Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(sdk): Multi-Projekt-Architektur — mehrere Projekte pro Tenant
Some checks failed
CI / go-lint (push) Has been skipped
Details
CI / python-lint (push) Has been skipped
Details
CI / nodejs-lint (push) Has been skipped
Details
CI / test-go-ai-compliance (push) Failing after 33s
Details
CI / test-python-backend-compliance (push) Successful in 34s
Details
CI / test-python-document-crawler (push) Successful in 23s
Details
CI / test-python-dsms-gateway (push) Successful in 19s
Details

Browse Source 
Jeder Tenant kann jetzt mehrere Compliance-Projekte anlegen (z.B. verschiedene
Produkte, Tochterunternehmen). CompanyProfile ist pro Projekt kopierbar und
danach unabhaengig editierbar. Multi-Tab-Support via separater BroadcastChannel
und localStorage Keys pro Projekt.

- Migration 039: compliance_projects Tabelle, sdk_states.project_id
- Backend: FastAPI CRUD-Routes fuer Projekte mit Tenant-Isolation
- Frontend: ProjectSelector UI, SDKProvider mit projectId, URL ?project=
- State API: UPSERT auf (tenant_id, project_id) mit Abwaertskompatibilitaet
- Tests: pytest fuer Model-Validierung, Row-Konvertierung, Tenant-Isolation
- Docs: MKDocs Seite, CLAUDE.md, Backend README

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
2026-03-09 14:53:50 +01:00
parent d3fc4cdaaa
commit 0affa4eb66
19 changed files with 1833 additions and 102 deletions
Download Patch File Download Diff File Expand all files Collapse all files

120
admin-compliance/app/api/sdk/v1/projects/[projectId]/route.ts Normal file
View File

@@ -0,0 +1,120 @@
import { NextRequest, NextResponse } from 'next/server'
const BACKEND_URL = process.env.BACKEND_URL || 'http://backend-compliance:8002'
/**
* Proxy: GET /api/sdk/v1/projects/{projectId} → Backend
*/
export async function GET(
request: NextRequest,
{ params }: { params: Promise<{ projectId: string }> }
) {
try {
const { projectId } = await params
const tenantId = request.headers.get('X-Tenant-ID') ||
new URL(request.url).searchParams.get('tenant_id') || ''
const response = await fetch(
`${BACKEND_URL}/api/v1/projects/${projectId}?tenant_id=${encodeURIComponent(tenantId)}`,
{
headers: { 'X-Tenant-ID': tenantId },
}
)
if (!response.ok) {
const errorText = await response.text()
return NextResponse.json(
{ error: 'Backend error', details: errorText },
{ status: response.status }
)
}
return NextResponse.json(await response.json())
} catch (error) {
console.error('Failed to get project:', error)
return NextResponse.json(
{ error: 'Failed to connect to backend' },
{ status: 503 }
)
}
}
/**
* Proxy: PATCH /api/sdk/v1/projects/{projectId} → Backend
*/
export async function PATCH(
request: NextRequest,
{ params }: { params: Promise<{ projectId: string }> }
) {
try {
const { projectId } = await params
const body = await request.json()
const tenantId = body.tenant_id || request.headers.get('X-Tenant-ID') || ''
const response = await fetch(
`${BACKEND_URL}/api/v1/projects/${projectId}?tenant_id=${encodeURIComponent(tenantId)}`,
{
method: 'PATCH',
headers: {
'Content-Type': 'application/json',
'X-Tenant-ID': tenantId,
},
body: JSON.stringify(body),
}
)
if (!response.ok) {
const errorText = await response.text()
return NextResponse.json(
{ error: 'Backend error', details: errorText },
{ status: response.status }
)
}
return NextResponse.json(await response.json())
} catch (error) {
console.error('Failed to update project:', error)
return NextResponse.json(
{ error: 'Failed to connect to backend' },
{ status: 503 }
)
}
}
/**
* Proxy: DELETE /api/sdk/v1/projects/{projectId} → Backend (soft delete)
*/
export async function DELETE(
request: NextRequest,
{ params }: { params: Promise<{ projectId: string }> }
) {
try {
const { projectId } = await params
const tenantId = request.headers.get('X-Tenant-ID') ||
new URL(request.url).searchParams.get('tenant_id') || ''
const response = await fetch(
`${BACKEND_URL}/api/v1/projects/${projectId}?tenant_id=${encodeURIComponent(tenantId)}`,
{
method: 'DELETE',
headers: { 'X-Tenant-ID': tenantId },
}
)
if (!response.ok) {
const errorText = await response.text()
return NextResponse.json(
{ error: 'Backend error', details: errorText },
{ status: response.status }
)
}
return NextResponse.json(await response.json())
} catch (error) {
console.error('Failed to archive project:', error)
return NextResponse.json(
{ error: 'Failed to connect to backend' },
{ status: 503 }
)
}
}

