From 4b9cf342435c5963b8164a500cfabb88ab91b6ad Mon Sep 17 00:00:00 2001 From: Benjamin Admin Date: Sun, 3 May 2026 07:09:16 +0200 Subject: [PATCH] feat: Full template cleanup + categories by use case MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Cleanup (109): - Removed DPA duplicates (v1 DE + v1 EN, kept v2 DE) - Removed cookie_banner duplicate (kept larger with IF-blocks) - Removed impressum duplicate (kept larger with IF-blocks) - Removed TOM duplicate (kept newest) - Removed DSFA v1 (kept v2) - Kept all 8 VVT templates (1 main + 7 industry templates) - DB: 98 → 88 templates, 0 duplicates remaining Categories restructured by use case: - Website/App: DSI, Impressum, Cookie, Social Media - Online-Shop: AGB, Widerruf, DSI, Cookie - SaaS/Cloud: AGB, AVV, SLA, Cloud Agreement - App/Plattform: Nutzungsbedingungen, Community Guidelines, AUP - Vertraege (B2B): AVV, NDA, SLA, Cloud - DSGVO-Pflichten: TOM, VVT, Loeschkonzept, DSFA - Sicherheitskonzepte + Richtlinien (separate categories) - HR & Mitarbeiter, Daten-Governance, Vendor, BCM Co-Authored-By: Claude Opus 4.6 (1M context) --- .../app/sdk/document-generator/_constants.ts | 85 ++++++++++++------- .../migrations/109_full_template_cleanup.sql | 78 +++++++++++++++++ 2 files changed, 133 insertions(+), 30 deletions(-) create mode 100644 backend-compliance/migrations/109_full_template_cleanup.sql diff --git a/admin-compliance/app/sdk/document-generator/_constants.ts b/admin-compliance/app/sdk/document-generator/_constants.ts index 50506c8..8913ee2 100644 --- a/admin-compliance/app/sdk/document-generator/_constants.ts +++ b/admin-compliance/app/sdk/document-generator/_constants.ts @@ -6,39 +6,64 @@ import { TemplateContext } from './contextBridge' export const CATEGORIES: { key: string; label: string; types: string[] | null }[] = [ { key: 'all', label: 'Alle', types: null }, - { key: 'privacy_policy', label: 'Datenschutz', types: ['privacy_policy'] }, - { key: 'terms', label: 'AGB', types: ['terms_of_service', 'agb', 'clause'] }, - { key: 'impressum', label: 'Impressum', types: ['impressum'] }, - { key: 'dpa', label: 'AVV/DPA', types: ['dpa'] }, - { key: 'nda', label: 'NDA', types: ['nda'] }, - { key: 'sla', label: 'SLA', types: ['sla'] }, - { key: 'acceptable_use', label: 'AUP', types: ['acceptable_use'] }, - { key: 'widerruf', label: 'Widerruf', types: ['widerruf'] }, - { key: 'cookie', label: 'Cookie', types: ['cookie_policy', 'cookie_banner'] }, - { key: 'cloud', label: 'Cloud', types: ['cloud_service_agreement'] }, - { key: 'misc', label: 'Weitere', types: ['community_guidelines', 'copyright_policy', 'data_usage_clause'] }, - { key: 'dsfa', label: 'DSFA', types: ['dsfa'] }, - { key: 'dsr', label: 'DSR-Prozesse', types: [ + + // ── Nach Nutzungskontext sortiert ────────────────────────────────────── + + // Jede Website / App braucht: + { key: 'website', label: 'Website / App', types: ['privacy_policy', 'impressum', 'cookie_policy', 'cookie_banner', 'social_media_dsi'] }, + + // Online-Shop / E-Commerce: + { key: 'shop', label: 'Online-Shop', types: ['agb', 'widerruf', 'privacy_policy', 'impressum', 'cookie_policy', 'cookie_banner'] }, + + // SaaS / Cloud-Dienst: + { key: 'saas', label: 'SaaS / Cloud', types: ['agb', 'dpa', 'sla', 'cloud_service_agreement', 'privacy_policy', 'terms_of_use'] }, + + // App / Plattform mit Nutzern: + { key: 'platform', label: 'App / Plattform', types: ['terms_of_use', 'community_guidelines', 'privacy_policy', 'agb', 'acceptable_use', 'media_content_policy', 'copyright_policy'] }, + + // Vertraege mit Geschaeftspartnern: + { key: 'contracts', label: 'Vertraege (B2B)', types: ['dpa', 'nda', 'sla', 'cloud_service_agreement', 'data_usage_clause'] }, + + // Drittlandtransfer: + { key: 'third_country', label: 'Drittlandtransfer', types: ['transfer_impact_assessment', 'scc_companion'] }, + + // ── Interne Compliance-Dokumente ────────────────────────────────────── + + // DSGVO-Kernpflichten: + { key: 'dsgvo_core', label: 