E11: Blacklist & Security - Tasks¶

E11-F1: Blacklist Data Model¶

Feature: E11-F1: Blacklist Data Model

Minimal Required Fields

Only OIB is required for blacklist entries. First name and last name are optional.

Status	Task	Verification
	Create Blacklist database migration (id, oib NOT NULL, first_name nullable, last_name nullable, status, source, created_by, created_at, removed_by, removed_at)	Run migrations
	Define status enum (Active, Removed)	Enum created
	Create BlacklistAudit table for all operations	Migration run
	Implement data retention: copy removed entries to audit log before hard delete	Audit log contains deleted entries

Feature: E11-F2: Blacklist CSV Import

Status	Task	Verification
	Implement POST /admin/blacklist/import endpoint accepting CSV	File uploaded
	Validate OIB checksum for each row	Invalid OIBs flagged
	Skip duplicate OIBs (in file or already in DB)	Duplicates not inserted
	Insert valid rows in batch	Records created
	Return import summary (imported, skipped, errors)	Summary accurate

Feature: E11-F3: Blacklist Check Service

Status	Task	Verification
	Implement GET /internal/blacklist/check?oib=X endpoint	Returns is_blacklisted boolean
	Return standardized MUP message if blacklisted	Message correct
	Log blocked attempts to ViolationLog	Log record created

Feature: E11-F4: Auto-Cancel Tickets on Blacklist

Status	Task	Verification
	On blacklist entry creation, query for existing tickets	Query runs
	If found, warn admin with ticket details	Warning displayed
	If admin confirms, cancel tickets based on role (buyer=whole order, holder=single ticket)	Correct scope cancelled
	Do not issue refund for blacklist cancellations	No refund created

Feature: E11-F5: Violation Monitoring Report

Status	Task	Verification
	Implement GET /admin/blacklist/violations endpoint	Returns violation records
	Include filters (date range, OIB, match)	Filters work
	Export to CSV	CSV download works

Last Updated: January 2026