75
admin-compliance/app/api/sdk/v1/projects/route.ts Normal file
View File

@@ -0,0 +1,75 @@
import { NextRequest, NextResponse } from 'next/server'
const BACKEND_URL = process.env.BACKEND_URL || 'http://backend-compliance:8002'
/**
* Proxy: GET /api/sdk/v1/projects → Backend GET /api/v1/projects
*/
export async function GET(request: NextRequest) {
try {
const { searchParams } = new URL(request.url)
const tenantId = searchParams.get('tenant_id') || request.headers.get('X-Tenant-ID') || ''
const includeArchived = searchParams.get('include_archived') || 'false'
const response = await fetch(
`${BACKEND_URL}/api/v1/projects?tenant_id=${encodeURIComponent(tenantId)}&include_archived=${includeArchived}`,
{
headers: { 'X-Tenant-ID': tenantId },
}
)
if (!response.ok) {
const errorText = await response.text()
return NextResponse.json(
{ error: 'Backend error', details: errorText },
{ status: response.status }
)
}
return NextResponse.json(await response.json())
} catch (error) {
console.error('Failed to list projects:', error)
return NextResponse.json(
{ error: 'Failed to connect to backend' },
{ status: 503 }
)
}
}
/**
* Proxy: POST /api/sdk/v1/projects → Backend POST /api/v1/projects
*/
export async function POST(request: NextRequest) {
try {
const body = await request.json()
const tenantId = body.tenant_id || request.headers.get('X-Tenant-ID') || ''
const response = await fetch(
`${BACKEND_URL}/api/v1/projects?tenant_id=${encodeURIComponent(tenantId)}`,
{
method: 'POST',
headers: {
'Content-Type': 'application/json',
'X-Tenant-ID': tenantId,
},
body: JSON.stringify(body),
}
)
if (!response.ok) {
const errorText = await response.text()
return NextResponse.json(
{ error: 'Backend error', details: errorText },
{ status: response.status }
)
}
return NextResponse.json(await response.json(), { status: 201 })
} catch (error) {
console.error('Failed to create project:', error)
return NextResponse.json(
{ error: 'Failed to connect to backend' },
{ status: 503 }
)
}
}

