refactor(admin): split lib/sdk/types.ts and vendor-compliance/types.ts into domain barrels

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-17 09:05:08 +02:00
parent 3180457f20
commit 535d3d8c20
8 changed files with 334 additions and 4033 deletions
--- a/admin-compliance/lib/sdk/types.ts
+++ b/admin-compliance/lib/sdk/types.ts
--- a/admin-compliance/lib/sdk/types/document-generator.ts
+++ b/admin-compliance/lib/sdk/types/document-generator.ts
@@ -18,6 +18,7 @@ export type LicenseType =
  | 'reuse_notice'

 export type TemplateType =
+  // Legal / Vertragsvorlagen
  | 'privacy_policy'
  | 'terms_of_service'
  | 'agb'
@@ -35,6 +36,55 @@ export type TemplateType =
  | 'copyright_policy'
  | 'clause'
  | 'dsfa'
+  // Sicherheitskonzepte (Migration 051)
+  | 'it_security_concept'
+  | 'data_protection_concept'
+  | 'backup_recovery_concept'
+  | 'logging_concept'
+  | 'incident_response_plan'
+  | 'access_control_concept'
+  | 'risk_management_concept'
+  // CRA Cybersecurity (Migration 056)
+  | 'cybersecurity_policy'
+  // IT-Sicherheit Policies (Migration 071)
+  | 'information_security_policy'
+  | 'access_control_policy'
+  | 'password_policy'
+  | 'encryption_policy'
+  | 'logging_policy'
+  | 'backup_policy'
+  | 'incident_response_policy'
+  | 'change_management_policy'
+  | 'patch_management_policy'
+  | 'asset_management_policy'
+  | 'cloud_security_policy'
+  | 'devsecops_policy'
+  | 'secrets_management_policy'
+  | 'vulnerability_management_policy'
+  // Daten-Policies (Migration 072)
+  | 'data_protection_policy'
+  | 'data_classification_policy'
+  | 'data_retention_policy'
+  | 'data_transfer_policy'
+  | 'privacy_incident_policy'
+  // Personal-Policies (Migration 072)
+  | 'employee_security_policy'
+  | 'security_awareness_policy'
+  | 'remote_work_policy'
+  | 'offboarding_policy'
+  // Lieferanten-Policies (Migration 072)
+  | 'vendor_risk_management_policy'
+  | 'third_party_security_policy'
+  | 'supplier_security_policy'
+  // BCM/Notfall (Migration 072)
+  | 'business_continuity_policy'
+  | 'disaster_recovery_policy'
+  | 'crisis_management_policy'
+  // Modul-Dokumente (Migration 073)
+  | 'vvt_register'
+  | 'tom_documentation'
+  | 'loeschkonzept'
+  | 'pflichtenregister'

 export type Jurisdiction = 'DE' | 'AT' | 'CH' | 'EU' | 'US' | 'INTL'

@@ -204,6 +254,7 @@ export const DEFAULT_PLACEHOLDERS: Record<string, string> = {
 }

