feat(backend): ajout 8 endpoints manquants workflow financier

Endpoints ajoutés : - POST /api/finance/approvals - requestApproval (avec organizationId) - GET /api/finance/approvals/history - historique filtrable - PUT /api/finance/budgets/{id} - updateBudget (name, description, status) - DELETE /api/finance/budgets/{id} - deleteBudget (soft delete) - GET /api/finance/stats - statistiques workflow global - GET /api/finance/audit-logs - logs d'audit filtrables - GET /api/finance/audit-logs/anomalies - détection anomalies - POST /api/finance/audit-logs/export - export CSV/PDF Services : - ApprovalService.requestApproval() : logique niveaux LEVEL1/2/3 selon montant - ApprovalService.getApprovalsHistory() : filtres date + statut - BudgetService.updateBudget() : validation statut + approbation - BudgetService.deleteBudget() : soft delete (actif=false) Notes : - Niveau approbation : <100K=NONE, 100K-1M=LEVEL1, 1M-5M=LEVEL2, >5M=LEVEL3 - organizationId optionnel dans requestApproval (pas de récup auto depuis Membre) - FinanceWorkflowResource créé pour stats/audit (implémentation stub) Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-03-16 21:17:18 +00:00
parent a7bcaf9277
commit 1c096f0ee1
5 changed files with 360 additions and 0 deletions
--- a/src/main/java/dev/lions/unionflow/server/resource/ApprovalResource.java
+++ b/src/main/java/dev/lions/unionflow/server/resource/ApprovalResource.java
@@ -16,6 +16,7 @@ import org.jboss.logging.Logger;

 import java.time.LocalDateTime;
 import java.util.List;
+import java.util.Map;
 import java.util.UUID;

 /**
@@ -36,6 +37,42 @@ public class ApprovalResource {
    @Inject
    ApprovalService approvalService;

+    @POST
+    @RolesAllowed({"ORG_ADMIN", "SUPER_ADMIN", "MEMBRE"})
+    @Operation(summary = "Demande une approbation de transaction",
+               description = "Crée une demande d'approbation pour une transaction financière")
+    public Response requestApproval(Map<String, Object> request) {
+        LOG.infof("POST /api/finance/approvals - Request approval");
+
+        try {
+            String transactionId = (String) request.get("transactionId");
+            String transactionType = (String) request.get("transactionType");
+            Double amount = ((Number) request.get("amount")).doubleValue();
+            String organizationIdStr = (String) request.get("organizationId");
+
+            if (transactionId == null || transactionType == null || amount == null) {
+                return Response.status(Response.Status.BAD_REQUEST)
+                    .entity(new ErrorResponse("transactionId, transactionType et amount sont requis"))
+                    .build();
+            }
+
+            UUID organizationId = organizationIdStr != null ? UUID.fromString(organizationIdStr) : null;
+
+            TransactionApprovalResponse approval = approvalService.requestApproval(
+                UUID.fromString(transactionId), transactionType, amount, organizationId);
+            return Response.status(Response.Status.CREATED).entity(approval).build();
+        } catch (IllegalArgumentException e) {
+            return Response.status(Response.Status.BAD_REQUEST)
+                .entity(new ErrorResponse(e.getMessage()))
+                .build();
+        } catch (Exception e) {
+            LOG.error("Erreur lors de la création de la demande d'approbation", e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR)
+                .entity(new ErrorResponse(e.getMessage()))
+                .build();
+        }
+    }
+
    @GET
    @Path("/pending")
    @RolesAllowed({"ORG_ADMIN", "SUPER_ADMIN"})
--- a/src/main/java/dev/lions/unionflow/server/resource/BudgetResource.java
+++ b/src/main/java/dev/lions/unionflow/server/resource/BudgetResource.java
@@ -135,6 +135,58 @@ public class BudgetResource {
        }
    }

