TPT Open Source

tpt-resource-consent-nz

Go

Transparent resource consent register for Aotearoa New Zealand — public submissions, council workflow, RealMe identity, LINZ address verification, and iCal hearings feed. Built on the RMA 1991.

0 stars0 forks0 watchersMIT License
civic-techgolanglinznew-zealandnextjspostgresqlrealmeresource-consentrmarma-1991
View on GitHubLive Demo

Languages

Go69.0%TypeScript29.2%CSS1.3%Makefile0.2%JavaScript0.1%Dockerfile0.1%
README

app-resource-consent — Resource Consent Collaboration

A transparent resource consent application register with public submission support, built on the Resource Management Act 1991.

RealMe: Verified Identity for applicants | Login for submitters External: LINZ Data Service (address/boundary verification)

Features

  • Applicant portal — lodge consent applications with RealMe Verified Identity.
  • Public register — browse all publicly notified consents (unauthenticated).
  • Submission period — any person may make a submission on a notified consent.
  • LINZ address verification — submitter's address is matched against LINZ property boundaries to establish affected-person status (s95B RMA).
  • Council staff dashboard — process applications, trigger public notification.
  • Hearing management — track hearing schedules and decisions.

Setup

Prerequisites

  • Go 1.23+
  • Node 20+ / pnpm 9+
  • Docker Compose
  • LINZ API key (register at data.linz.govt.nz)
  • RealMe MTS credentials

Local development

# From project root
make dev

cd packages/app-resource-consent
docker compose up -d

# API: http://localhost:8086
# Frontend: cd web && pnpm dev

Environment variables

| Variable | Default | Description | |----------|---------|-------------| | LISTEN_ADDR | :8080 | HTTP listen address | | DATABASE_URL | — | PostgreSQL connection string | | LINZ_API_KEY | — | LINZ Data Service API key (optional — address verification degrades gracefully) | | ALLOWED_ORIGINS | "" (echo request origin) | CORS allowed origin, e.g. https://consents.example.nz | | REALME_ENVIRONMENT | mts | mts, ite, or production | | REALME_CERT_FILE | — | SP signing certificate | | REALME_KEY_FILE | — | SP private key | | REALME_ENTITY_ID | — | SP entity ID | | REALME_ACS_URL | — | Assertion Consumer Service URL |

Frontend (web/)

Set API_URL in the Next.js environment to point at the Go server. In development this defaults to http://localhost:8086 via web/next.config.js. The Next.js app proxies all /api/* requests to the Go backend, so no browser CORS issues occur.

Database migration

atlas schema apply \
  --dir "file://packages/app-resource-consent/migrations" \
  --url "$DATABASE_URL" \
  --auto-approve

API

The Go server exposes routes without an /api/ prefix. The Next.js frontend proxies /api/* → Go server root, so frontend code calls /api/consents which reaches Go's /consents.

| Method | Path | Auth | Description | |--------|------|------|-------------| | GET | /consents | None | List applications (?council=&limit=20&offset=0) | | GET | /consents/{id} | None | Get application detail | | POST | /consents | Verified | Create draft application | | PUT | /consents/{id} | Verified | Update draft (applicant only) | | POST | /consents/{id}/submit | Verified | Submit draft to council | | POST | /consents/{id}/withdraw | Verified | Withdraw application | | GET | /consents/{id}/submissions | None | List public submissions | | POST | /consents/{id}/submissions | Verified | Lodge a public submission | | POST | /consents/{id}/submissions/{subId}/withdraw | Verified | Withdraw a submission | | GET | /consents/{id}/firs | None | List s92 further information requests | | POST | /consents/{id}/firs/{firId}/respond | Verified | Respond to FIR | | GET | /notifications | None | Active submission periods | | GET | /hearings.ics | None | iCal feed of upcoming hearings | | GET | /address-search | None | LINZ address autocomplete (?q=) | | POST | /subscriptions | None | Subscribe to new-notification alerts | | GET | /council/applications | Login | List applications (?council=&limit=50&offset=0) | | GET | /council/applications.csv | Login | Export as CSV | | POST | /council/applications/{id}/notify | Login | Publicly notify (sets closingDate + noticeUrl) | | POST | /council/applications/{id}/decide | Login | Record decision (granted / refused / granted-with-conditions) | | POST | /council/applications/{id}/hearings | Login | Schedule a hearing | | POST | /council/applications/{id}/firs | Login | Issue s92 FIR | | GET | /auth/login | — | Initiate RealMe login | | GET | /auth/callback | — | SAML assertion consumer | | GET | /auth/logout | — | Destroy session | | GET | /auth/metadata | — | SP SAML metadata | | GET | /health | None | Health check |

RealMe Registration

This app requires:

  • Assertion Service (Verified Identity) for applicants — to confirm their identity and address.
  • Login Service for submitters — basic identity is sufficient for submissions.

Register both tiers at developers.realme.govt.nz when ready for ITE testing.

Legislation

  • Resource Management Act 1991 (ss 88, 95, 95A, 95B)
  • Local Government Act 2002
  • Privacy Act 2020

Contributing

Contributions are welcome. Please open an issue before submitting a pull request for non-trivial changes.

  • Go code: go test ./... must pass; run golangci-lint run before submitting
  • TypeScript: pnpm --filter @tpt-nz/ui-shared test for component tests
  • Migrations: add a new numbered file in migrations/, do not edit existing files

License

MIT — see LICENSE.