 export const TEMPLATE_TYPE_LABELS: Record<TemplateType, string> = {
+  // Legal / Vertragsvorlagen
  privacy_policy: 'Datenschutzerkl\u00e4rung',
  terms_of_service: 'Nutzungsbedingungen',
  agb: 'Allgemeine Gesch\u00e4ftsbedingungen',
@@ -221,6 +272,54 @@ export const TEMPLATE_TYPE_LABELS: Record<TemplateType, string> = {
  copyright_policy: 'Urheberrechtsrichtlinie',
  clause: 'Vertragsklausel',
  dsfa: 'Datenschutz-Folgenabsch\u00e4tzung',
+  // Sicherheitskonzepte
+  it_security_concept: 'IT-Sicherheitskonzept',
+  data_protection_concept: 'Datenschutzkonzept',
+  backup_recovery_concept: 'Backup- und Recovery-Konzept',
+  logging_concept: 'Logging-Konzept',
+  incident_response_plan: 'Incident-Response-Plan',
+  access_control_concept: 'Zugriffskonzept',
+  risk_management_concept: 'Risikomanagement-Konzept',
+  cybersecurity_policy: 'Cybersecurity-Richtlinie (CRA)',
+  // IT-Sicherheit Policies
+  information_security_policy: 'Informationssicherheitsrichtlinie',
+  access_control_policy: 'Zugriffskontrollrichtlinie',
+  password_policy: 'Passwortrichtlinie',
+  encryption_policy: 'Verschl\u00fcsselungsrichtlinie',
+  logging_policy: 'Protokollierungsrichtlinie',
+  backup_policy: 'Datensicherungsrichtlinie',
+  incident_response_policy: 'Incident-Response-Richtlinie',
+  change_management_policy: 'Change-Management-Richtlinie',
+  patch_management_policy: 'Patch-Management-Richtlinie',
+  asset_management_policy: 'Asset-Management-Richtlinie',
+  cloud_security_policy: 'Cloud-Security-Richtlinie',
+  devsecops_policy: 'DevSecOps-Richtlinie',
+  secrets_management_policy: 'Secrets-Management-Richtlinie',
+  vulnerability_management_policy: 'Schwachstellenmanagement-Richtlinie',
+  // Daten-Policies
+  data_protection_policy: 'Datenschutzrichtlinie',
+  data_classification_policy: 'Datenklassifizierungsrichtlinie',
+  data_retention_policy: 'Aufbewahrungsrichtlinie',
+  data_transfer_policy: 'Daten\u00fcbermittlungsrichtlinie',
+  privacy_incident_policy: 'Datenschutzvorfall-Richtlinie',
+  // Personal-Policies
+  employee_security_policy: 'Mitarbeiter-Sicherheitsrichtlinie',
+  security_awareness_policy: 'Security-Awareness-Richtlinie',
+  remote_work_policy: 'Remote-Work-Richtlinie',
+  offboarding_policy: 'Offboarding-Richtlinie',
+  // Lieferanten-Policies
+  vendor_risk_management_policy: 'Lieferanten-Risikomanagement',
+  third_party_security_policy: 'Drittanbieter-Sicherheitsrichtlinie',
+  supplier_security_policy: 'Lieferanten-Sicherheitsanforderungen',
+  // BCM/Notfall
+  business_continuity_policy: 'Business-Continuity-Richtlinie',
+  disaster_recovery_policy: 'Disaster-Recovery-Richtlinie',
+  crisis_management_policy: 'Krisenmanagement-Richtlinie',
+  // Modul-Dokumente
+  vvt_register: 'Verarbeitungsverzeichnis (Art. 30)',
+  tom_documentation: 'TOM-Dokumentation (Art. 32)',
+  loeschkonzept: 'L\u00f6schkonzept (Art. 5/17)',
+  pflichtenregister: 'Pflichtenregister',
 }

 export const LICENSE_TYPE_LABELS: Record<LicenseType, string> = {
@@ -241,228 +340,3 @@ export const JURISDICTION_LABELS: Record<Jurisdiction, string> = {
  INTL: 'International',
 }