162
admin-compliance/app/api/sdk/v1/state/route.ts
View File

@@ -2,17 +2,18 @@ import { NextRequest, NextResponse } from 'next/server'
import { Pool } from 'pg'
/**
* SDK State Management API
* SDK State Management API (Multi-Project)
*
* GET /api/sdk/v1/state?tenantId=xxx - Load state for a tenant
* POST /api/sdk/v1/state - Save state for a tenant
* DELETE /api/sdk/v1/state?tenantId=xxx - Clear state for a tenant
* GET /api/sdk/v1/state?tenantId=xxx&projectId=yyy - Load state for a tenant+project
* POST /api/sdk/v1/state - Save state for a tenant+project
* DELETE /api/sdk/v1/state?tenantId=xxx&projectId=yyy - Clear state
*
* Features:
* - Versioning for optimistic locking
* - Last-Modified headers
* - ETag support for caching
* - PostgreSQL persistence (with InMemory fallback)
* - projectId support for multi-project architecture
*/
// =============================================================================
@@ -32,25 +33,31 @@ interface StoredState {
// =============================================================================
interface StateStore {
get(tenantId: string): Promise<StoredState | null>
save(tenantId: string, state: unknown, userId?: string, expectedVersion?: number): Promise<StoredState>
delete(tenantId: string): Promise<boolean>
get(tenantId: string, projectId?: string): Promise<StoredState | null>
save(tenantId: string, state: unknown, userId?: string, expectedVersion?: number, projectId?: string): Promise<StoredState>
delete(tenantId: string, projectId?: string): Promise<boolean>
}
class InMemoryStateStore implements StateStore {
private store: Map<string, StoredState> = new Map()
async get(tenantId: string): Promise<StoredState | null> {
return this.store.get(tenantId) || null
private key(tenantId: string, projectId?: string): string {
return projectId ? `${tenantId}:${projectId}` : tenantId
}
async get(tenantId: string, projectId?: string): Promise<StoredState | null> {
return this.store.get(this.key(tenantId, projectId)) || null
}
async save(
tenantId: string,
state: unknown,
userId?: string,
expectedVersion?: number
expectedVersion?: number,
projectId?: string
): Promise<StoredState> {
const existing = this.store.get(tenantId)
const k = this.key(tenantId, projectId)
const existing = this.store.get(k)
if (expectedVersion !== undefined && existing && existing.version !== expectedVersion) {
const error = new Error('Version conflict') as Error & { status: number }
@@ -72,12 +79,12 @@ class InMemoryStateStore implements StateStore {
updatedAt: now,
}
this.store.set(tenantId, stored)
this.store.set(k, stored)
return stored
}
async delete(tenantId: string): Promise<boolean> {
return this.store.delete(tenantId)
async delete(tenantId: string, projectId?: string): Promise<boolean> {
return this.store.delete(this.key(tenantId, projectId))
}
}
@@ -93,11 +100,26 @@ class PostgreSQLStateStore implements StateStore {
})
}
async get(tenantId: string): Promise<StoredState | null> {
const result = await this.pool.query(
'SELECT state, version, user_id, created_at, updated_at FROM sdk_states WHERE tenant_id = $1',
[tenantId]
)
async get(tenantId: string, projectId?: string): Promise<StoredState | null> {
let result
if (projectId) {
result = await this.pool.query(
'SELECT state, version, user_id, created_at, updated_at FROM sdk_states WHERE tenant_id = $1 AND project_id = $2',
[tenantId, projectId]
)
} else {
// Backwards compatibility: find the single active project for this tenant
result = await this.pool.query(
`SELECT s.state, s.version, s.user_id, s.created_at, s.updated_at
FROM sdk_states s
LEFT JOIN compliance_projects p ON s.project_id = p.id
WHERE s.tenant_id = $1
AND (p.status = 'active' OR p.id IS NULL)
ORDER BY s.updated_at DESC
LIMIT 1`,
[tenantId]
)
}
if (result.rows.length === 0) return null
const row = result.rows[0]
return {
@@ -109,25 +131,71 @@ class PostgreSQLStateStore implements StateStore {
}
}
async save(tenantId: string, state: unknown, userId?: string, expectedVersion?: number): Promise<StoredState> {
async save(tenantId: string, state: unknown, userId?: string, expectedVersion?: number, projectId?: string): Promise<StoredState> {
const now = new Date().toISOString()
const stateWithTimestamp = {
...(state as object),
lastModified: now,
}
// Use UPSERT with version check
const result = await this.pool.query(`
INSERT INTO sdk_states (tenant_id, user_id, state, version, created_at, updated_at)
VALUES ($1, $2, $3::jsonb, 1, NOW(), NOW())
ON CONFLICT (tenant_id) DO UPDATE SET
state = $3::jsonb,
user_id = COALESCE($2, sdk_states.user_id),
version = sdk_states.version + 1,
updated_at = NOW()
WHERE ($4::int IS NULL OR sdk_states.version = $4)
RETURNING version, user_id, created_at, updated_at
`, [tenantId, userId, JSON.stringify(stateWithTimestamp), expectedVersion ?? null])
let result
if (projectId) {
// Multi-project: UPSERT on (tenant_id, project_id)
result = await this.pool.query(`
INSERT INTO sdk_states (tenant_id, project_id, user_id, state, version, created_at, updated_at)
