workspace extends ../common/finance-common-model.dsl {
    name "External payment system overview"
    description "External payment systems are responsible for processing payments, chargebacks, refunds, and etc."

    model {

        pspSystems = softwareSystem "PSPs" {
            description "External payment system providers (PSP)"
            tags "FinanceDomain" "Payments" "External"
        }

        tangoProviderSystem = softwareSystem "Tango provider system" {
            description "Main payment provider (PCI DSS)"
            tags "FinanceDomain" "Payments" "PayIn"

            group CDE {
                pciDssVault = container "PCI DSS Vault" {
                    description "Store keys to decrypt tokens and PANs"
                    technology "HashiCorp Vault"
                    tags "Google Cloud Platform - Compute Engine" "Database" "Vault"
                }

                pciDssTokenDb = container "PAN & tokens keys DB" {
                    technology "PostgresSQL"
                    tags "Google Cloud Platform - Compute Engine" "Database" "PostgresSQL"
                    description "Responsible for storing encrypted tokens and PANs (Payment account number)"
                }
            }

            group DMZ {
                
                tangoProviderTokenizationService = container "Tokenization service" {
                    tags "Google Cloud Platform - Kubernetes Engine" "FinanceDomain" "Payments"
                    technology "Java"
                    description "Responsible for token management"

                    -> pciDssTokenDb "Get tokens & encrypted PAN" "Vault client"
                    -> pciDssVault "Decrypt card details" "SQL"
                }

                tangoProviderPaymentGateway = container "Tango provider payment gateway" {
                    tags "Google Cloud Platform - Kubernetes Engine" "FinanceDomain" "Payments"
                    technology "Java"
                    description "Responsible for payment orchestration"
                    
                    -> tangoProviderTokenizationService "Get card data" "HTTPS"
                    -> pspSystems "Purchase by card details" "HTTPS"
                    -> pspSystems "Get transaction status" "HTTPS"
                }

                tangoProviderFirewall = container "TangoProviderFirewall" {
                    technology "Balancer"
                    tags "Google Cloud Platform - Cloud Load Balancing"

                    
                    -> tangoProviderPaymentGateway "Purchase" "HTTPS"
                    -> tangoProviderPaymentGateway "Get transaction status" "HTTPS"
                }
            }
        }

        !extend externalPaymentSystem {

            externalPaymentSystemApi = container "ExternalPaymentSystemApi" {
                description "Logical routing between payment providers"
                technology "Logical"

                -> tangoProviderSystem "Purchase" "HTTPS"
                -> pspSystems "Purchase" "HTTPS"
                -> tangoProviderSystem "Get transaction status" "HTTPS"
                -> pspSystems "Get transaction status" "HTTPS"
            }

            user -> this "Purchase" "HTTPS"
            paymentRouter -> this "Get transaction status" "HTTPS"
        }
    }

    views {

        systemLandscape "SystemLandscape" "External payment system landscape" {
            include *
            autoLayout
        }

        systemcontext externalPaymentSystem "externalPaymentSystemContext" {
            include *
            autoLayout
        }

        systemcontext tangoProviderSystem "tangoProviderSystemContext" {
            include *
            autoLayout
        }

        container tangoProviderSystem "tangoProviderContainer" {
            include *
            autoLayout
        }

        container externalPaymentSystem "externalPaymentSystemContainer" {
            include *
            autoLayout
        }
    }

}