feat(banner): P19 + P20 — Per-Category-Click-Test + Frontend-Drilldown
CI / secret-scan (push) Has been skipped
CI / dep-audit (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m54s
CI / test-go (push) Has been skipped
CI / detect-changes (push) Successful in 10s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / validate-canonical-controls (push) Successful in 17s
CI / loc-budget (push) Successful in 17s
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / iace-gt-coverage (push) Has been skipped
CI / test-python-backend (push) Successful in 43s
CI / test-python-document-crawler (push) Has been skipped
CI / test-python-dsms-gateway (push) Has been skipped
CI / secret-scan (push) Has been skipped
CI / dep-audit (push) Has been skipped
CI / nodejs-lint (push) Has been skipped
CI / nodejs-build (push) Successful in 2m54s
CI / test-go (push) Has been skipped
CI / detect-changes (push) Successful in 10s
CI / branch-name (push) Has been skipped
CI / guardrail-integrity (push) Has been skipped
CI / sbom-scan (push) Has been skipped
CI / validate-canonical-controls (push) Successful in 17s
CI / loc-budget (push) Successful in 17s
CI / go-lint (push) Has been skipped
CI / python-lint (push) Has been skipped
CI / iace-gt-coverage (push) Has been skipped
CI / test-python-backend (push) Successful in 43s
CI / test-python-document-crawler (push) Has been skipped
CI / test-python-dsms-gateway (push) Has been skipped
P19 (consent-tester): - dp-cookieconsent (TYPO3, Safetykon-Pattern) als CMP-Profil hinzu — Selektoren #dp--cookie-statistics/marketing + a.cc-allow Save-Button - Neues Signal provider_details_visible: nach Kategorie-Toggle prueft Playwright ob im Banner sichtbare Provider-/Cookie-Detail-Elemente erscheinen. Bei dp-cookieconsent (Banner ohne Listing) immer False -> HIGH-Violation "Kategorie zeigt keine Provider-/Cookie-Details — Nutzer kann nicht informiert einwilligen (Art. 7 Abs. 1 DSGVO)" - main.py serialisiert provider_details_visible + cookies_set pro Kategorie P20 (Frontend-Drilldown): - Backend: check_payloads-Tabelle um Spalte 'banner' (JSON) — voller banner_result persistiert (vorher nur in-memory). ALTER TABLE Migration idempotent. - Neuer Endpoint GET /api/compliance/agent/banner/<check_id> — liefert Quality-Score, Phases, Category-Tests, Banner-Checks, alle 46 structured_checks. - Frontend: BannerTab im /sdk/agent/audit/<id> mit Quality-Cards, 3-Phasen-Cookie-Tabelle, Per-Category-Listing (mit P19-Signal rot/gruen), Banner-Verstoesse + Rechtsgrundlagen, 46-Check-Drilldown filterbar nach Severity. - Tab-Switcher in page.tsx um "Cookie-Banner-Analyse" erweitert. - Bonus: 2 alte route.ts auf Next.js 15 Promise-params umgestellt (Build-Fix). Plus: Critical-Findings-Block nutzt provider_details_visible als primaeres Signal statt nur tracking_services-Anzahl. Smoke-Test Safetykon: 4 Critical Findings im Mail, banner-Endpoint liefert 46 checks + 3 phases + 2 categories mit provider_details_visible=False. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
Benjamin Admin
@@ -66,27 +66,35 @@ def _ensure_db() -> None:
|
||||
CREATE TABLE IF NOT EXISTS check_payloads (
|
||||
check_id TEXT PRIMARY KEY,
|
||||
vendors TEXT, -- JSON list[dict]
|
||||
profile TEXT -- JSON dict
|
||||
profile TEXT, -- JSON dict
|
||||
banner TEXT -- P20: JSON dict — full banner_result
|
||||
);
|
||||
""")
|
||||
# P20 migration: spalte 'banner' nachtraeglich anlegen wenn alt
|
||||
try:
|
||||
conn.execute("ALTER TABLE check_payloads ADD COLUMN banner TEXT")
|
||||
except sqlite3.OperationalError:
|
||||
pass
|
||||
|
||||
|
||||
def record_check_payload(
|
||||
check_id: str,
|
||||
vendors: list[dict] | None,
|
||||
profile: dict | None,
|
||||
banner: dict | None = None,
|
||||
) -> None:
|
||||
"""Persist cmp_vendors + extracted_profile for later migration use."""
|
||||
"""Persist cmp_vendors + extracted_profile + banner_result (P20)."""
|
||||
try:
|
||||
_ensure_db()
|
||||
with sqlite3.connect(DB_PATH) as conn:
|
||||
conn.execute(
|
||||
"INSERT OR REPLACE INTO check_payloads "
|
||||
"(check_id, vendors, profile) VALUES (?, ?, ?)",
|
||||
"(check_id, vendors, profile, banner) VALUES (?, ?, ?, ?)",
|
||||
(
|
||||
check_id,
|
||||
json.dumps(vendors or [], ensure_ascii=False),
|
||||
json.dumps(profile or {}, ensure_ascii=False),
|
||||
json.dumps(banner or {}, ensure_ascii=False) if banner else None,
|
||||
),
|
||||
)
|
||||
conn.commit()
|
||||
@@ -95,13 +103,13 @@ def record_check_payload(
|
||||
|
||||
|
||||
def get_check_payload(check_id: str) -> dict | None:
|
||||
"""Load cmp_vendors + extracted_profile for a previous check."""
|
||||
"""Load cmp_vendors + extracted_profile + banner_result for a previous check."""
|
||||
try:
|
||||
_ensure_db()
|
||||
with sqlite3.connect(DB_PATH) as conn:
|
||||
conn.row_factory = sqlite3.Row
|
||||
row = conn.execute(
|
||||
"SELECT vendors, profile FROM check_payloads WHERE check_id=?",
|
||||
"SELECT vendors, profile, banner FROM check_payloads WHERE check_id=?",
|
||||
(check_id,),
|
||||
).fetchone()
|
||||
if not row:
|
||||
@@ -109,6 +117,7 @@ def get_check_payload(check_id: str) -> dict | None:
|
||||
return {
|
||||
"vendors": json.loads(row["vendors"] or "[]"),
|
||||
"profile": json.loads(row["profile"] or "{}"),
|
||||
"banner": json.loads(row["banner"]) if row["banner"] else None,
|
||||
}
|
||||
except Exception as e:
|
||||
logger.warning("get_check_payload failed: %s", e)
|
||||
|
||||
Reference in New Issue
Block a user