-// =============================================================================
-// DSFA RAG TYPES (Source Attribution & Corpus Management)
-// =============================================================================
-
-export type DSFALicenseCode =
-  | 'DL-DE-BY-2.0'
-  | 'DL-DE-ZERO-2.0'
-  | 'CC-BY-4.0'
-  | 'EDPB-LICENSE'
-  | 'PUBLIC_DOMAIN'
-  | 'PROPRIETARY'
-
-export type DSFADocumentType = 'guideline' | 'checklist' | 'regulation' | 'template'
-
-export type DSFACategory =
-  | 'threshold_analysis'
-  | 'risk_assessment'
-  | 'mitigation'
-  | 'consultation'
-  | 'documentation'
-  | 'process'
-  | 'criteria'
-
-export interface DSFASource {
-  id: string
-  sourceCode: string
-  name: string
-  fullName?: string
-  organization?: string
-  sourceUrl?: string
-  eurLexCelex?: string
-  licenseCode: DSFALicenseCode
-  licenseName: string
-  licenseUrl?: string
-  attributionRequired: boolean
-  attributionText: string
-  documentType?: DSFADocumentType
-  language: string
-}
-
-export interface DSFADocument {
-  id: string
-  sourceId: string
-  title: string
-  description?: string
-  fileName?: string
-  fileType?: string
-  fileSizeBytes?: number
-  minioBucket: string
-  minioPath?: string
-  originalUrl?: string
-  ocrProcessed: boolean
-  textExtracted: boolean
-  chunksGenerated: number
-  lastIndexedAt?: string
-  metadata: Record<string, unknown>
-  createdAt: string
-  updatedAt: string
-}
-
-export interface DSFAChunk {
-  chunkId: string
-  content: string
-  sectionTitle?: string
-  pageNumber?: number
-  category?: DSFACategory
-  documentId: string
-  documentTitle?: string
-  sourceId: string
-  sourceCode: string
-  sourceName: string
-  attributionText: string
-  licenseCode: DSFALicenseCode
-  licenseName: string
-  licenseUrl?: string
-  attributionRequired: boolean
-  sourceUrl?: string
-  documentType?: DSFADocumentType
-}
-
-export interface DSFASearchResult {
-  chunkId: string
-  content: string
-  score: number
-  sourceCode: string
-  sourceName: string
-  attributionText: string
-  licenseCode: DSFALicenseCode
-  licenseName: string
-  licenseUrl?: string
-  attributionRequired: boolean
-  sourceUrl?: string
-  documentType?: DSFADocumentType
-  category?: DSFACategory
-  sectionTitle?: string
-  pageNumber?: number
-}
-
-export interface DSFASearchResponse {
-  query: string
-  results: DSFASearchResult[]
-  totalResults: number
-  licensesUsed: string[]
-  attributionNotice: string
-}
-
-export interface DSFASourceStats {
-  sourceId: string
-  sourceCode: string
-  name: string
-  organization?: string
-  licenseCode: DSFALicenseCode
-  documentType?: DSFADocumentType
-  documentCount: number
-  chunkCount: number
-  lastIndexedAt?: string
-}
-
-export interface DSFACorpusStats {
-  sources: DSFASourceStats[]
-  totalSources: number
-  totalDocuments: number
-  totalChunks: number
-  qdrantCollection: string
-  qdrantPointsCount: number
-  qdrantStatus: string
-}
-
-export interface DSFALicenseInfo {
-  code: DSFALicenseCode
-  name: string
-  url?: string
-  attributionRequired: boolean
-  modificationAllowed: boolean
-  commercialUse: boolean
-}
-
-export interface DSFAIngestRequest {
-  documentUrl?: string
-  documentText?: string
-  title?: string
-}
-
-export interface DSFAIngestResponse {
-  sourceCode: string
-  documentId?: string
-  chunksCreated: number
-  message: string
-}
-
-export interface SourceAttributionProps {
-  sources: Array<{
-    sourceCode: string
-    sourceName: string
-    attributionText: string
-    licenseCode: DSFALicenseCode
-    sourceUrl?: string
-    score?: number
-  }>
-  compact?: boolean
-  showScores?: boolean
-}
-
-export const DSFA_LICENSE_LABELS: Record<DSFALicenseCode, string> = {
-  'DL-DE-BY-2.0': 'Datenlizenz DE \u2013 Namensnennung 2.0',
-  'DL-DE-ZERO-2.0': 'Datenlizenz DE \u2013 Zero 2.0',
-  'CC-BY-4.0': 'CC BY 4.0 International',
-  'EDPB-LICENSE': 'EDPB Document License',
-  'PUBLIC_DOMAIN': 'Public Domain',
-  'PROPRIETARY': 'Proprietary',
-}
-
-export const DSFA_DOCUMENT_TYPE_LABELS: Record<DSFADocumentType, string> = {
-  guideline: 'Leitlinie',
-  checklist: 'Pr\u00fcfliste',
-  regulation: 'Verordnung',
-  template: 'Vorlage',
-}
-
-export const DSFA_CATEGORY_LABELS: Record<DSFACategory, string> = {
-  threshold_analysis: 'Schwellwertanalyse',
-  risk_assessment: 'Risikobewertung',
-  mitigation: 'Risikominderung',
-  consultation: 'Beh\u00f6rdenkonsultation',
-  documentation: 'Dokumentation',
-  process: 'Prozessschritte',
-  criteria: 'Kriterien',
-}
-
-// =============================================================================
-// COMPLIANCE WIKI
-// =============================================================================
-
-export interface WikiCategory {
-  id: string
-  name: string
-  description: string
-  icon: string
-  sortOrder: number
-  articleCount: number
-}
-
-export interface WikiArticle {
-  id: string
-  categoryId: string
-  categoryName: string
-  title: string
-  summary: string
