fix(backend): SQLAlchemy text() fuer alle raw SQL + UI-Verbesserungen
Some checks failed
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-ai-compliance (push) Failing after 32s
CI / test-python-backend-compliance (push) Successful in 39s
CI / test-python-document-crawler (push) Successful in 23s
CI / test-python-dsms-gateway (push) Successful in 18s
Some checks failed
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / test-go-ai-compliance (push) Failing after 32s
CI / test-python-backend-compliance (push) Successful in 39s
CI / test-python-document-crawler (push) Successful in 23s
CI / test-python-dsms-gateway (push) Successful in 18s
- CRITICAL: Alle db.execute() Aufrufe in company_profile_routes.py und generation_routes.py mit text() gewrapped (SQLAlchemy 2.x) - Geschaeftsmodell-Kacheln: Nur Kurztext, Beschreibung bei Klick - "Warum diese Fragen" in Hauptbereich unter Ueberschrift verschoben - Sidebar-Box entfernt fuer mehr Platz Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
@@ -15,6 +15,7 @@ from typing import Optional
|
||||
|
||||
from fastapi import APIRouter, HTTPException, Header
|
||||
from pydantic import BaseModel
|
||||
from sqlalchemy import text
|
||||
|
||||
from database import SessionLocal
|
||||
|
||||
@@ -224,9 +225,9 @@ def log_audit(db, tenant_id: str, action: str, changed_fields: Optional[dict], c
|
||||
"""Write an audit log entry."""
|
||||
try:
|
||||
db.execute(
|
||||
"""INSERT INTO compliance_company_profile_audit
|
||||
text("""INSERT INTO compliance_company_profile_audit
|
||||
(tenant_id, action, changed_fields, changed_by)
|
||||
VALUES (:tenant_id, :action, :fields::jsonb, :changed_by)""",
|
||||
VALUES (:tenant_id, :action, :fields::jsonb, :changed_by)"""),
|
||||
{
|
||||
"tenant_id": tenant_id,
|
||||
"action": action,
|
||||
@@ -252,7 +253,7 @@ async def get_company_profile(
|
||||
db = SessionLocal()
|
||||
try:
|
||||
result = db.execute(
|
||||
f"SELECT {_BASE_COLUMNS} FROM compliance_company_profiles WHERE tenant_id = :tenant_id",
|
||||
text(f"SELECT {_BASE_COLUMNS} FROM compliance_company_profiles WHERE tenant_id = :tenant_id"),
|
||||
{"tenant_id": tid},
|
||||
)
|
||||
row = result.fetchone()
|
||||
@@ -276,7 +277,7 @@ async def upsert_company_profile(
|
||||
try:
|
||||
# Check if profile exists
|
||||
existing = db.execute(
|
||||
"SELECT id FROM compliance_company_profiles WHERE tenant_id = :tid",
|
||||
text("SELECT id FROM compliance_company_profiles WHERE tenant_id = :tid"),
|
||||
{"tid": tid},
|
||||
).fetchone()
|
||||
|
||||
@@ -285,7 +286,7 @@ async def upsert_company_profile(
|
||||
completed_at_clause = ", completed_at = NOW()" if profile.is_complete else ", completed_at = NULL"
|
||||
|
||||
db.execute(
|
||||
f"""INSERT INTO compliance_company_profiles
|
||||
text(f"""INSERT INTO compliance_company_profiles
|
||||
(tenant_id, company_name, legal_form, industry, founded_year,
|
||||
business_model, offerings, company_size, employee_count, annual_revenue,
|
||||
headquarters_country, headquarters_city, has_international_locations,
|
||||
@@ -344,7 +345,7 @@ async def upsert_company_profile(
|
||||
supervisory_authority = EXCLUDED.supervisory_authority,
|
||||
review_cycle_months = EXCLUDED.review_cycle_months,
|
||||
updated_at = NOW()
|
||||
{completed_at_clause}""",
|
||||
{completed_at_clause}"""),
|
||||
{
|
||||
"tid": tid,
|
||||
"company_name": profile.company_name,
|
||||
@@ -392,7 +393,7 @@ async def upsert_company_profile(
|
||||
|
||||
# Fetch and return
|
||||
result = db.execute(
|
||||
f"SELECT {_BASE_COLUMNS} FROM compliance_company_profiles WHERE tenant_id = :tid",
|
||||
text(f"SELECT {_BASE_COLUMNS} FROM compliance_company_profiles WHERE tenant_id = :tid"),
|
||||
{"tid": tid},
|
||||
)
|
||||
row = result.fetchone()
|
||||
@@ -415,7 +416,7 @@ async def delete_company_profile(
|
||||
db = SessionLocal()
|
||||
try:
|
||||
existing = db.execute(
|
||||
"SELECT id FROM compliance_company_profiles WHERE tenant_id = :tid",
|
||||
text("SELECT id FROM compliance_company_profiles WHERE tenant_id = :tid"),
|
||||
{"tid": tid},
|
||||
).fetchone()
|
||||
|
||||
@@ -423,7 +424,7 @@ async def delete_company_profile(
|
||||
raise HTTPException(status_code=404, detail="Company profile not found")
|
||||
|
||||
db.execute(
|
||||
"DELETE FROM compliance_company_profiles WHERE tenant_id = :tid",
|
||||
text("DELETE FROM compliance_company_profiles WHERE tenant_id = :tid"),
|
||||
{"tid": tid},
|
||||
)
|
||||
|
||||
@@ -451,7 +452,7 @@ async def get_template_context(
|
||||
db = SessionLocal()
|
||||
try:
|
||||
result = db.execute(
|
||||
f"SELECT {_BASE_COLUMNS} FROM compliance_company_profiles WHERE tenant_id = :tid",
|
||||
text(f"SELECT {_BASE_COLUMNS} FROM compliance_company_profiles WHERE tenant_id = :tid"),
|
||||
{"tid": tid},
|
||||
)
|
||||
row = result.fetchone()
|
||||
@@ -513,11 +514,11 @@ async def get_audit_log(
|
||||
db = SessionLocal()
|
||||
try:
|
||||
result = db.execute(
|
||||
"""SELECT id, action, changed_fields, changed_by, created_at
|
||||
text("""SELECT id, action, changed_fields, changed_by, created_at
|
||||
FROM compliance_company_profile_audit
|
||||
WHERE tenant_id = :tid
|
||||
ORDER BY created_at DESC
|
||||
LIMIT 100""",
|
||||
LIMIT 100"""),
|
||||
{"tid": tid},
|
||||
)
|
||||
rows = result.fetchall()
|
||||
|
||||
@@ -39,7 +39,7 @@ def _get_template_context(db, tid: str) -> dict:
|
||||
cp_db = SessionLocal()
|
||||
try:
|
||||
result = cp_db.execute(
|
||||
f"SELECT {_BASE_COLUMNS} FROM compliance_company_profiles WHERE tenant_id = :tid",
|
||||
text(f"SELECT {_BASE_COLUMNS} FROM compliance_company_profiles WHERE tenant_id = :tid"),
|
||||
{"tid": tid},
|
||||
)
|
||||
row = result.fetchone()
|
||||
|
||||
Reference in New Issue
Block a user