VALUES ($1, $5, $2, $3::jsonb, 1, NOW(), NOW())
ON CONFLICT (tenant_id, project_id) DO UPDATE SET
state = $3::jsonb,
user_id = COALESCE($2, sdk_states.user_id),
version = sdk_states.version + 1,
updated_at = NOW()
WHERE ($4::int IS NULL OR sdk_states.version = $4)
RETURNING version, user_id, created_at, updated_at
`, [tenantId, userId, JSON.stringify(stateWithTimestamp), expectedVersion ?? null, projectId])
} else {
// Backwards compatibility: find the single project for this tenant
// First try to find an existing project
const projectResult = await this.pool.query(
`SELECT id FROM compliance_projects WHERE tenant_id = $1 AND status = 'active' ORDER BY created_at ASC LIMIT 1`,
[tenantId]
)
if (projectResult.rows.length > 0) {
const foundProjectId = projectResult.rows[0].id
result = await this.pool.query(`
INSERT INTO sdk_states (tenant_id, project_id, user_id, state, version, created_at, updated_at)
VALUES ($1, $5, $2, $3::jsonb, 1, NOW(), NOW())
ON CONFLICT (tenant_id, project_id) DO UPDATE SET
state = $3::jsonb,
user_id = COALESCE($2, sdk_states.user_id),
version = sdk_states.version + 1,
updated_at = NOW()
WHERE ($4::int IS NULL OR sdk_states.version = $4)
RETURNING version, user_id, created_at, updated_at
`, [tenantId, userId, JSON.stringify(stateWithTimestamp), expectedVersion ?? null, foundProjectId])
} else {
// No project exists — create a default one
const newProject = await this.pool.query(
`INSERT INTO compliance_projects (tenant_id, name, customer_type, status)
VALUES ($1, 'Projekt 1', 'new', 'active')
RETURNING id`,
[tenantId]
)
const newProjectId = newProject.rows[0].id
result = await this.pool.query(`
INSERT INTO sdk_states (tenant_id, project_id, user_id, state, version, created_at, updated_at)
VALUES ($1, $5, $2, $3::jsonb, 1, NOW(), NOW())
ON CONFLICT (tenant_id, project_id) DO UPDATE SET
state = $3::jsonb,
user_id = COALESCE($2, sdk_states.user_id),
version = sdk_states.version + 1,
updated_at = NOW()
WHERE ($4::int IS NULL OR sdk_states.version = $4)
RETURNING version, user_id, created_at, updated_at
`, [tenantId, userId, JSON.stringify(stateWithTimestamp), expectedVersion ?? null, newProjectId])
}
}
if (result.rows.length === 0) {
const error = new Error('Version conflict') as Error & { status: number }
@@ -145,11 +213,19 @@ class PostgreSQLStateStore implements StateStore {
}
}
async delete(tenantId: string): Promise<boolean> {
const result = await this.pool.query(
'DELETE FROM sdk_states WHERE tenant_id = $1',
[tenantId]
)
async delete(tenantId: string, projectId?: string): Promise<boolean> {
let result
if (projectId) {
result = await this.pool.query(
'DELETE FROM sdk_states WHERE tenant_id = $1 AND project_id = $2',
[tenantId, projectId]
)
} else {
result = await this.pool.query(
'DELETE FROM sdk_states WHERE tenant_id = $1',
[tenantId]
)
}
return (result.rowCount ?? 0) > 0
}
}
@@ -186,6 +262,7 @@ export async function GET(request: NextRequest) {
try {
const { searchParams } = new URL(request.url)
const tenantId = searchParams.get('tenantId')
const projectId = searchParams.get('projectId') || undefined
if (!tenantId) {
return NextResponse.json(
@@ -194,7 +271,7 @@ export async function GET(request: NextRequest) {
)
}
const stored = await stateStore.get(tenantId)
const stored = await stateStore.get(tenantId, projectId)
if (!stored) {
return NextResponse.json(
@@ -216,6 +293,7 @@ export async function GET(request: NextRequest) {
success: true,
data: {
tenantId,
projectId: projectId || null,
state: stored.state,
version: stored.version,
lastModified: stored.updatedAt,
@@ -241,7 +319,7 @@ export async function GET(request: NextRequest) {
export async function POST(request: NextRequest) {
try {
const body = await request.json()
const { tenantId, state, version } = body
const { tenantId, state, version, projectId } = body
if (!tenantId) {
return NextResponse.json(
@@ -261,7 +339,7 @@ export async function POST(request: NextRequest) {
const ifMatch = request.headers.get('If-Match')
const expectedVersion = ifMatch ? parseInt(ifMatch, 10) : version
const stored = await stateStore.save(tenantId, state, body.userId, expectedVersion)
const stored = await stateStore.save(tenantId, state, body.userId, expectedVersion, projectId || undefined)
const etag = generateETag(stored.version, stored.updatedAt)
@@ -270,6 +348,7 @@ export async function POST(request: NextRequest) {
success: true,
data: {
tenantId,
projectId: projectId || null,
state: stored.state,
version: stored.version,
lastModified: stored.updatedAt,
@@ -309,6 +388,7 @@ export async function DELETE(request: NextRequest) {
try {
const { searchParams } = new URL(request.url)
const tenantId = searchParams.get('tenantId')
const projectId = searchParams.get('projectId') || undefined
if (!tenantId) {
return NextResponse.json(
@@ -317,7 +397,7 @@ export async function DELETE(request: NextRequest) {
)
}
const deleted = await stateStore.delete(tenantId)
const deleted = await stateStore.delete(tenantId, projectId)
if (!deleted) {
return NextResponse.json(