-  content: string
-  legalRefs: string[]
-  tags: string[]
-  relevance: 'critical' | 'important' | 'info'
-  sourceUrls: string[]
-  version: number
-  updatedAt: string
-}
-
-export interface WikiSearchResult {
-  id: string
-  title: string
-  summary: string
-  categoryName: string
-  relevance: string
-  highlight: string
-}
--- a/admin-compliance/lib/sdk/types/dsfa-rag.ts
+++ b/admin-compliance/lib/sdk/types/dsfa-rag.ts
@@ -0,0 +1,189 @@
+/**
+ * DSFA RAG types — source attribution and corpus management for the
+ * Datenschutz-Folgenabschätzung RAG pipeline.
+ */
+
+export type DSFALicenseCode =
+  | 'DL-DE-BY-2.0'
+  | 'DL-DE-ZERO-2.0'
+  | 'CC-BY-4.0'
+  | 'EDPB-LICENSE'
+  | 'PUBLIC_DOMAIN'
+  | 'PROPRIETARY'
+
+export type DSFADocumentType = 'guideline' | 'checklist' | 'regulation' | 'template'
+
+export type DSFACategory =
+  | 'threshold_analysis'
+  | 'risk_assessment'
+  | 'mitigation'
+  | 'consultation'
+  | 'documentation'
+  | 'process'
+  | 'criteria'
+
+export interface DSFASource {
+  id: string
+  sourceCode: string
+  name: string
+  fullName?: string
+  organization?: string
+  sourceUrl?: string
+  eurLexCelex?: string
+  licenseCode: DSFALicenseCode
+  licenseName: string
+  licenseUrl?: string
+  attributionRequired: boolean
+  attributionText: string
+  documentType?: DSFADocumentType
+  language: string
+}
+
+export interface DSFADocument {
+  id: string
+  sourceId: string
+  title: string
+  description?: string
+  fileName?: string
+  fileType?: string
+  fileSizeBytes?: number
+  minioBucket: string
+  minioPath?: string
+  originalUrl?: string
+  ocrProcessed: boolean
+  textExtracted: boolean
+  chunksGenerated: number
+  lastIndexedAt?: string
+  metadata: Record<string, unknown>
+  createdAt: string
+  updatedAt: string
+}
+
+export interface DSFAChunk {
+  chunkId: string
+  content: string
+  sectionTitle?: string
+  pageNumber?: number
+  category?: DSFACategory
+  documentId: string
+  documentTitle?: string
+  sourceId: string
+  sourceCode: string
+  sourceName: string
+  attributionText: string
+  licenseCode: DSFALicenseCode
+  licenseName: string
+  licenseUrl?: string
+  attributionRequired: boolean
+  sourceUrl?: string
+  documentType?: DSFADocumentType
+}
+
+export interface DSFASearchResult {
+  chunkId: string
+  content: string
+  score: number
+  sourceCode: string
+  sourceName: string
+  attributionText: string
+  licenseCode: DSFALicenseCode
+  licenseName: string
+  licenseUrl?: string
+  attributionRequired: boolean
+  sourceUrl?: string
+  documentType?: DSFADocumentType
+  category?: DSFACategory
+  sectionTitle?: string
+  pageNumber?: number
+}
+
+export interface DSFASearchResponse {
+  query: string
+  results: DSFASearchResult[]
+  totalResults: number
+  licensesUsed: string[]
+  attributionNotice: string
+}
+
+export interface DSFASourceStats {
+  sourceId: string
+  sourceCode: string
+  name: string
+  organization?: string
+  licenseCode: DSFALicenseCode
+  documentType?: DSFADocumentType
+  documentCount: number
+  chunkCount: number
+  lastIndexedAt?: string
+}
+
+export interface DSFACorpusStats {
+  sources: DSFASourceStats[]
+  totalSources: number
+  totalDocuments: number
+  totalChunks: number
+  qdrantCollection: string
+  qdrantPointsCount: number
+  qdrantStatus: string
+}
+
+export interface DSFALicenseInfo {
+  code: DSFALicenseCode
+  name: string
+  url?: string
+  attributionRequired: boolean
+  modificationAllowed: boolean
+  commercialUse: boolean
+}
+
+export interface DSFAIngestRequest {
+  documentUrl?: string
+  documentText?: string
+  title?: string
+}
+
+export interface DSFAIngestResponse {
+  sourceCode: string
+  documentId?: string
+  chunksCreated: number
+  message: string
+}
+
+export interface SourceAttributionProps {
+  sources: Array<{
+    sourceCode: string
+    sourceName: string
+    attributionText: string
+    licenseCode: DSFALicenseCode
+    sourceUrl?: string
+    score?: number
+  }>
+  compact?: boolean
+  showScores?: boolean
+}
+
+export const DSFA_LICENSE_LABELS: Record<DSFALicenseCode, string> = {
+  'DL-DE-BY-2.0': 'Datenlizenz DE \u2013 Namensnennung 2.0',
+  'DL-DE-ZERO-2.0': 'Datenlizenz DE \u2013 Zero 2.0',
+  'CC-BY-4.0': 'CC BY 4.0 International',
+  'EDPB-LICENSE': 'EDPB Document License',
+  'PUBLIC_DOMAIN': 'Public Domain',
+  'PROPRIETARY': 'Proprietary',
+}
+
+export const DSFA_DOCUMENT_TYPE_LABELS: Record<DSFADocumentType, string> = {
+  guideline: 'Leitlinie',
+  checklist: 'Pr\u00fcfliste',
+  regulation: 'Verordnung',
+  template: 'Vorlage',
+}
+
+export const DSFA_CATEGORY_LABELS: Record<DSFACategory, string> = {
+  threshold_analysis: 'Schwellwertanalyse',
+  risk_assessment: 'Risikobewertung',
+  mitigation: 'Risikominderung',
+  consultation: 'Beh\u00f6rdenkonsultation',
+  documentation: 'Dokumentation',
+  process: 'Prozessschritte',
+  criteria: 'Kriterien',
+}
--- a/admin-compliance/lib/sdk/types/helpers.ts
+++ b/admin-compliance/lib/sdk/types/helpers.ts
@@ -3,12 +3,10 @@
 */