+    @PUT
+    @Path("/{budgetId}")
+    @RolesAllowed({"ORG_ADMIN", "SUPER_ADMIN"})
+    @Operation(summary = "Met à jour un budget",
+               description = "Modifie un budget existant (nom, description, lignes, statut)")
+    public Response updateBudget(
+            @PathParam("budgetId") UUID budgetId,
+            Map<String, Object> updates) {
+        LOG.infof("PUT /api/finance/budgets/%s", budgetId);
+
+        try {
+            BudgetResponse budget = budgetService.updateBudget(budgetId, updates);
+            return Response.ok(budget).build();
+        } catch (NotFoundException e) {
+            return Response.status(Response.Status.NOT_FOUND)
+                .entity(new ErrorResponse(e.getMessage()))
+                .build();
+        } catch (BadRequestException e) {
+            return Response.status(Response.Status.BAD_REQUEST)
+                .entity(new ErrorResponse(e.getMessage()))
+                .build();
+        } catch (Exception e) {
+            LOG.error("Erreur lors de la mise à jour du budget", e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR)
+                .entity(new ErrorResponse(e.getMessage()))
+                .build();
+        }
+    }
+
+    @DELETE
+    @Path("/{budgetId}")
+    @RolesAllowed({"ORG_ADMIN", "SUPER_ADMIN"})
+    @Operation(summary = "Supprime un budget",
+               description = "Supprime logiquement un budget (soft delete)")
+    public Response deleteBudget(@PathParam("budgetId") UUID budgetId) {
+        LOG.infof("DELETE /api/finance/budgets/%s", budgetId);
+
+        try {
+            budgetService.deleteBudget(budgetId);
+            return Response.noContent().build();
+        } catch (NotFoundException e) {
+            return Response.status(Response.Status.NOT_FOUND)
+                .entity(new ErrorResponse(e.getMessage()))
+                .build();
+        } catch (Exception e) {
+            LOG.error("Erreur lors de la suppression du budget", e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR)
+                .entity(new ErrorResponse(e.getMessage()))
+                .build();
+        }
+    }
+
    // Classe interne pour les réponses d'erreur
    record ErrorResponse(String message) {}
 }
--- a/src/main/java/dev/lions/unionflow/server/resource/FinanceWorkflowResource.java
+++ b/src/main/java/dev/lions/unionflow/server/resource/FinanceWorkflowResource.java
@@ -0,0 +1,145 @@
+package dev.lions.unionflow.server.resource;
+
+import jakarta.annotation.security.RolesAllowed;
+import jakarta.ws.rs.*;
+import jakarta.ws.rs.core.MediaType;
+import jakarta.ws.rs.core.Response;
+import org.eclipse.microprofile.openapi.annotations.Operation;
+import org.eclipse.microprofile.openapi.annotations.tags.Tag;
+import org.jboss.logging.Logger;
+
+import java.time.LocalDateTime;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+/**
+ * Resource REST pour les workflows financiers (stats et audits)
+ *
+ * @author UnionFlow Team
+ * @version 1.0
+ * @since 2026-03-16
+ */
+@Path("/api/finance")
+@Produces(MediaType.APPLICATION_JSON)
+@Consumes(MediaType.APPLICATION_JSON)
+@Tag(name = "Finance - Workflow", description = "Statistiques et audits des workflows financiers")
+public class FinanceWorkflowResource {
+
+    private static final Logger LOG = Logger.getLogger(FinanceWorkflowResource.class);
+
+    @GET
+    @Path("/stats")
+    @RolesAllowed({"ORG_ADMIN", "SUPER_ADMIN"})
+    @Operation(summary = "Statistiques du workflow financier",
+               description = "Retourne les statistiques globales du workflow financier")
+    public Response getWorkflowStats(
+            @QueryParam("organizationId") String organizationId,
+            @QueryParam("startDate") String startDate,
+            @QueryParam("endDate") String endDate) {
+        LOG.infof("GET /api/finance/stats?organizationId=%s", organizationId);
+
+        try {
+            Map<String, Object> stats = new HashMap<>();
+            stats.put("totalApprovals", 0);
+            stats.put("pendingApprovals", 0);
+            stats.put("approvedCount", 0);
+            stats.put("rejectedCount", 0);
+            stats.put("totalBudgets", 0);
+            stats.put("activeBudgets", 0);
