workspace "FNA – Cowally + Oncredit (Fuente Única)" "Cowally como capa unificada de canales públicos; Oncredit como dominio de crédito (backoffice/UI/APIs)" {

model {
    // ===================== Personas =====================
    ciudadano = person "Ciudadano / Cliente FNA" "Usa Web, WhatsApp y Superapp (Flutter)."
    asesor     = person "Asesor Comercial (FNA/aliados)" "Gestiona solicitudes en nombre de clientes."
    analista   = person "Analista de Crédito" "Evalúa, solicita ajustes y emite conceptos."
    comite     = person "Miembro de Comité" "Aprueba en comité."
    adminFNA   = person "Administrador Cumplimiento/Seguridad" "Auditoría, trazabilidad, métricas."

        // ===================== Sistemas Externos =====================
gse          = softwareSystem "GSE" "Biometría, verificación de identidad y firmas" {
    tags "External"
}
transUnion   = softwareSystem "TransUnion" "Bureau crediticio" {
    tags "External"
}
ga4          = softwareSystem "Google Analytics 4 / GTM" "Analítica y etiquetado" {
    tags "External"
}
siem         = softwareSystem "SIEM / Logging Corporativo" "Auditoría central y retención" {
    tags "External"
}
coreFNA      = softwareSystem "Cobiz Topaz (Core FNA)" "Sistemas transaccionales del FNA (maestros, hipotecario...)"

// ===================== Plataforma Institucional (ESB y Sistemas Internos) =====================
fnaEsb = softwareSystem "FNA ESB & Sistemas Internos" "Bus institucional y sistemas internos expuestos (Core, Documental, Notificaciones, Listas)" {
  esbBus       = container "ESB Institucional" "Bus de servicios y APIs internas" "ESB" {
      tags "Partner"
  }
  coreCobis    = container "Cobiz Topaz (Core)" "Transaccional: maestros, hipotecario, cesantías, AV" "Core" {
      tags "Partner"
  }
  workManager  = container "WorkManager (Gestor Documental)" "Radicación y consulta de evidencias/documentos" "ECM" {
      tags "Partner"
  }
  andesSigner  = container "Andes Signer" "Firma y sello de tiempo institucional" "Firma/PKI" {
      tags "Partner"
  }
  vigia        = container "VIGIA (Listas Inhibitorias)" "Validaciones SARLAFT / listas restrictivas" "Compliance" {
      tags "Partner"
  }
  notifsFNA    = container "Notificaciones FNA" "Motor institucional de notificaciones" "Mensajería" {
      tags "Partner"
  }
  goAnywhere   = container "GoAnywhere (MFT)" "Transporte seguro de archivos" "MFT" {
      tags "Partner"
  }

  // Relaciones internas del ESB
  esbBus -> coreCobis   "Operaciones core" "HTTPS/AMQP"
  esbBus -> workManager "Gestor documental" "HTTPS/AMQP"
  esbBus -> andesSigner "Firma/sello de tiempo" "HTTPS/AMQP"
  esbBus -> vigia       "Listas restrictivas" "HTTPS/AMQP"
  esbBus -> notifsFNA   "Notificaciones institucionales" "HTTPS/AMQP"
  esbBus -> goAnywhere  "Transferencia segura de archivos" "SFTP/MFT"
}

// ===================== Plataforma de Crédito (Oncredit) =====================
oncredit = softwareSystem "Oncredit Platform" "CORE/LMS de crédito, reglas/scoring y backoffice" {
  oncredAPI = container "Oncredit APIs" "Solicitudes, productos, pagos, reglas/scoring" "SaaS/Managed" {
      tags "Partner"
  }
  oncredUI  = container "Oncredit Backoffice UI" "UI de analistas/asesores/comité" "Web" {
      tags "Partner"
  }
  // Integración a bureau (resumen)
  oncredAPI -> transUnion "Consulta bureau para scoring" "HTTPS"
  // Integración con sistemas FNA (si aplica)
  oncredAPI -> esbBus "Operaciones con sistemas FNA (si aplica)" "HTTPS/AMQP"
}

// ===================== Plataforma Transversal (Cowally) =====================
cowally = softwareSystem "Cowally Platform" "White-label embedded finance; capa unificada para canales públicos (sesión, policies, observabilidad, compliance, trazabilidad, cifrado)" {

  // --- Canales UI (públicos) ---
  omniMobileApp = container "OMNI Mobile App (Flutter)" "Superapp móvil oficial" "Mobile" {
      tags "Mobile App"
  }
  webPortal     = container "Portal Transaccional (Flutter Web)" "UI transaccional web" "Web" {
      tags "Web App"
  }
  webLanding    = container "Landing (Strapi + React)" "Sitio institucional, SEO/AA" "Web" {
      tags "Web App"
  }

  // --- WhatsApp (detalle preservado; implementado por partner) ---
  waConnector = container "Conector WhatsApp Business" "Webhook, plantillas y sesiones" "Service" {
      tags "Connector"
      tags "Partner"
  }
  waBotNLP    = container "Chatbot NLP" "PLN y orquestación de flujos" "Service" {
      tags "Service"
      tags "Partner"
  }
  waHandover  = container "Handover a Humano" "Escalamiento controlado a asesor" "Service" {
      tags "Service"
      tags "Partner"
  }

