refactor(backend/api): extract SourcePolicyService (Step 4 — file 7 of 18)

compliance/api/source_policy_router.py (580 LOC) -> 253 LOC thin routes + 453-line SourcePolicyService + 83-line schemas file. Manages allowed data sources, operations matrix, PII rules, blocked-content log, audit trail, and dashboard stats/report. Single-service split. ORM-based (uses compliance.db.source_policy_models). Date-string parsing extracted to a module-level _parse_iso_optional helper so the audit + blocked-content list endpoints share it instead of duplicating try/except blocks. Legacy test compat: SourceCreate, SourceUpdate, SourceResponse, PIIRuleCreate, PIIRuleUpdate, OperationUpdate, _log_audit re-exported from compliance.api.source_policy_router via __all__. Verified: - 208/208 pytest pass (173 core + 35 source policy) - OpenAPI 360/484 unchanged - mypy compliance/ -> Success on 132 source files - source_policy_router.py 580 -> 253 LOC - Hard-cap violations: 12 -> 11 Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-07 19:58:02 +02:00
parent b850368ec9
commit 7107a31496
5 changed files with 740 additions and 469 deletions
--- a/backend-compliance/compliance/schemas/source_policy.py
+++ b/backend-compliance/compliance/schemas/source_policy.py
@@ -0,0 +1,83 @@
+"""
+Source Policy schemas — allowed source registry, operations matrix, PII rules.
+
+Phase 1 Step 4: extracted from ``compliance.api.source_policy_router``.
+"""
+
+from typing import Any, Optional
+
+from pydantic import BaseModel, ConfigDict, Field
+
+
+class SourceCreate(BaseModel):
+    domain: str
+    name: str
+    description: Optional[str] = None
+    license: Optional[str] = None
+    legal_basis: Optional[str] = None
+    trust_boost: float = Field(default=0.5, ge=0.0, le=1.0)
+    source_type: str = "legal"
+    active: bool = True
+    metadata: Optional[dict[str, Any]] = None
+
+
+class SourceUpdate(BaseModel):
+    domain: Optional[str] = None
+    name: Optional[str] = None
+    description: Optional[str] = None
+    license: Optional[str] = None
+    legal_basis: Optional[str] = None
+    trust_boost: Optional[float] = Field(default=None, ge=0.0, le=1.0)
+    source_type: Optional[str] = None
+    active: Optional[bool] = None
+    metadata: Optional[dict[str, Any]] = None
+
+
+class SourceResponse(BaseModel):
+    id: str
+    domain: str
+    name: str
+    description: Optional[str] = None
+    license: Optional[str] = None
+    legal_basis: Optional[str] = None
+    trust_boost: float
+    source_type: str
+    active: bool
+    metadata: Optional[dict[str, Any]] = None
+    created_at: str
+    updated_at: Optional[str] = None
+
+    model_config = ConfigDict(from_attributes=True)
+
+
+class OperationUpdate(BaseModel):
+    allowed: bool
+    conditions: Optional[str] = None
+
+
+class PIIRuleCreate(BaseModel):
+    name: str
+    description: Optional[str] = None
+    pattern: Optional[str] = None
+    category: str
+    action: str = "mask"
+    active: bool = True
+
+
+class PIIRuleUpdate(BaseModel):
+    name: Optional[str] = None
+    description: Optional[str] = None
+    pattern: Optional[str] = None
+    category: Optional[str] = None
+    action: Optional[str] = None
+    active: Optional[bool] = None
+
+
+__all__ = [
+    "SourceCreate",
+    "SourceUpdate",
+    "SourceResponse",
+    "OperationUpdate",
+    "PIIRuleCreate",
+    "PIIRuleUpdate",
+]