alberto-art3ch commented on PR #6133:
URL: https://github.com/apache/fineract/pull/6133#issuecomment-4987661874

   > This routes a sensitive flag change through Fineract's brand-new typed 
command framework instead of the legacy command-source pipeline every other WC 
command uses.
   > 
   > `WorkingCapitalLoanApiResource.java`:
   > 
   > ```java
   > // Permission code = <action>_<entity>. The new command framework does not 
enforce per-command permissions,
   > // so the mark-as-fraud endpoint checks it explicitly to keep parity with 
the legacy authorization model.
   > ```
   > 
   > Auth is handled explicitly here so that's fine, but I checked the 
framework's own docs (`fineract-doc/.../command/audit.adoc` is literally `TBD`, 
and `refactoring.adoc` says maker-checker "will be part of a separate 
proposal") - this command gets no audit trail and no maker-checker, unlike 
every other WC command in this whole epic which goes through the legacy 
pipeline and gets both for free. Marking a loan fraudulent seems exactly like 
the kind of action you'd want an audit trail on. Is it worth waiting for 
command-audit to land before routing this one through the new framework, or is 
that an accepted tradeoff?
   > 
   > Minor: the PR also adds a full new `charge-off.adoc` doc chapter 
describing the general (non-WC) Loan Charge-Off feature. Reasonable context to 
set up the "Fraud Charge-Off" section, but it's documenting a whole 
pre-existing shared feature, not really "Working Capital loan mark as fraud" - 
could've been its own doc PR.
   
   PR updated to use legacy command handler


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to