  // --- Capa API/orquestación/policies (compromiso original) ---
  apiGW      = container "Cowally API Gateway" "API Gateway (REST/GraphQL), rate limiting, authz policies, BFFs" "Node.js" {
      tags "Partner"
  }
  orchestr   = container "Cowally Orchestrator" "Lógica de negocio, flujos, coordinación de partners" "Node.js" {
      tags "Partner"
  }
  integrationBus = container "ESB / Core Integration" "Conectividad con CORE FNA y otros" "ESB" {
      tags "Partner"
  }

  // --- Capacidades transversales (preservadas) ---
  authSSO    = container "Auth (OIDC/MFA)" "SSO/MFA; sesión unificada; step-up" "Service" {
      tags "Partner"
  }
  consent    = container "Consent Service" "Gestión granular de consentimientos (auditable)" "Service" {
      tags "Partner"
  }
  notif      = container "Notification Service" "Orquestación de notificaciones vía ESB (sin integración directa a proveedores)" "Service" {
      tags "Partner"
  }
  docs       = container "Document Service" "Generación/almacenamiento de PDFs y códigos verificadores" "Service" {
      tags "Partner"
  }
  verificationAPI = container "Verification API" "Valida códigos/folios de certificados/extractos" "REST" {
      tags "Partner"
  }
  auditObs   = container "Observability & Audit" "Métricas, trazabilidad, dashboards, alertas, retención" "Service" {
      tags "Partner"
  }
  eventBus   = container "Business Event Bus" "Eventos canónicos (estado único omnicanal)" "Kafka/EventBridge" {
      tags "Partner"
  }

  // --- Dominios financieros (no-crédito) preservados ---
  paymentOrch    = container "Payment Orchestrator" "Procesamiento y ruteo de pagos/recaudos" "External Integration" {
      tags "Partner"
  }
  bankingConn    = container "Banking Connector" "Cuentas/conciliación con bancos/partners" "External Integration" {
      tags "Partner"
  }
  signatureFlow  = container "Signature Flow" "Gestión de firmas digitales" "External Integration" {
      tags "Partner"
  }
  decisionGeneral = container "Decision Engine (General)" "Reglas/segmentación transversales (no crédito)" "Rules Engine" {
      tags "Partner"
  }

  // --- Adaptador/Proxy hacia Oncredit (clave del bridge) ---
  oncredProxy = container "Oncredit Adapter (Proxy/BFF)" "Proxy seguro a APIs Oncredit (mapeo contratos, trazabilidad, circuit-breakers)" "BFF" {
      tags "Partner"
  }

  // --- Relaciones de UI canales ---
  ciudadano      -> omniMobileApp "Usa" ""
  ciudadano      -> webLanding   "Consulta" ""
  ciudadano      -> webPortal    "Opera" ""
  ciudadano      -> waConnector  "Interactúa" ""

  // --- WhatsApp detalle ---
  waConnector -> waBotNLP     "Entrega/recibe mensajes" "HTTP"
  waBotNLP    -> waHandover   "Escala a humano" ""
  waHandover  -> asesor       "Transfiere a asesor (herramienta de atención)" ""

  // --- Canales -> API unificada Cowally ---
  omniMobileApp -> apiGW "Consume" "HTTPS"
  webPortal     -> apiGW "Consume" "HTTPS"
  waBotNLP      -> apiGW "Consume" "HTTPS"

  // --- Web institucional (landing + verificador) ---
  cms       = container "Headless CMS (Drupal/Strapi)" "Gestión de contenidos/roles/versionamiento" "Headless CMS" {
      tags "Service"
  }
  webAPI    = container "Web BFF/API" "Back-for-frontend del sitio (GraphQL/REST)" "Node.js" {
      tags "API"
  }
  verifUI   = container "UI Validador Público" "Formulario público para validar códigos" "Web" {
      tags "Web App"
  }

  webLanding -> webAPI "Consume" "HTTPS"
  webAPI     -> cms    "Lee/gestiona contenidos" "HTTPS"
  webAPI     -> apiGW  "Servicios institucionales/SSO" "HTTPS"
  webLanding -> ga4    "Analítica/etiquetado" "JS SDK"
  webPortal  -> ga4    "Analítica/etiquetado" "SDK"
  omniMobileApp -> ga4 "Analítica/etiquetado" "SDK"
  verifUI    -> verificationAPI "Consulta autenticidad" "HTTPS"
  docs       -> verificationAPI "Publica códigos y hashes" ""

  // --- Internos Cowally (policies/orquestación) ---
  apiGW    -> orchestr      "Encamina/autoriza" ""
  orchestr -> consent       "Gestiona consentimientos" ""
  orchestr -> authSSO       "Autentica/MFA" ""
  orchestr -> notif         "Dispara notificaciones" ""
  orchestr -> docs          "Genera/lee documentos" ""
  orchestr -> decisionGeneral "Evalúa reglas generales" ""
  orchestr -> eventBus      "Publica/consume eventos" "Async"
  orchestr -> integrationBus "Integra con CORE/externos" ""