'DSGVO-Pflichten', types: ['tom_documentation', 'vvt_register', 'loeschkonzept', 'dsfa', 'pflichtenregister'] }, + + // Betroffenenrechte: + { key: 'dsr', label: 'Betroffenenrechte', types: [ 'dsr_process_art15', 'dsr_process_art16', 'dsr_process_art17', 'dsr_process_art18', 'dsr_process_art19', 'dsr_process_art20', 'dsr_process_art21', ]}, - { key: 'terms_of_use', label: 'Nutzungsbedingungen', types: ['terms_of_use'] }, - { key: 'tom', label: 'TOM', types: ['tom_documentation'] }, - { key: 'media', label: 'Medien/Content', types: ['media_content_policy'] }, - { key: 'social_media', label: 'Social Media DSI', types: ['social_media_dsi'] }, - { key: 'whistleblower', label: 'Whistleblower', types: ['whistleblower_policy'] }, - { key: 'hr_dsi', label: 'HR-Datenschutz', types: ['applicant_dsi', 'employee_dsi'] }, - { key: 'isms', label: 'ISMS', types: ['isms_manual'] }, - { key: 'consent_texts', label: 'Einwilligungen', types: ['consent_texts'] }, - { key: 'special_dsi', label: 'Spezial-DSI', types: ['video_conference_dsi'] }, - { key: 'internal_policies', label: 'Interne Richtlinien', types: ['byod_policy', 'ai_usage_policy'] }, - { key: 'module_docs', label: 'Konzepte', types: ['vvt_register', 'loeschkonzept', 'pflichtenregister', 'it_security_concept', 'data_protection_concept', 'backup_recovery_concept', 'logging_concept', 'incident_response_plan', 'access_control_concept', 'risk_management_concept'] }, - { key: 'security_policies', label: 'Sicherheitsrichtlinien', types: ['information_security_policy', 'access_control_policy', 'password_policy', 'encryption_policy', 'cybersecurity_policy'] }, - { key: 'hr_policies', label: 'HR-Richtlinien', types: ['employee_security_policy', 'security_awareness_policy', 'remote_work_policy', 'offboarding_policy'] }, - { key: 'data_policies', label: 'Datenrichtlinien', types: ['data_protection_policy', 'data_classification_policy', 'data_retention_policy', 'data_transfer_policy', 'privacy_incident_policy'] }, - { key: 'vendor_policies', label: 'Lieferanten', types: ['vendor_risk_management_policy', 'third_party_security_policy', 'supplier_security_policy'] }, - { key: 'third_country', label: 'Drittlandtransfer', types: ['transfer_impact_assessment', 'scc_companion'] }, - { key: 'bcm_policies', label: 'BCM/Notfall', types: ['business_continuity_policy', 'disaster_recovery_policy', 'crisis_management_policy'] }, + + // Datenschutz-Informationen (alle DSI-Typen): + { key: 'dsi', label: 'Datenschutzinfos', types: ['privacy_policy', 'applicant_dsi', 'employee_dsi', 'social_media_dsi', 'video_conference_dsi', 'informationspflichten'] }, + + // Einwilligungen: + { key: 'consent', label: 'Einwilligungen', types: ['consent_texts', 'cookie_banner', 'verpflichtungserklaerung'] }, + + // ── Sicherheit & IT ─────────────────────────────────────────────────── + + { key: 'security_concepts', label: 'Sicherheitskonzepte', types: ['it_security_concept', 'data_protection_concept', 'backup_recovery_concept', 'logging_concept', 'incident_response_plan', 'access_control_concept', 'risk_management_concept', 'isms_manual'] }, + + { key: 'security_policies', label: 'Sicherheitsrichtlinien', types: [ + 'information_security_policy', 'access_control_policy', 'password_policy', 'encryption_policy', + 'cybersecurity_policy', 'incident_response_policy', 'logging_policy', 'patch_management_policy', + 'vulnerability_management_policy', 'secrets_management_policy', 'devsecops_policy', + 'cloud_security_policy', 'change_management_policy', 'asset_management_policy', 'backup_policy', + ]}, + + // ── Organisation & HR ───────────────────────────────────────────────── + + { key: 'hr', label: 'HR & Mitarbeiter', types: ['applicant_dsi', 'employee_dsi', 'employee_security_policy', 'security_awareness_policy', 'remote_work_policy', 'offboarding_policy', 'byod_policy', 'ai_usage_policy', 'whistleblower_policy'] }, + + { key: 'data_governance', label: 'Daten-Governance', types: ['data_protection_policy', 