 import type { SDKPhase, SDKPackageId, CustomerType, RiskLikelihood, RiskImpact, RiskSeverity } from './enums'
-import type { SDKStep, SDKPackage, SDK_PACKAGES } from './sdk-flow'
-import type { SDK_STEPS } from './sdk-steps'
+import type { SDKStep, SDKPackage } from './sdk-flow'
 import type { SDKState } from './sdk-state'
 import type { Risk } from './compliance'

-// Re-import values (not just types) for runtime use
 import { SDK_PACKAGES as _SDK_PACKAGES } from './sdk-flow'
 import { SDK_STEPS as _SDK_STEPS } from './sdk-steps'

--- a/admin-compliance/lib/sdk/types/index.ts
+++ b/admin-compliance/lib/sdk/types/index.ts
@@ -16,3 +16,5 @@ export * from './sdk-state'
 export * from './iace'
 export * from './helpers'
 export * from './document-generator'
+export * from './dsfa-rag'
+export * from './wiki'
--- a/admin-compliance/lib/sdk/types/sdk-steps.ts
+++ b/admin-compliance/lib/sdk/types/sdk-steps.ts
@@ -221,7 +221,7 @@ export const SDK_STEPS: SDKStep[] = [
      const level = state.complianceScope?.decision?.determinedLevel
      if (level && ['L2', 'L3', 'L4'].includes(level)) return true
      const triggers = state.complianceScope?.decision?.triggeredHardTriggers || []
-      return triggers.some(t => t.rule.dsfaRequired)
+      return triggers.some(t => t.requiresDSFA)
    },
  },
  {
--- a/admin-compliance/lib/sdk/types/wiki.ts
+++ b/admin-compliance/lib/sdk/types/wiki.ts
@@ -0,0 +1,36 @@
+/**
+ * Compliance Wiki types.
+ */
+
+export interface WikiCategory {
+  id: string
+  name: string
+  description: string
+  icon: string
+  sortOrder: number
+  articleCount: number
+}
+
+export interface WikiArticle {
+  id: string
+  categoryId: string
+  categoryName: string
+  title: string
+  summary: string
+  content: string
+  legalRefs: string[]
+  tags: string[]
+  relevance: 'critical' | 'important' | 'info'
+  sourceUrls: string[]
+  version: number
+  updatedAt: string
+}
+
+export interface WikiSearchResult {
+  id: string
+  title: string
+  summary: string
+  categoryName: string
+  relevance: string
+  highlight: string
+}
--- a/admin-compliance/lib/sdk/vendor-compliance/types.ts
+++ b/admin-compliance/lib/sdk/vendor-compliance/types.ts