compliance - blocked country and user list

[owocki]

Description

from a complilance perspective.. we do not want to do business with those in OFAC countries or on the OFAC list. this PR takes an initial stab at making sure those users cannot login to the platform

Refers/Fixes

email thread with product & legal

Testing

tested locally

[codecov]

Codecov Report

Merging #5602 into master will increase coverage by 0.13%.
The diff coverage is 26.96%.

@@            Coverage Diff             @@
##           master    #5602      +/-   ##
==========================================
+ Coverage   30.24%   30.38%   +0.13%     
==========================================
  Files         247      253       +6     
  Lines       21165    23546    +2381     
  Branches     3065     3745     +680     
==========================================
+ Hits         6402     7154     +752     
- Misses      14487    16029    +1542     
- Partials      276      363      +87

Impacted Files	Coverage Δ
app/app/settings.py	80.2% <ø> (ø)	⬆️
app/compliance/views.py	0% <0%> (ø)
app/compliance/apps.py	0% <0%> (ø)
...liance/management/commands/pull_compliance_list.py	0% <0%> (ø)
app/compliance/admin.py	100% <100%> (ø)
app/dashboard/utils.py	43.8% <3.84%> (+0.65%)	⬆️
app/compliance/models.py	88.88% <88.88%> (ø)
app/app/urls.py	84.74% <0%> (-5.46%)	⬇️
app/grants/views.py	13.64% <0%> (-1.84%)	⬇️
app/dashboard/tip_views.py	17.32% <0%> (-1.39%)	⬇️
... and 20 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update d28eb16...113a984. Read the comment docs.

[octavioamu]

As we use github login and they already do this. Do we need to recheck?

[owocki]

thats a good question to ask legal on our call with them next week.

cc @frankchen07

[danlipert]

Looks pretty legit to me - we'll likely encounter some false positives along the way so may want to add some whitelist logic as well

[danlipert]

typo here

[owocki]

ce08234

[owocki]

sounds like per the legal call its a good idea to have our own checking in place

[owocki]

i turned around the code review..

[danlipert]

i turned around the code review..

@owocki is this you saying that its ready for final review? I see there is a note in the description that says it shouldn't be merged

[owocki]

@danlipert just did some final testing + submitted it (removing the hedge from the desc)

[danlipert]

If we're going to ever do any kind of tracking / recording of compliance related service denial or anything like that we'll have to not rewrite this table over and over - a premature optimization for now but lets all make sure we are aware of this for the future.

[owocki]

got it; @alexvotofuture should we keep a record of OFAC denials? would it be handy to have to show regulatory compliance?

[owocki]

lets punt to a v2

[owocki]

@danlipert turned around ur feedback

[thelostone-mc]

who gave this this btw ?

[owocki]

i dont understand the question?