  // --- Observabilidad/Auditoría ---
  auditObs -> siem "Envía auditoría/logs/retención" "Secure Connect"

  notif -> esbBus "Enrutar notificaciones institucionales" "HTTPS/AMQP"
  authSSO -> esbBus "OTP vía ESB" "HTTPS/AMQP"
  orchestr -> esbBus "Consultas/transacciones internas (core, documental, listas, notifs)" "HTTPS/AMQP"

  // --- Integraciones externas (firma/pagos/banking) ---
  signatureFlow -> gse      "Biometría/Firma" "HTTPS"
  orchestr      -> signatureFlow "Desencadena firma" ""
  orchestr      -> paymentOrch   "Orquesta pagos/recaudos" ""
  orchestr      -> bankingConn   "Crea/sincroniza cuentas/conciliación" ""

  // --- CORE FNA ---
  authSSO       -> esbBus "Valida credenciales/identidad institucional (vía ESB)" "LDAP/HTTPS"
  integrationBus -> esbBus "Conecta al bus institucional (core, documental, notificaciones, listas)" "HTTPS/AMQP"

  // --- Proxy recomendado a Oncredit desde canales públicos ---
  apiGW     -> oncredProxy "Adapter/BFF de crédito" "HTTPS"
  oncredProxy -> oncredit  "Proxy a dominio de crédito" "HTTPS"
}

// ===================== Decisiones clave del bridge =====================
// Backoffice directo (decisión final):
asesor   -> oncredUI "Gestiona solicitudes" ""
analista -> oncredUI "Evalúa/aprueba" ""
comite   -> oncredUI "Aprueba en comité" ""

// Embed/Deep-link de flujos Oncredit en Flutter cuando convenga:
omniMobileApp -> oncredUI "Embed/Deep Link a flujos Oncredit (cuando convenga)" "WebView/Iframe"
webPortal     -> oncredUI "Embed/Deep Link a flujos Oncredit (cuando convenga)" "Iframe"

// Excepción controlada (atajo temporal) para velocidad: activar SOLO si es necesario
// waBotNLP -> oncredAPI "Directo (excepción controlada; telemetría básica)" "HTTPS"
}

views {
    // ===================== Paisaje General =====================
    systemLandscape "FNA_Ecosistema" {
        include *
        autolayout lr
    }

    // ===================== Contextos =====================
    systemContext cowally {
        include *
        autolayout lr
    }
    systemContext oncredit {
        include *
        autolayout lr
    }

// ===================== Vistas de Contenedores (Agrupadas para legibilidad) =====================
container cowally "PublicChannels" {
  include omniMobileApp
  include webPortal
  include webLanding
  include waConnector
  include waBotNLP
  include waHandover
  include apiGW
  include orchestr
  include integrationBus
  include authSSO
  include consent
  include notif
  include docs
  include verificationAPI
  include eventBus
  include auditObs
  include gse
  include ga4
  include oncredProxy

  // ESB institucional y sistemas internos
  include esbBus
  include coreCobis
  include workManager
  include vigia
  include notifsFNA
  include andesSigner
  include goAnywhere

  autolayout tb
}

container oncredit "BackofficeCredito" {
  include oncredUI
  include oncredAPI
  include transUnion
  autolayout lr
}

// ===================== Vista multi-sistema: Integraciones Canales ↔ Crédito =====================
container cowally "Integraciones_Canales_y_Credito" {
  include omniMobileApp
  include webPortal
  include waBotNLP
  include apiGW
  include oncredProxy
  include eventBus
  autolayout lr
}

// ===================== Estilos =====================
styles {
  element "Person" {
      background "#08427b"
      color "#ffffff"
      shape "Person"
  }
  element "Software System" {
      background "#1168bd"
      color "#ffffff"
  }
  element "Container" {
      background "#438dd5"
      color "#ffffff"
  }
  element "External" {
      background "#999999"
      color "#ffffff"
      opacity 60
  }
  element "Mobile App" {
      background "#0f766e"
      color "#ffffff"
  }
  element "Web App" {
      background "#1d4ed8"
      color "#ffffff"
  }
  element "API" {
      background "#6b21a8"
      color "#ffffff"
  }
  element "Service" {
      background "#7c3aed"
      color "#ffffff"
  }
  element "BFF" {
      background "#7e22ce"
      color "#ffffff"
  }
  element "Connector" {
      background "#0e7490"
      color "#ffffff"
  }
  element "Partner" {
      background "#0b5f99"
      color "#ffffff"
  }
  element "Core" {
      background "#dc2626"
      color "#ffffff"
  }
  element "ECM" {
      background "#059669"
      color "#ffffff"
  }
  element "Firma/PKI" {
      background "#7c2d12"
      color "#ffffff"
  }
  element "Compliance" {
      background "#1e40af"
      color "#ffffff"
  }
  element "Mensajería" {
      background "#be185d"
      color "#ffffff"
  }
  element "MFT" {
      background "#92400e"
      color "#ffffff"
  }
  relationship "Async" {
      dashed true
  }
}

theme default
}
}