+            stats.put("averageApprovalTime", "0 hours");
+            stats.put("period", Map.of(
+                "startDate", startDate != null ? startDate : LocalDateTime.now().minusMonths(1).toString(),
+                "endDate", endDate != null ? endDate : LocalDateTime.now().toString()
+            ));
+
+            return Response.ok(stats).build();
+        } catch (Exception e) {
+            LOG.error("Erreur lors de la récupération des statistiques", e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR)
+                .entity(new ErrorResponse(e.getMessage()))
+                .build();
+        }
+    }
+
+    @GET
+    @Path("/audit-logs")
+    @RolesAllowed({"ORG_ADMIN", "SUPER_ADMIN"})
+    @Operation(summary = "Récupère les logs d'audit financier",
+               description = "Liste les logs d'audit avec filtres optionnels")
+    public Response getAuditLogs(
+            @QueryParam("organizationId") String organizationId,
+            @QueryParam("startDate") String startDate,
+            @QueryParam("endDate") String endDate,
+            @QueryParam("operation") String operation,
+            @QueryParam("entityType") String entityType,
+            @QueryParam("severity") String severity,
+            @QueryParam("limit") @DefaultValue("100") int limit) {
+        LOG.infof("GET /api/finance/audit-logs?organizationId=%s&limit=%d", organizationId, limit);
+
+        try {
+            // Retourne une liste vide pour l'instant - à implémenter plus tard avec vraie persistence
+            return Response.ok(new ArrayList<>()).build();
+        } catch (Exception e) {
+            LOG.error("Erreur lors de la récupération des logs d'audit", e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR)
+                .entity(new ErrorResponse(e.getMessage()))
+                .build();
+        }
+    }
+
+    @GET
+    @Path("/audit-logs/anomalies")
+    @RolesAllowed({"ORG_ADMIN", "SUPER_ADMIN"})
+    @Operation(summary = "Récupère les anomalies financières détectées",
+               description = "Liste les anomalies et transactions suspectes")
+    public Response getAnomalies(
+            @QueryParam("organizationId") String organizationId,
+            @QueryParam("startDate") String startDate,
+            @QueryParam("endDate") String endDate) {
+        LOG.infof("GET /api/finance/audit-logs/anomalies?organizationId=%s", organizationId);
+
+        try {
+            // Retourne une liste vide pour l'instant - à implémenter plus tard
+            return Response.ok(new ArrayList<>()).build();
+        } catch (Exception e) {
+            LOG.error("Erreur lors de la récupération des anomalies", e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR)
+                .entity(new ErrorResponse(e.getMessage()))
+                .build();
+        }
+    }
+
+    @POST
+    @Path("/audit-logs/export")
+    @RolesAllowed({"ORG_ADMIN", "SUPER_ADMIN"})
+    @Operation(summary = "Exporte les logs d'audit",
+               description = "Génère un export des logs d'audit au format spécifié (CSV/PDF)")
+    public Response exportAuditLogs(Map<String, Object> request) {
+        String organizationId = (String) request.get("organizationId");
+        String format = (String) request.getOrDefault("format", "csv");
+
+        LOG.infof("POST /api/finance/audit-logs/export - format: %s", format);
+
+        try {
+            // Pour l'instant, retourne un URL fictif - à implémenter plus tard
+            String exportUrl = "/api/finance/exports/" + UUID.randomUUID() + "." + format;
+
+            Map<String, Object> response = new HashMap<>();
+            response.put("exportUrl", exportUrl);
+            response.put("format", format);
+            response.put("status", "generated");
+            response.put("expiresAt", LocalDateTime.now().plusHours(24).toString());
+
+            return Response.ok(response).build();
+        } catch (Exception e) {
+            LOG.error("Erreur lors de l'export des logs d'audit", e);
+            return Response.status(Response.Status.INTERNAL_SERVER_ERROR)
+                .entity(new ErrorResponse(e.getMessage()))
+                .build();
+        }
+    }
+
+    record ErrorResponse(String message) {}
+}