Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Consent and statement extensions #42

Merged
merged 24 commits into from
Feb 7, 2025
Merged

Consent and statement extensions #42

merged 24 commits into from
Feb 7, 2025

Conversation

msacrea
Copy link
Contributor

@msacrea msacrea commented Feb 4, 2025

added plan endpoint
added consent endpoint
added contract type of the pension plan
added details about the retirement capital development for the previous year
added total amount available to pledge as collateral for financing home ownership
added standard response 500
general description improvements

micmuell and others added 24 commits January 23, 2025 11:39
@micmuell
new consent endpoints to get authorized personIds, new object for the…
2574806 
… development of the capital in the last year, new object contract type for the pension plan, other small changes (descriptions, schema compositions)
@micmuell
security part in /consents changed (similar to other endpoints)
58e2fed
@msacrea
Small formatting fixes.
881374a
@micmuell
pensionplan object simplification
45b4e67
@micmuell
Merge branch 'consent-and-statement-extensions' of https://github.com…
8b2bcc5 
…/swissfintechinnovations/ca-pension into consent-and-statement-extensions
@micmuell
Simplification of vested benefits object
268a152
@micmuell
remove tag for purchase endpoint
00a3ac0
@micmuell
New endpoint for pension plan document, 500 error response
0afd834
@micmuell
in addition to homeOwnershipAvailableForWithdrawal there is a new att…
e151ea9 
…ribute homeOwnershipAvailableForPledge
@micmuell
pension plan descripion endpoint: improved structure, make it clear t…
9b56243 
…he document is targeted at the insured person and is a personal document
@micmuell
small intend corrections
751ee03
@micmuell
small syntax changes
792fbc7
@micmuell
updated tags
306708c
@msacrea
Format/linter corrections
27fc6cc
@msacrea
Fixes according to yaml-lint
d16096b
@micmuell
simplification of "plan" path
6b75cb8
@micmuell
simplification of ContractType (enum), include ContractType in Pensio…
b35d937 
…nStatementCompact
@micmuell
Updated description for HomeOwnershipAvailableForPledge
1a6c3d7
@micmuell
contractTypes shorter names
f88e260
@micmuell
New scope read:pension_plan. The scope is required to access pension …
c02ee0c 
…plan (descriptions)
@micmuell
contractType as required, interesRate minProperties:1, lumpSums: both…
27352a0 
… lumpsums as required,
@micmuell
improved lumpsum descriptions
c61137e
@msacrea
Improved API formatting.
2a7c429
@msacrea
Removing trailing spaces
a8468a4
@msacrea msacrea requested a review from a team as a code owner February 4, 2025 16:06
dkoeni
dkoeni previously requested changes Feb 4, 2025
View reviewed changes
Copy link
Contributor

@dkoeni dkoeni left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please await discussion with ca security for the consent endpoint.

@micmuell
Copy link
Contributor

micmuell commented Feb 4, 2025

Please await discussion with ca security for the consent endpoint.

@dkoeni @msacrea in order to have a new stable baseline, I suggest to do this pull to main. However, we can wait with a new version/release until this topic is clarified with ca security (hopefully within the next few days/weeks). @dkoeni if you agree could you unblock the merge? thanks!

@dkoeni
Copy link
Contributor

dkoeni commented Feb 5, 2025

@micmuell @msacrea Currently, the consent definition of ca-pension is not compatible with the work of ca-security (https://github.com/swissfintechinnovations/ca-security/wiki/Consent-Management). I would not like to include an incompatible version of the consent in the repo, as this would ignore all of ca-security's thoughts on threat models and best practices. If you still want to pursue your approach, I have 3 questions:

  • Where does this approach of the consents come from and what makes it more suitable for the ca-pension compared to the approach of ca-security?
  • Were established frameworks used in the design of the consents and how can security be guaranteed by the endpoint?
  • What is the added value of this consent definition?

@msacrea msacrea dismissed dkoeni’s stale review February 7, 2025 10:50

Thanks for the input! We agree that the consent management needs to be discussed and solved in an overarching way. Due to urgent demand from the developing partner we commit this changes now to main - but we will hold the release.

@micmuell micmuell merged commit ae1021e into main Feb 7, 2025
4 checks passed
@micmuell micmuell deleted the consent-and-statement-extensions branch February 7, 2025 15:56
msacrea added a commit that referenced this pull request Feb 19, 2025
@msacrea
Consent and statement extensions (#42) (#43)
f40a114 
git clean-up
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@micmuell micmuell micmuell approved these changes

@dkoeni dkoeni dkoeni left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@msacrea @micmuell @dkoeni