openedx · mobeenali12 · Jul 25, 2023 · Jul 25, 2023 · Jul 25, 2023
@@ -20,6 +20,7 @@
 from ecommerce.extensions.api.v2.views import publication as publication_views
 from ecommerce.extensions.api.v2.views import refunds as refund_views
 from ecommerce.extensions.api.v2.views import retirement as retirement_views
+from ecommerce.extensions.api.v2.views import sdn as sdn_views
 from ecommerce.extensions.api.v2.views import stockrecords as stockrecords_views
 from ecommerce.extensions.api.v2.views import user_management as user_management_views
 from ecommerce.extensions.api.v2.views import vouchers as voucher_views
@@ -109,6 +110,10 @@
     url(r'^replace_usernames/$', user_management_views.UsernameReplacementView.as_view(), name='username_replacement'),
 ]
 
+SDN_URLS = [
+    url(r'^$', sdn_views.SDNView.as_view(), name='sdn')
+]
+
 urlpatterns = [
     url(r'^baskets/', include((BASKET_URLS, 'baskets'))),
     url(r'^checkout/', include((CHECKOUT_URLS, 'checkout'))),
@@ -122,6 +127,7 @@
     url(r'^user_management/', include((USER_MANAGEMENT_URLS, 'user_management'))),
     url(r'^assignment-email/', include((ASSIGNMENT_EMAIL_URLS, 'assignment-email'))),
     url(r'^webhooks/', include((WEBHOOKS_URLS, 'webhooks'))),
+    url(r'^sdn/', include((SDN_URLS, 'sdn'))),
 ]
 
 router = SimpleRouter()

@@ -0,0 +1,75 @@
+import logging
+from urllib.parse import urlencode
+
+import requests
+from django.conf import settings
+from rest_framework.permissions import IsAuthenticated
+from rest_framework.response import Response
+from rest_framework.views import APIView
+
+logger = logging.getLogger(__name__)
+
+class SDNView(APIView):
+    """A class that act as a dedicated SDN service."""
+
+    http_method_names = ['get']
+    permission_classes = (IsAuthenticated,)
+
+    def get(self, request):
+        """
+        Searches the OFAC list for an individual with the specified details.
+        The check returns zero hits if:
+            * request to the SDN API times out
+            * SDN API returns a non-200 status code response
+            * user is not found on the SDN list
+
+        URL params:
+            name (str): Individual's full name.
+            city (str): Individual's city.
+            country (str): ISO 3166-1 alpha-2 country code where the individual is from.
+        Returns:
+            dict: SDN API response.
+        """
+        name = request.GET.get('name')
+        city = request.GET.get('city')
+        country = request.GET.get('country')
+        sdn_list = request.site.siteconfiguration.sdn_api_list
+
+        params_dict = {
+            'sources': sdn_list,
+            'type': 'individual',
+            'name': str(name).encode('utf-8'),
+            'city': str(city).encode('utf-8'),
+            'countries': country
+        }
+        params = urlencode(params_dict)
+
+        sdn_check_url = f'{settings.SDN_CHECK_API_URL}?{params}'
+        auth_header = {'subscription-key': settings.SDN_CHECK_API_KEY}
+
+        try:
+            response = requests.get(
+                sdn_check_url,
+                headers=auth_header,
+                timeout=settings.SDN_CHECK_REQUEST_TIMEOUT
+            )
+        except requests.exceptions.Timeout:
+            error_msg = f'Connection to US Treasury SDN API timed out for {name}.'
+            logger.warning(error_msg)
+            return Response({
+                'msg': error_msg
+            })
+
+        sdn_response = response.json()
+
+        if response.status_code != 200:
+            logger.warning(
+                'Unable to connect to US Treasury SDN API for [%s]. Status code [%d] with message: [%s]',
+                name, response.status_code, response.content
+            )
+            return Response({
+                'msg': f'Unable to connect to US Treasury SDN API for {name}. Status code {response.status_code}',
+                'response': sdn_response
+            })
+
+        return Response(sdn_response)