'data_classification_policy', 'data_retention_policy', 'data_transfer_policy', 'privacy_incident_policy'] }, + + { key: 'vendor', label: 'Lieferanten / Vendor', types: ['vendor_risk_management_policy', 'third_party_security_policy', 'supplier_security_policy', 'dpa'] }, + + { key: 'bcm', label: 'BCM / Notfall', types: ['business_continuity_policy', 'disaster_recovery_policy', 'crisis_management_policy', 'incident_response_plan'] }, ] // ============================================================================= diff --git a/backend-compliance/migrations/109_full_template_cleanup.sql b/backend-compliance/migrations/109_full_template_cleanup.sql new file mode 100644 index 0000000..03ecc6b --- /dev/null +++ b/backend-compliance/migrations/109_full_template_cleanup.sql @@ -0,0 +1,78 @@ +-- Migration 109: Vollstaendige Template-Bereinigung +-- Entfernt Duplikate, behaelt jeweils die neueste/groesste Version + +-- =========================================================================== +-- 1. DPA: Behalte v2 DE (unseres aus 088), loesche v1 DE + v1 EN +-- =========================================================================== +DELETE FROM compliance_legal_templates +WHERE document_type = 'dpa' + AND tenant_id = '9282a473-5c95-4b3a-bf78-0ecc0ec71d3e' + AND version != '2.0' + AND language = 'de'; + +DELETE FROM compliance_legal_templates +WHERE document_type = 'dpa' + AND language = 'en' + AND version = '1.0.0' + AND tenant_id = '9282a473-5c95-4b3a-bf78-0ecc0ec71d3e'; + +-- =========================================================================== +-- 2. Cookie-Banner: Behalte das groessere (IF-Bloecke), loesche das kleinere +-- =========================================================================== +DELETE FROM compliance_legal_templates +WHERE document_type = 'cookie_banner' + AND tenant_id = '9282a473-5c95-4b3a-bf78-0ecc0ec71d3e' + AND id != ( + SELECT id FROM compliance_legal_templates + WHERE document_type = 'cookie_banner' + AND tenant_id = '9282a473-5c95-4b3a-bf78-0ecc0ec71d3e' + ORDER BY length(content) DESC + LIMIT 1 + ); + +-- =========================================================================== +-- 3. Impressum: Behalte das groessere (IF-Bloecke), loesche das kleinere +-- =========================================================================== +DELETE FROM compliance_legal_templates +WHERE document_type = 'impressum' + AND tenant_id = '9282a473-5c95-4b3a-bf78-0ecc0ec71d3e' + AND id != ( + SELECT id FROM compliance_legal_templates + WHERE document_type = 'impressum' + AND tenant_id = '9282a473-5c95-4b3a-bf78-0ecc0ec71d3e' + ORDER BY length(content) DESC + LIMIT 1 + ); + +-- =========================================================================== +-- 4. TOM: Behalte das neueste, loesche Duplikat +-- =========================================================================== +DELETE FROM compliance_legal_templates +WHERE document_type = 'tom_documentation' + AND tenant_id = '9282a473-5c95-4b3a-bf78-0ecc0ec71d3e' + AND id != ( + SELECT id FROM compliance_legal_templates + WHERE document_type = 'tom_documentation' + AND tenant_id = '9282a473-5c95-4b3a-bf78-0ecc0ec71d3e' + ORDER BY updated_at DESC + LIMIT 1 + ); + +-- =========================================================================== +-- 5. DSFA: Behalte v2 (groesser), loesche v1 +-- =========================================================================== +DELETE FROM compliance_legal_templates +WHERE document_type = 'dsfa' + AND tenant_id = '9282a473-5c95-4b3a-bf78-0ecc0ec71d3e' + AND id != ( + SELECT id FROM compliance_legal_templates + WHERE document_type = 'dsfa' + AND tenant_id = '9282a473-5c95-4b3a-bf78-0ecc0ec71d3e' + ORDER BY length(content) DESC + LIMIT 1 + ); + +-- =========================================================================== +-- 6. VVT: NICHT loeschen — alle 7 behalten (Branchenvorlagen sind wertvoll) +-- =========================================================================== +-- Keine Aktion