Tiny app for fetching and querying the sanctioned entity lists from the US Department of Treasury and the UN Security council.
- Postgres running locally, a
reglab_poi_api
user with passwordpassword
. - Ruby 3.0
- Bundler
- Clone the repo and move to the new directory.
bundler install
to install dependencies.bundle exec rails db:setup && bundle exec rails db:migrate
to prepare the database.bundle exec rspec
to run the tests.- Fill your dev database by running
bundle exec rails fetch_sanction_list:un_sc_consolidated_list
and/orbundle exec rails fetch_sanction_list:us_treasury_sdn
. - Run the app locally with
bundle exec rails server
The app exposes two endpoints:
/healthcheck
, which always returns 200 with an empty body to GET requests./search
, which accepts POST requests containing a JSON body.
The body of the POST request to /search
should be a JSON object containing a single key named fullname
, like so:
{ "fullname": "SHEIN" }
The response will be a JSON object containing two keys, exact_match
and results
:
{
"exact_match": true,
"results": [
{
"id": 89883,
"list_id": 26445,
"parent_id": null,
"full_name": "SHEIN, Andrey",
"entity_type": "Individual",
"sanction_program": "UKRAINE-EO13661",
"authority": "us_treasury_sdn",
"title": "Deputy Head of the Border Directorate - Head of the Coast Guard Unit of the Federal Security Service of the Russian Federation",
"remarks": null,
"created_at": "2022-02-04T19:28:15.770Z",
"updated_at": "2022-02-04T19:28:15.770Z"
},
{
"id": 91381,
"list_id": 31945,
"parent_id": null,
"full_name": "SHEIN, Win",
"entity_type": "Individual",
"sanction_program": "BURMA-EO14014",
"authority": "us_treasury_sdn",
"title": "Minister for Planning, Finance, and Industry",
"remarks": null,
"created_at": "2022-02-04T19:28:15.770Z",
"updated_at": "2022-02-04T19:28:15.770Z"
},
# <some other partial matches omitted for brevity>
]
}
The results
key will be an array containing the details of any individuals or entities that were at least a partial match with the search term. It will match on anything close enough on the similarity
metric as defined by the pg_trgm
extension and can be tweaked according to the docs for that extension. There is also an exact_match
key that indicates whether any of the search results was an exact match for the search term.
It is recommended to run the fetch_sanction_list:un_sc_consolidated_list
and fetch_sanction_list:us_treasury_sdn
rake tasks periodically to fetch the latest version of the lists, as people may be added or removed at any time.
The /search
endpoint (but not the healthcheck) is protected with HTTP Basic Auth if the HTTP_BASIC_USER
and HTTP_BASIC_PASSWORD
environments variable are set.