d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
proxmox/scripts/omnl/omnl-je-checker.sh
defiQUG b3a8fe4496
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
chore: sync all changes to Gitea 
- Config, docs, scripts, and backup manifests
- Submodule refs unchanged (m = modified content in submodules)

Made-with: Cursor
2026-03-02 11:37:34 -08:00

86 lines
3.0 KiB
Bash
Executable File
Raw Permalink Blame History

#!/usr/bin/env bash
# OMNL Fineract — Checker: validate payload file (hash + sanity) and POST journal entry (maker-checker).
# Usage: PAYLOAD_FILE=reconciliation/je-<ref>.payload.json bash scripts/omnl/omnl-je-checker.sh
# Optional: SKIP_HASH=1 to skip sha256 check. DRY_RUN=1 to validate only, do not post.
set -euo pipefail
REPO_ROOT="${REPO_ROOT:-$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)}"
PAYLOAD_FILE="${PAYLOAD_FILE:?Set PAYLOAD_FILE}"
SKIP_HASH="${SKIP_HASH:-0}"
DRY_RUN="${DRY_RUN:-0}"
if [ ! -f "$PAYLOAD_FILE" ]; then
echo "Payload file not found: $PAYLOAD_FILE" >&2
exit 1
fi
hash_file="${PAYLOAD_FILE%.json}.sha256"
if [ "$SKIP_HASH" != "1" ] && [ -f "$hash_file" ]; then
expected=$(cat "$hash_file")
actual=$(sha256sum "$PAYLOAD_FILE" | awk '{print $1}')
if [ "$expected" != "$actual" ]; then
echo "Checker: hash mismatch (expected $expected, got $actual). Abort." >&2
exit 1
fi
fi
body=$(cat "$PAYLOAD_FILE")
amount=$(echo "$body" | jq -r '.debits[0].amount // 0')
office_id=$(echo "$body" | jq -r '.officeId')
MATERIAL_THRESHOLD_MAKER_CHECKER="${MATERIAL_THRESHOLD_MAKER_CHECKER:-10000000}"
if [ -z "$amount" ] || [ "${amount:-0}" -le 0 ]; then
echo "Checker: invalid amount in payload" >&2
exit 1
fi
# Material policy: amount >= threshold requires approvalMetadata in payload
if [ "${amount:-0}" -ge "${MATERIAL_THRESHOLD_MAKER_CHECKER}" ] 2>/dev/null; then
approver=$(echo "$body" | jq -r '.approvalMetadata.approver // empty')
approved_at=$(echo "$body" | jq -r '.approvalMetadata.approvedAt // empty')
if [ -z "$approver" ] || [ -z "$approved_at" ]; then
echo "Checker: amount >= $MATERIAL_THRESHOLD_MAKER_CHECKER requires approvalMetadata (approver, approvedAt) in payload" >&2
exit 1
fi
fi
if [ -f "${REPO_ROOT}/omnl-fineract/.env" ]; then
set +u
source "${REPO_ROOT}/omnl-fineract/.env" 2>/dev/null || true
set -u
elif [ -f "${REPO_ROOT}/.env" ]; then
set +u
source "${REPO_ROOT}/.env" 2>/dev/null || true
set -u
fi
BASE_URL="${OMNL_FINERACT_BASE_URL:-}"
TENANT="${OMNL_FINERACT_TENANT:-omnl}"
USER="${OMNL_FINERACT_USER:-app.omnl}"
PASS="${OMNL_FINERACT_PASSWORD:-}"
if [ -z "$BASE_URL" ] || [ -z "$PASS" ]; then
echo "Set OMNL_FINERACT_BASE_URL and OMNL_FINERACT_PASSWORD" >&2
exit 1
fi
if [ "$DRY_RUN" = "1" ]; then
echo "Checker: DRY_RUN — payload valid, not posting" >&2
exit 0
fi
# Strip approvalMetadata before POST (Fineract does not expect it)
post_body=$(echo "$body" | jq 'del(.approvalMetadata)' 2>/dev/null || echo "$body")
CURL_OPTS=(-s -S -w "\n%{http_code}" -H "Fineract-Platform-TenantId: ${TENANT}" -H "Content-Type: application/json" -u "${USER}:${PASS}")
out=$(curl "${CURL_OPTS[@]}" -X POST -d "$post_body" "${BASE_URL}/journalentries" 2>/dev/null)
code=$(echo "$out" | tail -n1)
resp=$(echo "$out" | sed '$d')
if [ "$code" = "200" ] || [ "${code:0:1}" = "2" ]; then
echo "Checker: posted successfully (HTTP $code)" >&2
echo "$resp" | jq '.' 2>/dev/null || echo "$resp"
else
echo "Checker: POST failed HTTP $code: $resp" >&2
exit 1
fi
Reference in New Issue View Git Blame Copy Permalink