA until you approve.\n"
|
||||
f"PDF: {minio_path or 'not generated'}\n"
|
||||
f"Customer: {customer_email}"
|
||||
)
|
||||
with conn.cursor() as cur:
|
||||
cur.execute(
|
||||
"""
|
||||
INSERT INTO admin_todos (
|
||||
title, category, priority, order_number, service_slug,
|
||||
description, data, status
|
||||
) VALUES (%s, %s, %s, %s, %s, %s, %s, 'pending')
|
||||
""",
|
||||
(
|
||||
todo_title,
|
||||
"filing", "high", order_number, slug,
|
||||
todo_description,
|
||||
json.dumps({"order_number": order_number, "dot_number": dot_number,
|
||||
"entity_name": entity_name, "awaiting_admin_review": True,
|
||||
"client_signed": client_signed, "pdf_minio_path": minio_path}),
|
||||
),
|
||||
)
|
||||
conn.commit()
|
||||
notify_fulfillment_todo(
|
||||
title=todo_title,
|
||||
order_number=order_number,
|
||||
service_slug=slug,
|
||||
priority="high",
|
||||
description=todo_description,
|
||||
)
|
||||
conn.close()
|
||||
LOG.info("[%s] Admin-review (pre-submission) todo created", order_number)
|
||||
except Exception as exc:
|
||||
LOG.warning("[%s] Failed to create admin-review todo: %s", order_number, exc)
|
||||
|
||||
@staticmethod
|
||||
def _upload_submission_evidence(order_number, slug, filing_result):
|
||||
"""Persist submission proof (confirmation screenshot for web, attested
|
||||
PDF for fax) to MinIO so we keep durable evidence of every government
|
||||
submission. The submitters write screenshots to an ephemeral temp dir;
|
||||
we copy the proof into MinIO under filings/<slug>/<order>/evidence/ and
|
||||
return the MinIO keys to store on the order.
|
||||
"""
|
||||
evidence = {}
|
||||
try:
|
||||
from minio import Minio
|
||||
mc = Minio(
|
||||
f"{os.environ.get('MINIO_ENDPOINT', 'minio')}:{os.environ.get('MINIO_PORT', '9000')}",
|
||||
access_key=os.environ.get("MINIO_ACCESS_KEY", ""),
|
||||
secret_key=os.environ.get("MINIO_SECRET_KEY", ""),
|
||||
secure=os.environ.get("MINIO_SECURE", "false").lower() == "true",
|
||||
)
|
||||
bucket = os.environ.get("MINIO_BUCKET", "performancewest")
|
||||
base = f"filings/{slug}/{order_number}/evidence"
|
||||
|
||||
def _put(local_path, name, content_type):
|
||||
if local_path and os.path.exists(local_path):
|
||||
key = f"{base}/{name}"
|
||||
mc.fput_object(bucket, key, local_path, content_type=content_type)
|
||||
return key
|
||||
return None
|
||||
|
||||
shot = filing_result.get("screenshot_path") or filing_result.get("pre_submit_screenshot")
|
||||
k = _put(shot, "fmcsa_confirmation.png", "image/png")
|
||||
if k:
|
||||
evidence["confirmation_screenshot"] = k
|
||||
att = filing_result.get("attested_pdf")
|
||||
k = _put(att, "attested_filing.pdf", "application/pdf")
|
||||
if k:
|
||||
evidence["attested_pdf_minio"] = k
|
||||
if filing_result.get("fax_log_id"):
|
||||
evidence["fax_log_id"] = filing_result["fax_log_id"]
|
||||
if evidence:
|
||||
LOG.info("[%s] Submission evidence saved to MinIO: %s",
|
||||
order_number, list(evidence.keys()))
|
||||
except Exception as exc:
|
||||
LOG.warning("[%s] Failed to persist submission evidence: %s", order_number, exc)
|
||||
return evidence
|
||||
|
||||
def _send_status_email(self, order_number, entity_name, dot_number, customer_email):
|
||||
"""Send client an email that we're working on their update."""
|
||||
if not customer_email:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue