Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor(admin): split modules, security-backlog, consent pages

Browse Source 
Extract components and hooks to _components/ and _hooks/ subdirectories
to bring all three page.tsx files under the 500-LOC hard cap.

modules/page.tsx:       595 → 239 LOC
security-backlog/page.tsx: 586 → 174 LOC
consent/page.tsx:       569 → 305 LOC

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Sharang Parnerkar
2026-04-16 13:13:38 +02:00
parent 7907b3f25b
commit 8044ddb776
10 changed files with 1249 additions and 1114 deletions
Download Patch File Download Diff File Expand all files Collapse all files

117
admin-compliance/app/sdk/consent/_components/DocumentCard.tsx Normal file
View File

@@ -0,0 +1,117 @@
'use client'
import React from 'react'
import type { LegalDocument } from '../_hooks/useConsentDocuments'
export function DocumentCard({
document,
onDelete,
onEdit,
onPreview,
}: {
document: LegalDocument
onDelete: (id: string) => void
onEdit: (id: string) => void
onPreview: (doc: LegalDocument) => void
}) {
const typeColors = {
'privacy-policy': 'bg-blue-100 text-blue-700',
terms: 'bg-green-100 text-green-700',
'cookie-policy': 'bg-yellow-100 text-yellow-700',
imprint: 'bg-gray-100 text-gray-700',
dpa: 'bg-purple-100 text-purple-700',
}
const typeLabels = {
'privacy-policy': 'Datenschutz',
terms: 'AGB',
'cookie-policy': 'Cookie-Richtlinie',
imprint: 'Impressum',
dpa: 'AVV',
}
const statusColors = {
draft: 'bg-yellow-100 text-yellow-700',
active: 'bg-green-100 text-green-700',
archived: 'bg-gray-100 text-gray-500',
}
const statusLabels = {
draft: 'Entwurf',
active: 'Aktiv',
archived: 'Archiviert',
}
return (
<div className={`bg-white rounded-xl border-2 p-6 ${
document.status === 'draft' ? 'border-yellow-200' : 'border-gray-200'
}`}>
<div className="flex items-start justify-between">
<div className="flex-1">
<div className="flex items-center gap-2 mb-2">
<span className={`px-2 py-1 text-xs rounded-full ${typeColors[document.type]}`}>
{typeLabels[document.type]}
</span>
<span className={`px-2 py-1 text-xs rounded-full ${statusColors[document.status]}`}>
{statusLabels[document.status]}
</span>
<span className="px-2 py-1 text-xs bg-gray-100 text-gray-600 rounded uppercase">
{document.language}
</span>
<span className="px-2 py-1 text-xs bg-gray-100 text-gray-600 rounded">
v{document.version}
</span>
</div>
<h3 className="text-lg font-semibold text-gray-900">{document.name}</h3>
</div>
</div>
{document.changes.length > 0 && (
<div className="mt-3">
<span className="text-sm text-gray-500">Letzte Aenderungen:</span>
<ul className="mt-1 text-sm text-gray-600 list-disc list-inside">
{document.changes.slice(0, 2).map((change, i) => (
<li key={i}>{change}</li>
))}
</ul>
</div>
)}
<div className="mt-4 pt-4 border-t border-gray-100 flex items-center justify-between text-sm">
<div className="text-gray-500">
<span>Autor: {document.author}</span>
<span className="mx-2">|</span>
<span>Aktualisiert: {document.lastUpdated.toLocaleDateString('de-DE')}</span>
</div>
<div className="flex items-center gap-2">
<button
onClick={() => onEdit(document.id)}
className="px-3 py-1 text-purple-600 hover:bg-purple-50 rounded-lg transition-colors"
>
Bearbeiten
</button>
<button
onClick={() => onPreview(document)}
className="px-3 py-1 text-gray-600 hover:bg-gray-100 rounded-lg transition-colors"
>
Vorschau
</button>
{document.status === 'draft' && (
<button
onClick={() => onEdit(document.id)}
className="px-3 py-1 bg-green-50 text-green-700 hover:bg-green-100 rounded-lg transition-colors"
>
Veroeffentlichen
</button>
)}
<button
onClick={() => onDelete(document.id)}
className="px-3 py-1 text-red-600 hover:bg-red-50 rounded-lg transition-colors"
>
Loeschen
</button>
</div>
</div>
</div>
)
}

197
admin-compliance/app/sdk/consent/_hooks/useConsentDocuments.ts Normal file
View File

@@ -0,0 +1,197 @@
'use client'
import { useState, useEffect } from 'react'
// =============================================================================
// TYPES
// =============================================================================
export interface LegalDocument {
id: string
type: 'privacy-policy' | 'terms' | 'cookie-policy' | 'imprint' | 'dpa'
name: string
version: string
language: string
status: 'draft' | 'active' | 'archived'
lastUpdated: Date
publishedAt: Date | null
author: string
changes: string[]
}
interface ApiDocument {
id: string
type: string
name: string
description: string
mandatory: boolean
created_at: string
updated_at: string
}
// =============================================================================
// HELPERS
// =============================================================================
function mapDocumentType(apiType: string): LegalDocument['type'] {
const mapping: Record<string, LegalDocument['type']> = {
'privacy_policy': 'privacy-policy',
'privacy-policy': 'privacy-policy',
'terms': 'terms',
'terms_of_service': 'terms',
'cookie_policy': 'cookie-policy',
'cookie-policy': 'cookie-policy',
'imprint': 'imprint',
'dpa': 'dpa',
'avv': 'dpa',
}
return mapping[apiType] || 'terms'
}
function transformApiDocument(doc: ApiDocument): LegalDocument {
return {
id: doc.id,
type: mapDocumentType(doc.type),
name: doc.name,
version: '1.0',
language: 'de',
status: 'active',
lastUpdated: new Date(doc.updated_at),
publishedAt: new Date(doc.created_at),
author: 'System',
changes: doc.description ? [doc.description] : [],
}
}
// =============================================================================
// HOOK
// =============================================================================
export function useConsentDocuments() {
const [documents, setDocuments] = useState<LegalDocument[]>([])
const [loading, setLoading] = useState(true)
const [error, setError] = useState<string | null>(null)
const [previewDoc, setPreviewDoc] = useState<{ name: string; content: string } | null>(null)
useEffect(() => {
loadDocuments()
}, [])
async function loadDocuments() {
setLoading(true)
setError(null)
try {
const token = localStorage.getItem('bp_admin_token')
const res = await fetch('/api/admin/consent/documents', {
headers: token ? { 'Authorization': `Bearer ${token}` } : {}
})
if (res.ok) {
const data = await res.json()
const apiDocs: ApiDocument[] = data.documents || []
setDocuments(apiDocs.map(transformApiDocument))
} else {
setError('Fehler beim Laden der Dokumente')
}
} catch {
setError('Verbindungsfehler zum Server')
} finally {
setLoading(false)
}
}
async function handleRagSuggest(docType: string, docName: string): Promise<string | null> {
const query = docType || docName || 'Datenschutzerklärung'
try {
const res = await fetch('/api/sdk/v1/rag/search', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ query: `${query} DSGVO Vorlage`, limit: 1 }),
})
if (res.ok) {
const data = await res.json()
const first = data.results?.[0]
if (first?.text) return first.text
}
} catch { /* silently ignore */ }
return null
}
async function handleCreateDocument(form: {
type: string
name: string
description: string
content: string
}): Promise<boolean> {
if (!form.name.trim()) return false
try {
const token = localStorage.getItem('bp_admin_token')
const res = await fetch('/api/admin/consent/documents', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
...(token ? { 'Authorization': `Bearer ${token}` } : {}),
},
body: JSON.stringify(form),
})
if (res.ok) {
await loadDocuments()
return true
} else {
setError('Fehler beim Erstellen des Dokuments')
}
} catch {
setError('Verbindungsfehler beim Erstellen')
}
return false
}
async function handleDeleteDocument(id: string) {
if (!confirm('Dokument wirklich löschen?')) return
try {
const token = localStorage.getItem('bp_admin_token')
const res = await fetch(`/api/admin/consent/documents/${id}`, {
method: 'DELETE',
headers: token ? { 'Authorization': `Bearer ${token}` } : {},
})
if (res.ok || res.status === 204) {
setDocuments(prev => prev.filter(d => d.id !== id))
} else {
setError('Fehler beim Löschen des Dokuments')
}
} catch {
setError('Verbindungsfehler beim Löschen')
}
}
async function handlePreview(doc: LegalDocument) {
try {
const token = localStorage.getItem('bp_admin_token')
const res = await fetch(`/api/admin/consent/documents/${doc.id}/versions`, {
headers: token ? { 'Authorization': `Bearer ${token}` } : {}
})
if (res.ok) {
const data = await res.json()
const versions = Array.isArray(data) ? data : (data.versions || [])
const published = versions.find((v: { status: string; content?: string }) => v.status === 'published')
const latest = published || versions[0]
setPreviewDoc({ name: doc.name, content: latest?.content || '<p>Kein Inhalt verfügbar.</p>' })
} else {
setPreviewDoc({ name: doc.name, content: '<p>Vorschau nicht verfügbar.</p>' })
}
} catch {
setPreviewDoc({ name: doc.name, content: '<p>Fehler beim Laden der Vorschau.</p>' })
}
}
return {
documents,
loading,
error,
previewDoc,
setPreviewDoc,
handleRagSuggest,
handleCreateDocument,
handleDeleteDocument,
handlePreview,
}
}

334
admin-compliance/app/sdk/consent/page.tsx
View File

@@ -1,312 +1,29 @@
'use client'
import React, { useState, useEffect } from 'react'
import React, { useState } from 'react'
import { useRouter } from 'next/navigation'
import { useSDK } from '@/lib/sdk'
import { StepHeader, STEP_EXPLANATIONS } from '@/components/sdk/StepHeader'
// =============================================================================
// TYPES
// =============================================================================
interface LegalDocument {
id: string
type: 'privacy-policy' | 'terms' | 'cookie-policy' | 'imprint' | 'dpa'
name: string
version: string
language: string
status: 'draft' | 'active' | 'archived'
lastUpdated: Date
publishedAt: Date | null
author: string
changes: string[]
}
interface ApiDocument {
id: string
type: string
name: string
description: string
mandatory: boolean
created_at: string
updated_at: string
}
// Map API document type to UI type
function mapDocumentType(apiType: string): LegalDocument['type'] {
const mapping: Record<string, LegalDocument['type']> = {
'privacy_policy': 'privacy-policy',
'privacy-policy': 'privacy-policy',
'terms': 'terms',
'terms_of_service': 'terms',
'cookie_policy': 'cookie-policy',
'cookie-policy': 'cookie-policy',
'imprint': 'imprint',
'dpa': 'dpa',
'avv': 'dpa',
}
return mapping[apiType] || 'terms'
}
// Transform API response to UI format
function transformApiDocument(doc: ApiDocument): LegalDocument {
return {
id: doc.id,
type: mapDocumentType(doc.type),
name: doc.name,
version: '1.0',
language: 'de',
status: 'active',
lastUpdated: new Date(doc.updated_at),
publishedAt: new Date(doc.created_at),
author: 'System',
changes: doc.description ? [doc.description] : [],
}
}
// =============================================================================
// COMPONENTS
// =============================================================================
function DocumentCard({
document,
onDelete,
onEdit,
onPreview,
}: {
document: LegalDocument
onDelete: (id: string) => void
onEdit: (id: string) => void
onPreview: (doc: LegalDocument) => void
}) {
const typeColors = {
'privacy-policy': 'bg-blue-100 text-blue-700',
terms: 'bg-green-100 text-green-700',
'cookie-policy': 'bg-yellow-100 text-yellow-700',
imprint: 'bg-gray-100 text-gray-700',
dpa: 'bg-purple-100 text-purple-700',
}
const typeLabels = {
'privacy-policy': 'Datenschutz',
terms: 'AGB',
'cookie-policy': 'Cookie-Richtlinie',
imprint: 'Impressum',
dpa: 'AVV',
}
const statusColors = {
draft: 'bg-yellow-100 text-yellow-700',
active: 'bg-green-100 text-green-700',
archived: 'bg-gray-100 text-gray-500',
}
const statusLabels = {
draft: 'Entwurf',
active: 'Aktiv',
archived: 'Archiviert',
}
return (
<div className={`bg-white rounded-xl border-2 p-6 ${
document.status === 'draft' ? 'border-yellow-200' : 'border-gray-200'
}`}>
<div className="flex items-start justify-between">
<div className="flex-1">
<div className="flex items-center gap-2 mb-2">
<span className={`px-2 py-1 text-xs rounded-full ${typeColors[document.type]}`}>
{typeLabels[document.type]}
</span>
<span className={`px-2 py-1 text-xs rounded-full ${statusColors[document.status]}`}>
{statusLabels[document.status]}
</span>
<span className="px-2 py-1 text-xs bg-gray-100 text-gray-600 rounded uppercase">
{document.language}
</span>
<span className="px-2 py-1 text-xs bg-gray-100 text-gray-600 rounded">
v{document.version}
</span>
</div>
<h3 className="text-lg font-semibold text-gray-900">{document.name}</h3>
</div>
</div>
{document.changes.length > 0 && (
<div className="mt-3">
<span className="text-sm text-gray-500">Letzte Aenderungen:</span>
<ul className="mt-1 text-sm text-gray-600 list-disc list-inside">
{document.changes.slice(0, 2).map((change, i) => (
<li key={i}>{change}</li>
))}
</ul>
</div>
)}
<div className="mt-4 pt-4 border-t border-gray-100 flex items-center justify-between text-sm">
<div className="text-gray-500">
<span>Autor: {document.author}</span>
<span className="mx-2">|</span>
<span>Aktualisiert: {document.lastUpdated.toLocaleDateString('de-DE')}</span>
</div>
<div className="flex items-center gap-2">
<button
onClick={() => onEdit(document.id)}
className="px-3 py-1 text-purple-600 hover:bg-purple-50 rounded-lg transition-colors"
>
Bearbeiten
</button>
<button
onClick={() => onPreview(document)}
className="px-3 py-1 text-gray-600 hover:bg-gray-100 rounded-lg transition-colors"
>
Vorschau
</button>
{document.status === 'draft' && (
<button
onClick={() => onEdit(document.id)}
className="px-3 py-1 bg-green-50 text-green-700 hover:bg-green-100 rounded-lg transition-colors"
>
Veroeffentlichen
</button>
)}
<button
onClick={() => onDelete(document.id)}
className="px-3 py-1 text-red-600 hover:bg-red-50 rounded-lg transition-colors"
>
Loeschen
</button>
</div>
</div>
</div>
)
}
// =============================================================================
// MAIN PAGE
// =============================================================================
import { DocumentCard } from './_components/DocumentCard'
import { useConsentDocuments } from './_hooks/useConsentDocuments'
export default function ConsentPage() {
const { state } = useSDK()
const router = useRouter()
const [documents, setDocuments] = useState<LegalDocument[]>([])
const [loading, setLoading] = useState(true)
const [error, setError] = useState<string | null>(null)
const [filter, setFilter] = useState<string>('all')
const [showCreateModal, setShowCreateModal] = useState(false)
const [newDocForm, setNewDocForm] = useState({ type: 'privacy_policy', name: '', description: '', content: '' })
const [creating, setCreating] = useState(false)
const [previewDoc, setPreviewDoc] = useState<{ name: string; content: string } | null>(null)
useEffect(() => {
loadDocuments()
}, [])
async function loadDocuments() {
setLoading(true)
setError(null)
try {
const token = localStorage.getItem('bp_admin_token')
const res = await fetch('/api/admin/consent/documents', {
headers: token ? { 'Authorization': `Bearer ${token}` } : {}
})
if (res.ok) {
const data = await res.json()
const apiDocs: ApiDocument[] = data.documents || []
setDocuments(apiDocs.map(transformApiDocument))
} else {
setError('Fehler beim Laden der Dokumente')
}
} catch {
setError('Verbindungsfehler zum Server')
} finally {
setLoading(false)
}
}
async function handleRagSuggest() {
const docType = newDocForm.type || newDocForm.name || 'Datenschutzerklärung'
try {
const res = await fetch('/api/sdk/v1/rag/search', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ query: `${docType} DSGVO Vorlage`, limit: 1 }),
})
if (res.ok) {
const data = await res.json()
const first = data.results?.[0]
if (first?.text) setNewDocForm(d => ({ ...d, content: first.text }))
}
} catch { /* silently ignore */ }
}
async function handleCreateDocument() {
if (!newDocForm.name.trim()) return
setCreating(true)
try {
const token = localStorage.getItem('bp_admin_token')
const res = await fetch('/api/admin/consent/documents', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
...(token ? { 'Authorization': `Bearer ${token}` } : {}),
},
body: JSON.stringify(newDocForm),
})
if (res.ok) {
setShowCreateModal(false)
setNewDocForm({ type: 'privacy_policy', name: '', description: '', content: '' })
await loadDocuments()
} else {
setError('Fehler beim Erstellen des Dokuments')
}
} catch {
setError('Verbindungsfehler beim Erstellen')
} finally {
setCreating(false)
}
}
async function handleDeleteDocument(id: string) {
if (!confirm('Dokument wirklich löschen?')) return
try {
const token = localStorage.getItem('bp_admin_token')
const res = await fetch(`/api/admin/consent/documents/${id}`, {
method: 'DELETE',
headers: token ? { 'Authorization': `Bearer ${token}` } : {},
})
if (res.ok || res.status === 204) {
setDocuments(prev => prev.filter(d => d.id !== id))
} else {
setError('Fehler beim Löschen des Dokuments')
}
} catch {
setError('Verbindungsfehler beim Löschen')
}
}
function handleEdit(id: string) {
router.push('/sdk/workflow')
}
async function handlePreview(doc: LegalDocument) {
try {
const token = localStorage.getItem('bp_admin_token')
const res = await fetch(`/api/admin/consent/documents/${doc.id}/versions`, {
headers: token ? { 'Authorization': `Bearer ${token}` } : {}
})
if (res.ok) {
const data = await res.json()
const versions = Array.isArray(data) ? data : (data.versions || [])
const published = versions.find((v: { status: string; content?: string }) => v.status === 'published')
const latest = published || versions[0]
setPreviewDoc({ name: doc.name, content: latest?.content || '<p>Kein Inhalt verfügbar.</p>' })
} else {
setPreviewDoc({ name: doc.name, content: '<p>Vorschau nicht verfügbar.</p>' })
}
} catch {
setPreviewDoc({ name: doc.name, content: '<p>Fehler beim Laden der Vorschau.</p>' })
}
}
const {
documents,
loading,
error,
previewDoc,
setPreviewDoc,
handleRagSuggest,
handleCreateDocument,
handleDeleteDocument,
handlePreview,
} = useConsentDocuments()
const filteredDocuments = filter === 'all'
? documents
@@ -315,6 +32,25 @@ export default function ConsentPage() {
const activeCount = documents.filter(d => d.status === 'active').length
const draftCount = documents.filter(d => d.status === 'draft').length
async function onRagSuggest() {
const text = await handleRagSuggest(newDocForm.type, newDocForm.name)
if (text) setNewDocForm(d => ({ ...d, content: text }))
}
async function onCreateDocument() {
setCreating(true)
const ok = await handleCreateDocument(newDocForm)
if (ok) {
setShowCreateModal(false)
setNewDocForm({ type: 'privacy_policy', name: '', description: '', content: '' })
}
setCreating(false)
}
function handleEdit(id: string) {
router.push('/sdk/workflow')
}
const stepInfo = STEP_EXPLANATIONS['consent']
return (
@@ -531,7 +267,7 @@ export default function ConsentPage() {
<label className="text-sm font-medium text-gray-700">Inhalt (optional)</label>
<button
type="button"
onClick={handleRagSuggest}
onClick={onRagSuggest}
className="text-xs text-blue-600 hover:underline"
>
Aus RAG-Vorlagen laden
@@ -554,7 +290,7 @@ export default function ConsentPage() {
Abbrechen
</button>
<button
onClick={handleCreateDocument}
onClick={onCreateDocument}
disabled={creating || !newDocForm.name.trim()}
className="px-4 py-2 bg-purple-600 text-white rounded-lg hover:bg-purple-700 disabled:opacity-50"
>

119
admin-compliance/app/sdk/modules/_components/ModuleCard.tsx Normal file
View File

@@ -0,0 +1,119 @@
'use client'
import React from 'react'
import type { DisplayModule } from '../_hooks/useModules'
export function ModuleCard({
module,
isActive,
onActivate,
onDeactivate,
onConfigure,
}: {
module: DisplayModule
isActive: boolean
onActivate: () => void
onDeactivate: () => void
onConfigure: () => void
}) {
const categoryColors = {
gdpr: 'bg-blue-100 text-blue-700',
'ai-act': 'bg-purple-100 text-purple-700',
iso27001: 'bg-green-100 text-green-700',
nis2: 'bg-orange-100 text-orange-700',
custom: 'bg-gray-100 text-gray-700',
}
const statusColors = {
active: 'bg-green-100 text-green-700',
inactive: 'bg-gray-100 text-gray-500',
pending: 'bg-yellow-100 text-yellow-700',
}
return (
<div className={`bg-white rounded-xl border-2 p-6 transition-all ${
isActive ? 'border-purple-400 shadow-lg' : 'border-gray-200 hover:border-purple-300'
}`}>
<div className="flex items-start justify-between">
<div className="flex-1">
<div className="flex items-center gap-2 mb-2">
<span className={`px-2 py-1 text-xs rounded-full ${categoryColors[module.category]}`}>
{module.category.toUpperCase()}
</span>
<span className={`px-2 py-1 text-xs rounded-full ${statusColors[module.status]}`}>
{module.status === 'active' ? 'Aktiv' : module.status === 'pending' ? 'Ausstehend' : 'Inaktiv'}
</span>
{module.hasAIComponents && (
<span className="px-2 py-1 text-xs rounded-full bg-indigo-100 text-indigo-700">
KI
</span>
)}
</div>
<h3 className="text-lg font-semibold text-gray-900">{module.name}</h3>
<p className="text-sm text-gray-500 mt-1">{module.description}</p>
{module.regulations.length > 0 && (
<div className="mt-2 flex flex-wrap gap-1">
{module.regulations.map(reg => (
<span key={reg} className="px-2 py-0.5 text-xs bg-gray-100 text-gray-600 rounded">
{reg}
</span>
))}
</div>
)}
</div>
</div>
<div className="mt-4 grid grid-cols-2 gap-4 text-sm">
<div>
<span className="text-gray-500">Anforderungen:</span>
<span className="ml-2 font-medium">{module.requirementsCount}</span>
</div>
<div>
<span className="text-gray-500">Kontrollen:</span>
<span className="ml-2 font-medium">{module.controlsCount}</span>
</div>
</div>
<div className="mt-4">
<div className="flex items-center justify-between text-sm mb-1">
<span className="text-gray-500">Fortschritt</span>
<span className="font-medium text-purple-600">{module.completionPercent}%</span>
</div>
<div className="h-2 bg-gray-100 rounded-full overflow-hidden">
<div
className={`h-full rounded-full transition-all ${
module.completionPercent === 100 ? 'bg-green-500' : 'bg-purple-600'
}`}
style={{ width: `${module.completionPercent}%` }}
/>
</div>
</div>
<div className="mt-4 flex items-center gap-2">
{isActive ? (
<>
<button
onClick={onConfigure}
className="flex-1 px-4 py-2 text-sm bg-purple-50 text-purple-700 rounded-lg hover:bg-purple-100 transition-colors"
>
Konfigurieren
</button>
<button
onClick={onDeactivate}
className="px-4 py-2 text-sm text-red-600 hover:bg-red-50 rounded-lg transition-colors"
>
Deaktivieren
</button>
</>
) : (
<button
onClick={onActivate}
className="flex-1 px-4 py-2 text-sm bg-purple-600 text-white rounded-lg hover:bg-purple-700 transition-colors"
>
Modul aktivieren
</button>
)}
</div>
</div>
)
}

283
admin-compliance/app/sdk/modules/_hooks/useModules.ts Normal file
View File

@@ -0,0 +1,283 @@
'use client'
import { useState, useEffect } from 'react'
import { useSDK, ServiceModule } from '@/lib/sdk'
// =============================================================================
// TYPES
// =============================================================================
export type ModuleCategory = 'gdpr' | 'ai-act' | 'iso27001' | 'nis2' | 'custom'
export type ModuleStatus = 'active' | 'inactive' | 'pending'
export interface DisplayModule extends ServiceModule {
category: ModuleCategory
status: ModuleStatus
requirementsCount: number
controlsCount: number
completionPercent: number
}
interface BackendModule {
id: string
name: string
display_name: string
description: string
service_type: string | null
processes_pii: boolean
ai_components: boolean
criticality: string
is_active: boolean
compliance_score: number | null
regulation_count: number
risk_count: number
}
// =============================================================================
// FALLBACK MODULES
// =============================================================================
const fallbackModules: Omit<DisplayModule, 'status' | 'completionPercent'>[] = [
{
id: 'mod-gdpr',
name: 'DSGVO Compliance',
description: 'Datenschutz-Grundverordnung - Vollstaendige Umsetzung aller Anforderungen',
category: 'gdpr',
regulations: ['DSGVO', 'BDSG'],
criticality: 'HIGH',
processesPersonalData: true,
hasAIComponents: false,
requirementsCount: 45,
controlsCount: 32,
},
{
id: 'mod-ai-act',
name: 'AI Act Compliance',
description: 'EU AI Act - Klassifizierung und Anforderungen fuer KI-Systeme',
category: 'ai-act',
regulations: ['EU AI Act'],
criticality: 'HIGH',
processesPersonalData: false,
hasAIComponents: true,
requirementsCount: 28,
controlsCount: 18,
},
{
id: 'mod-iso27001',
name: 'ISO 27001',
description: 'Informationssicherheits-Managementsystem nach ISO/IEC 27001',
category: 'iso27001',
regulations: ['ISO 27001', 'ISO 27002'],
criticality: 'MEDIUM',
processesPersonalData: false,
hasAIComponents: false,
requirementsCount: 114,
controlsCount: 93,
},
{
id: 'mod-nis2',
name: 'NIS2 Richtlinie',
description: 'Netz- und Informationssicherheit fuer kritische Infrastrukturen',
category: 'nis2',
regulations: ['NIS2'],
criticality: 'HIGH',
processesPersonalData: false,
hasAIComponents: false,
requirementsCount: 36,
controlsCount: 24,
},
]
// =============================================================================
// HELPERS
// =============================================================================
function categorizeModule(name: string): ModuleCategory {
const lower = name.toLowerCase()
if (lower.includes('dsgvo') || lower.includes('gdpr') || lower.includes('datenschutz')) return 'gdpr'
if (lower.includes('ai act') || lower.includes('ki-verordnung')) return 'ai-act'
if (lower.includes('iso 27001') || lower.includes('iso27001') || lower.includes('isms')) return 'iso27001'
if (lower.includes('nis2') || lower.includes('netz- und informations')) return 'nis2'
return 'custom'
}
function mapBackendToDisplay(m: BackendModule): Omit<DisplayModule, 'status' | 'completionPercent'> {
return {
id: m.id,
name: m.display_name || m.name,
description: m.description || '',
category: categorizeModule(m.display_name || m.name),
regulations: [],
criticality: (m.criticality || 'MEDIUM').toUpperCase(),
processesPersonalData: m.processes_pii,
hasAIComponents: m.ai_components,
requirementsCount: m.regulation_count || 0,
controlsCount: m.risk_count || 0,
}
}
// =============================================================================
// HOOK
// =============================================================================
export function useModules() {
const { state, dispatch } = useSDK()
const [availableModules, setAvailableModules] = useState<Omit<DisplayModule, 'status' | 'completionPercent'>[]>(fallbackModules)
const [isLoadingModules, setIsLoadingModules] = useState(true)
const [backendError, setBackendError] = useState<string | null>(null)
const [actionError, setActionError] = useState<string | null>(null)
useEffect(() => {
async function loadModules() {
try {
const response = await fetch('/api/sdk/v1/modules')
if (response.ok) {
const data = await response.json()
if (data.modules && data.modules.length > 0) {
const mapped = data.modules.map(mapBackendToDisplay)
setAvailableModules(mapped)
setBackendError(null)
}
} else {
setBackendError('Backend nicht erreichbar — zeige Standard-Module')
}
} catch {
setBackendError('Backend nicht erreichbar — zeige Standard-Module')
} finally {
setIsLoadingModules(false)
}
}
loadModules()
}, [])
const displayModules: DisplayModule[] = availableModules.map(template => {
const activeModule = state.modules.find(m => m.id === template.id)
const isActive = !!activeModule
const linkedRequirements = state.requirements.filter(r =>
r.applicableModules.includes(template.id)
)
const completedRequirements = linkedRequirements.filter(
r => r.status === 'IMPLEMENTED' || r.status === 'VERIFIED'
)
const completionPercent = linkedRequirements.length > 0
? Math.round((completedRequirements.length / linkedRequirements.length) * 100)
: 0
return {
...template,
status: isActive ? 'active' as ModuleStatus : 'inactive' as ModuleStatus,
completionPercent,
}
})
const activeModulesCount = state.modules.length
const totalRequirements = displayModules
.filter(m => state.modules.some(sm => sm.id === m.id))
.reduce((sum, m) => sum + m.requirementsCount, 0)
const totalControls = displayModules
.filter(m => state.modules.some(sm => sm.id === m.id))
.reduce((sum, m) => sum + m.controlsCount, 0)
async function handleActivateModule(module: DisplayModule) {
const serviceModule: ServiceModule = {
id: module.id,
name: module.name,
description: module.description,
regulations: module.regulations,
criticality: module.criticality,
processesPersonalData: module.processesPersonalData,
hasAIComponents: module.hasAIComponents,
}
dispatch({ type: 'ADD_MODULE', payload: serviceModule })
setActionError(null)
try {
const res = await fetch(`/api/sdk/v1/modules/${encodeURIComponent(module.id)}/activate`, {
method: 'POST',
})
if (!res.ok) throw new Error('Aktivierung fehlgeschlagen')
} catch {
const rollbackModules = state.modules.filter(m => m.id !== module.id)
dispatch({ type: 'SET_STATE', payload: { modules: rollbackModules } })
setActionError(`Modul "${module.name}" konnte nicht aktiviert werden.`)
setTimeout(() => setActionError(null), 5000)
}
}
async function handleDeactivateModule(moduleId: string) {
const previousModules = [...state.modules]
const updatedModules = state.modules.filter(m => m.id !== moduleId)
dispatch({ type: 'SET_STATE', payload: { modules: updatedModules } })
setActionError(null)
try {
const res = await fetch(`/api/sdk/v1/modules/${encodeURIComponent(moduleId)}/deactivate`, {
method: 'POST',
})
if (!res.ok) throw new Error('Deaktivierung fehlgeschlagen')
} catch {
dispatch({ type: 'SET_STATE', payload: { modules: previousModules } })
setActionError('Modul konnte nicht deaktiviert werden.')
setTimeout(() => setActionError(null), 5000)
}
}
async function handleCreateModule(
newModuleName: string,
newModuleCategory: ModuleCategory,
newModuleDescription: string,
): Promise<boolean> {
if (!newModuleName.trim()) return false
try {
const res = await fetch('/api/sdk/v1/modules', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
name: newModuleName,
category: newModuleCategory,
description: newModuleDescription,
}),
})
if (res.ok) {
const data = await res.json()
const newMod: Omit<DisplayModule, 'status' | 'completionPercent'> = {
id: data.id || `custom-${Date.now()}`,
name: newModuleName,
description: newModuleDescription,
category: newModuleCategory,
regulations: [],
criticality: 'MEDIUM',
processesPersonalData: false,
hasAIComponents: false,
requirementsCount: 0,
controlsCount: 0,
}
setAvailableModules(prev => [...prev, newMod])
return true
}
return false
} catch {
setActionError('Modul konnte nicht erstellt werden.')
setTimeout(() => setActionError(null), 5000)
return false
}
}
return {
state,
availableModules,
displayModules,
isLoadingModules,
backendError,
actionError,
activeModulesCount,
totalRequirements,
totalControls,
handleActivateModule,
handleDeactivateModule,
handleCreateModule,
}
}

400
admin-compliance/app/sdk/modules/page.tsx
View File

@@ -1,402 +1,46 @@
'use client'
import React, { useState, useEffect } from 'react'
import React, { useState } from 'react'
import { useRouter } from 'next/navigation'
import { useSDK, ServiceModule } from '@/lib/sdk'
import { StepHeader, STEP_EXPLANATIONS } from '@/components/sdk/StepHeader'
// =============================================================================
// TYPES
// =============================================================================
type ModuleCategory = 'gdpr' | 'ai-act' | 'iso27001' | 'nis2' | 'custom'
type ModuleStatus = 'active' | 'inactive' | 'pending'
interface DisplayModule extends ServiceModule {
category: ModuleCategory
status: ModuleStatus
requirementsCount: number
controlsCount: number
completionPercent: number
}
interface BackendModule {
id: string
name: string
display_name: string
description: string
service_type: string | null
processes_pii: boolean
ai_components: boolean
criticality: string
is_active: boolean
compliance_score: number | null
regulation_count: number
risk_count: number
}
// =============================================================================
// FALLBACK MODULES (used when backend is unavailable)
// =============================================================================
const fallbackModules: Omit<DisplayModule, 'status' | 'completionPercent'>[] = [
{
id: 'mod-gdpr',
name: 'DSGVO Compliance',
description: 'Datenschutz-Grundverordnung - Vollstaendige Umsetzung aller Anforderungen',
category: 'gdpr',
regulations: ['DSGVO', 'BDSG'],
criticality: 'HIGH',
processesPersonalData: true,
hasAIComponents: false,
requirementsCount: 45,
controlsCount: 32,
},
{
id: 'mod-ai-act',
name: 'AI Act Compliance',
description: 'EU AI Act - Klassifizierung und Anforderungen fuer KI-Systeme',
category: 'ai-act',
regulations: ['EU AI Act'],
criticality: 'HIGH',
processesPersonalData: false,
hasAIComponents: true,
requirementsCount: 28,
controlsCount: 18,
},
{
id: 'mod-iso27001',
name: 'ISO 27001',
description: 'Informationssicherheits-Managementsystem nach ISO/IEC 27001',
category: 'iso27001',
regulations: ['ISO 27001', 'ISO 27002'],
criticality: 'MEDIUM',
processesPersonalData: false,
hasAIComponents: false,
requirementsCount: 114,
controlsCount: 93,
},
{
id: 'mod-nis2',
name: 'NIS2 Richtlinie',
description: 'Netz- und Informationssicherheit fuer kritische Infrastrukturen',
category: 'nis2',
regulations: ['NIS2'],
criticality: 'HIGH',
processesPersonalData: false,
hasAIComponents: false,
requirementsCount: 36,
controlsCount: 24,
},
]
// =============================================================================
// HELPERS
// =============================================================================
function categorizeModule(name: string): ModuleCategory {
const lower = name.toLowerCase()
if (lower.includes('dsgvo') || lower.includes('gdpr') || lower.includes('datenschutz')) return 'gdpr'
if (lower.includes('ai act') || lower.includes('ki-verordnung')) return 'ai-act'
if (lower.includes('iso 27001') || lower.includes('iso27001') || lower.includes('isms')) return 'iso27001'
if (lower.includes('nis2') || lower.includes('netz- und informations')) return 'nis2'
return 'custom'
}
function mapBackendToDisplay(m: BackendModule): Omit<DisplayModule, 'status' | 'completionPercent'> {
return {
id: m.id,
name: m.display_name || m.name,
description: m.description || '',
category: categorizeModule(m.display_name || m.name),
regulations: [],
criticality: (m.criticality || 'MEDIUM').toUpperCase(),
processesPersonalData: m.processes_pii,
hasAIComponents: m.ai_components,
requirementsCount: m.regulation_count || 0,
controlsCount: m.risk_count || 0,
}
}
// =============================================================================
// COMPONENTS
// =============================================================================
function ModuleCard({
module,
isActive,
onActivate,
onDeactivate,
onConfigure,
}: {
module: DisplayModule
isActive: boolean
onActivate: () => void
onDeactivate: () => void
onConfigure: () => void
}) {
const categoryColors = {
gdpr: 'bg-blue-100 text-blue-700',
'ai-act': 'bg-purple-100 text-purple-700',
iso27001: 'bg-green-100 text-green-700',
nis2: 'bg-orange-100 text-orange-700',
custom: 'bg-gray-100 text-gray-700',
}
const statusColors = {
active: 'bg-green-100 text-green-700',
inactive: 'bg-gray-100 text-gray-500',
pending: 'bg-yellow-100 text-yellow-700',
}
return (
<div className={`bg-white rounded-xl border-2 p-6 transition-all ${
isActive ? 'border-purple-400 shadow-lg' : 'border-gray-200 hover:border-purple-300'
}`}>
<div className="flex items-start justify-between">
<div className="flex-1">
<div className="flex items-center gap-2 mb-2">
<span className={`px-2 py-1 text-xs rounded-full ${categoryColors[module.category]}`}>
{module.category.toUpperCase()}
</span>
<span className={`px-2 py-1 text-xs rounded-full ${statusColors[module.status]}`}>
{module.status === 'active' ? 'Aktiv' : module.status === 'pending' ? 'Ausstehend' : 'Inaktiv'}
</span>
{module.hasAIComponents && (
<span className="px-2 py-1 text-xs rounded-full bg-indigo-100 text-indigo-700">
KI
</span>
)}
</div>
<h3 className="text-lg font-semibold text-gray-900">{module.name}</h3>
<p className="text-sm text-gray-500 mt-1">{module.description}</p>
{module.regulations.length > 0 && (
<div className="mt-2 flex flex-wrap gap-1">
{module.regulations.map(reg => (
<span key={reg} className="px-2 py-0.5 text-xs bg-gray-100 text-gray-600 rounded">
{reg}
</span>
))}
</div>
)}
</div>
</div>
<div className="mt-4 grid grid-cols-2 gap-4 text-sm">
<div>
<span className="text-gray-500">Anforderungen:</span>
<span className="ml-2 font-medium">{module.requirementsCount}</span>
</div>
<div>
<span className="text-gray-500">Kontrollen:</span>
<span className="ml-2 font-medium">{module.controlsCount}</span>
</div>
</div>
<div className="mt-4">
<div className="flex items-center justify-between text-sm mb-1">
<span className="text-gray-500">Fortschritt</span>
<span className="font-medium text-purple-600">{module.completionPercent}%</span>
</div>
<div className="h-2 bg-gray-100 rounded-full overflow-hidden">
<div
className={`h-full rounded-full transition-all ${
module.completionPercent === 100 ? 'bg-green-500' : 'bg-purple-600'
}`}
style={{ width: `${module.completionPercent}%` }}
/>
</div>
</div>
<div className="mt-4 flex items-center gap-2">
{isActive ? (
<>
<button
onClick={onConfigure}
className="flex-1 px-4 py-2 text-sm bg-purple-50 text-purple-700 rounded-lg hover:bg-purple-100 transition-colors"
>
Konfigurieren
</button>
<button
onClick={onDeactivate}
className="px-4 py-2 text-sm text-red-600 hover:bg-red-50 rounded-lg transition-colors"
>
Deaktivieren
</button>
</>
) : (
<button
onClick={onActivate}
className="flex-1 px-4 py-2 text-sm bg-purple-600 text-white rounded-lg hover:bg-purple-700 transition-colors"
>
Modul aktivieren
</button>
)}
</div>
</div>
)
}
// =============================================================================
// MAIN PAGE
// =============================================================================
import { ModuleCard } from './_components/ModuleCard'
import { useModules } from './_hooks/useModules'
import type { ModuleCategory } from './_hooks/useModules'
export default function ModulesPage() {
const { state, dispatch } = useSDK()
const router = useRouter()
const [filter, setFilter] = useState<string>('all')
const [availableModules, setAvailableModules] = useState<Omit<DisplayModule, 'status' | 'completionPercent'>[]>(fallbackModules)
const [isLoadingModules, setIsLoadingModules] = useState(true)
const [backendError, setBackendError] = useState<string | null>(null)
const [showCreateModal, setShowCreateModal] = useState(false)
const [newModuleName, setNewModuleName] = useState('')
const [newModuleCategory, setNewModuleCategory] = useState<ModuleCategory>('custom')
const [newModuleDescription, setNewModuleDescription] = useState('')
const [actionError, setActionError] = useState<string | null>(null)
// Load modules from backend
useEffect(() => {
async function loadModules() {
try {
const response = await fetch('/api/sdk/v1/modules')
if (response.ok) {
const data = await response.json()
if (data.modules && data.modules.length > 0) {
const mapped = data.modules.map(mapBackendToDisplay)
setAvailableModules(mapped)
setBackendError(null)
}
} else {
setBackendError('Backend nicht erreichbar — zeige Standard-Module')
}
} catch {
setBackendError('Backend nicht erreichbar — zeige Standard-Module')
} finally {
setIsLoadingModules(false)
}
}
loadModules()
}, [])
// Convert SDK modules to display modules with additional UI properties
const displayModules: DisplayModule[] = availableModules.map(template => {
const activeModule = state.modules.find(m => m.id === template.id)
const isActive = !!activeModule
// Calculate completion based on linked requirements and controls
const linkedRequirements = state.requirements.filter(r =>
r.applicableModules.includes(template.id)
)
const completedRequirements = linkedRequirements.filter(
r => r.status === 'IMPLEMENTED' || r.status === 'VERIFIED'
)
const completionPercent = linkedRequirements.length > 0
? Math.round((completedRequirements.length / linkedRequirements.length) * 100)
: 0
return {
...template,
status: isActive ? 'active' as ModuleStatus : 'inactive' as ModuleStatus,
completionPercent,
}
})
const {
state,
availableModules,
displayModules,
isLoadingModules,
backendError,
actionError,
activeModulesCount,
totalRequirements,
totalControls,
handleActivateModule,
handleDeactivateModule,
handleCreateModule,
} = useModules()
const filteredModules = filter === 'all'
? displayModules
: displayModules.filter(m => m.category === filter || m.status === filter)
const activeModulesCount = state.modules.length
const totalRequirements = displayModules
.filter(m => state.modules.some(sm => sm.id === m.id))
.reduce((sum, m) => sum + m.requirementsCount, 0)
const totalControls = displayModules
.filter(m => state.modules.some(sm => sm.id === m.id))
.reduce((sum, m) => sum + m.controlsCount, 0)
const handleActivateModule = async (module: DisplayModule) => {
const serviceModule: ServiceModule = {
id: module.id,
name: module.name,
description: module.description,
regulations: module.regulations,
criticality: module.criticality,
processesPersonalData: module.processesPersonalData,
hasAIComponents: module.hasAIComponents,
}
dispatch({ type: 'ADD_MODULE', payload: serviceModule })
setActionError(null)
try {
const res = await fetch(`/api/sdk/v1/modules/${encodeURIComponent(module.id)}/activate`, {
method: 'POST',
})
if (!res.ok) throw new Error('Aktivierung fehlgeschlagen')
} catch {
// Rollback optimistic update
const rollbackModules = state.modules.filter(m => m.id !== module.id)
dispatch({ type: 'SET_STATE', payload: { modules: rollbackModules } })
setActionError(`Modul "${module.name}" konnte nicht aktiviert werden.`)
setTimeout(() => setActionError(null), 5000)
}
}
const handleDeactivateModule = async (moduleId: string) => {
const previousModules = [...state.modules]
const updatedModules = state.modules.filter(m => m.id !== moduleId)
dispatch({ type: 'SET_STATE', payload: { modules: updatedModules } })
setActionError(null)
try {
const res = await fetch(`/api/sdk/v1/modules/${encodeURIComponent(moduleId)}/deactivate`, {
method: 'POST',
})
if (!res.ok) throw new Error('Deaktivierung fehlgeschlagen')
} catch {
// Rollback optimistic update
dispatch({ type: 'SET_STATE', payload: { modules: previousModules } })
setActionError('Modul konnte nicht deaktiviert werden.')
setTimeout(() => setActionError(null), 5000)
}
}
const handleCreateModule = async () => {
if (!newModuleName.trim()) return
try {
const res = await fetch('/api/sdk/v1/modules', {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
name: newModuleName,
category: newModuleCategory,
description: newModuleDescription,
}),
})
if (res.ok) {
const data = await res.json()
const newMod: Omit<DisplayModule, 'status' | 'completionPercent'> = {
id: data.id || `custom-${Date.now()}`,
name: newModuleName,
description: newModuleDescription,
category: newModuleCategory,
regulations: [],
criticality: 'MEDIUM',
processesPersonalData: false,
hasAIComponents: false,
requirementsCount: 0,
controlsCount: 0,
}
setAvailableModules(prev => [...prev, newMod])
}
async function onCreateModule() {
const ok = await handleCreateModule(newModuleName, newModuleCategory, newModuleDescription)
if (ok) {
setShowCreateModal(false)
setNewModuleName('')
setNewModuleCategory('custom')
setNewModuleDescription('')
} catch {
setActionError('Modul konnte nicht erstellt werden.')
setTimeout(() => setActionError(null), 5000)
}
}
@@ -484,7 +128,7 @@ export default function ModulesPage() {
Abbrechen
</button>
<button
onClick={handleCreateModule}
onClick={onCreateModule}
disabled={!newModuleName.trim()}
className="px-4 py-2 text-sm bg-purple-600 text-white rounded-lg hover:bg-purple-700 disabled:opacity-50"
>

106
admin-compliance/app/sdk/security-backlog/_components/ItemModal.tsx Normal file
View File

@@ -0,0 +1,106 @@
'use client'
import React, { useState } from 'react'
import type { NewItem } from '../_hooks/useSecurityBacklog'
export function ItemModal({
item,
onClose,
onSave,
}: {
item: NewItem
onClose: () => void
onSave: (data: NewItem) => void
}) {
const [form, setForm] = useState<NewItem>(item)
return (
<div className="fixed inset-0 bg-black/50 flex items-center justify-center z-50 p-4">
<div className="bg-white rounded-xl shadow-xl max-w-2xl w-full max-h-[90vh] overflow-y-auto">
<div className="px-6 py-4 border-b border-gray-200 flex items-center justify-between">
<h3 className="font-semibold text-gray-900">Sicherheitsbefund erfassen</h3>
<button onClick={onClose} className="text-gray-400 hover:text-gray-600">
<svg className="w-5 h-5" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path strokeLinecap="round" strokeLinejoin="round" strokeWidth={2} d="M6 18L18 6M6 6l12 12" />
</svg>
</button>
</div>
<div className="p-6 space-y-4">
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">Titel *</label>
<input
type="text"
value={form.title}
onChange={e => setForm(p => ({ ...p, title: e.target.value }))}
placeholder="Kurzbeschreibung des Befunds"
className="w-full border rounded px-3 py-2 text-sm"
/>
</div>
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">Beschreibung</label>
<textarea
value={form.description}
onChange={e => setForm(p => ({ ...p, description: e.target.value }))}
rows={3}
className="w-full border rounded px-3 py-2 text-sm"
/>
</div>
<div className="grid grid-cols-2 gap-4">
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">Typ</label>
<select value={form.type} onChange={e => setForm(p => ({ ...p, type: e.target.value }))} className="w-full border rounded px-3 py-2 text-sm">
<option value="vulnerability">Schwachstelle</option>
<option value="misconfiguration">Fehlkonfiguration</option>
<option value="compliance">Compliance</option>
<option value="hardening">Haertung</option>
</select>
</div>
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">Schweregrad</label>
<select value={form.severity} onChange={e => setForm(p => ({ ...p, severity: e.target.value }))} className="w-full border rounded px-3 py-2 text-sm">
<option value="critical">Kritisch</option>
<option value="high">Hoch</option>
<option value="medium">Mittel</option>
<option value="low">Niedrig</option>
</select>
</div>
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">Quelle</label>
<input type="text" value={form.source} onChange={e => setForm(p => ({ ...p, source: e.target.value }))} placeholder="z.B. Penetrationstest" className="w-full border rounded px-3 py-2 text-sm" />
</div>
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">Betroffenes Asset</label>
<input type="text" value={form.affected_asset} onChange={e => setForm(p => ({ ...p, affected_asset: e.target.value }))} placeholder="z.B. auth-service" className="w-full border rounded px-3 py-2 text-sm" />
</div>
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">CVE</label>
<input type="text" value={form.cve} onChange={e => setForm(p => ({ ...p, cve: e.target.value }))} placeholder="CVE-2024-XXXXX" className="w-full border rounded px-3 py-2 text-sm" />
</div>
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">CVSS Score</label>
<input type="number" step="0.1" min="0" max="10" value={form.cvss} onChange={e => setForm(p => ({ ...p, cvss: e.target.value }))} placeholder="0.0 - 10.0" className="w-full border rounded px-3 py-2 text-sm" />
</div>
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">Zugewiesen an</label>
<input type="text" value={form.assigned_to} onChange={e => setForm(p => ({ ...p, assigned_to: e.target.value }))} placeholder="Team oder Person" className="w-full border rounded px-3 py-2 text-sm" />
</div>
</div>
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">Massnahme</label>
<textarea value={form.remediation} onChange={e => setForm(p => ({ ...p, remediation: e.target.value }))} rows={2} placeholder="Empfohlene Abhilfemassnahme..." className="w-full border rounded px-3 py-2 text-sm" />
</div>
</div>
<div className="px-6 py-4 border-t border-gray-200 flex justify-end gap-3">
<button onClick={onClose} className="px-4 py-2 text-sm text-gray-600 hover:bg-gray-100 rounded-lg">Abbrechen</button>
<button
onClick={() => onSave(form)}
disabled={!form.title}
className="px-4 py-2 text-sm text-white bg-purple-600 hover:bg-purple-700 rounded-lg font-medium disabled:opacity-50"
>
Speichern
</button>
</div>
</div>
</div>
)
}

166
admin-compliance/app/sdk/security-backlog/_components/SecurityItemCard.tsx Normal file
View File

@@ -0,0 +1,166 @@
'use client'
import React from 'react'
import type { SecurityItem } from '../_hooks/useSecurityBacklog'
export function SecurityItemCard({
item,
onEdit,
onDelete,
onStatusChange,
}: {
item: SecurityItem
onEdit: (item: SecurityItem) => void
onDelete: (id: string) => void
onStatusChange: (id: string, status: string) => void
}) {
const typeLabels = {
vulnerability: 'Schwachstelle',
misconfiguration: 'Fehlkonfiguration',
compliance: 'Compliance',
hardening: 'Haertung',
}
const typeColors = {
vulnerability: 'bg-red-100 text-red-700',
misconfiguration: 'bg-orange-100 text-orange-700',
compliance: 'bg-purple-100 text-purple-700',
hardening: 'bg-blue-100 text-blue-700',
}
const severityColors = {
critical: 'bg-red-500 text-white',
high: 'bg-orange-500 text-white',
medium: 'bg-yellow-500 text-white',
low: 'bg-green-500 text-white',
}
const statusColors = {
open: 'bg-blue-100 text-blue-700',
'in-progress': 'bg-yellow-100 text-yellow-700',
resolved: 'bg-green-100 text-green-700',
'accepted-risk': 'bg-gray-100 text-gray-600',
}
const statusLabels = {
open: 'Offen',
'in-progress': 'In Bearbeitung',
resolved: 'Behoben',
'accepted-risk': 'Akzeptiert',
}
const isOverdue = item.due_date && new Date(item.due_date) < new Date() && item.status !== 'resolved'
return (
<div className={`bg-white rounded-xl border-2 p-6 ${
item.severity === 'critical' && item.status !== 'resolved' ? 'border-red-300' :
isOverdue ? 'border-orange-300' :
item.status === 'resolved' ? 'border-green-200' : 'border-gray-200'
}`}>
<div className="flex items-start justify-between">
<div className="flex-1">
<div className="flex items-center gap-2 mb-2">
<span className={`px-2 py-1 text-xs rounded-full ${severityColors[item.severity]}`}>
{item.severity.toUpperCase()}
</span>
<span className={`px-2 py-1 text-xs rounded-full ${typeColors[item.type]}`}>
{typeLabels[item.type]}
</span>
<span className={`px-2 py-1 text-xs rounded-full ${statusColors[item.status]}`}>
{statusLabels[item.status]}
</span>
</div>
<h3 className="text-lg font-semibold text-gray-900">{item.title}</h3>
{item.description && <p className="text-sm text-gray-500 mt-1">{item.description}</p>}
</div>
</div>
<div className="mt-4 grid grid-cols-2 gap-4 text-sm">
{item.affected_asset && (
<div>
<span className="text-gray-500">Betroffenes Asset: </span>
<span className="font-medium text-gray-700">{item.affected_asset}</span>
</div>
)}
{item.source && (
<div>
<span className="text-gray-500">Quelle: </span>
<span className="font-medium text-gray-700">{item.source}</span>
</div>
)}
{item.cve && (
<div>
<span className="text-gray-500">CVE: </span>
<span className="font-mono text-gray-700">{item.cve}</span>
</div>
)}
{item.cvss !== null && (
<div>
<span className="text-gray-500">CVSS: </span>
<span className={`font-bold ${
item.cvss >= 9 ? 'text-red-600' :
item.cvss >= 7 ? 'text-orange-600' :
item.cvss >= 4 ? 'text-yellow-600' : 'text-green-600'
}`}>{item.cvss}</span>
</div>
)}
{item.assigned_to && (
<div>
<span className="text-gray-500">Zugewiesen: </span>
<span className="font-medium text-gray-700">{item.assigned_to}</span>
</div>
)}
{item.due_date && (
<div className={isOverdue ? 'text-red-600' : ''}>
<span className="text-gray-500">Frist: </span>
<span className="font-medium">
{new Date(item.due_date).toLocaleDateString('de-DE')}
{isOverdue && ' (ueberfaellig)'}
</span>
</div>
)}
</div>
{item.remediation && (
<div className="mt-4 p-3 bg-gray-50 rounded-lg">
<span className="text-sm text-gray-500">Empfohlene Massnahme: </span>
<span className="text-sm text-gray-700">{item.remediation}</span>
</div>
)}
<div className="mt-4 pt-4 border-t border-gray-100 flex items-center justify-between">
<span className="text-xs text-gray-500">
Erstellt: {new Date(item.created_at).toLocaleDateString('de-DE')}
</span>
<div className="flex items-center gap-2">
{item.status !== 'resolved' && (
<>
<button
onClick={() => onEdit(item)}
className="px-3 py-1 text-sm text-purple-600 hover:bg-purple-50 rounded-lg transition-colors"
>
Bearbeiten
</button>
<button
onClick={() => onStatusChange(item.id, 'resolved')}
className="px-3 py-1 text-sm bg-green-50 text-green-700 hover:bg-green-100 rounded-lg transition-colors"
>
Als behoben markieren
</button>
</>
)}
<button
onClick={() => {
if (window.confirm(`"${item.title}" loeschen?`)) onDelete(item.id)
}}
className="px-2 py-1 text-sm text-red-400 hover:text-red-600 hover:bg-red-50 rounded-lg transition-colors"
>
<svg className="w-4 h-4" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path strokeLinecap="round" strokeLinejoin="round" strokeWidth={2} d="M19 7l-.867 12.142A2 2 0 0116.138 21H7.862a2 2 0 01-1.995-1.858L5 7m5 4v6m4-6v6m1-10V4a1 1 0 00-1-1h-4a1 1 0 00-1 1v3M4 7h16" />
</svg>
</button>
</div>
</div>
</div>
)
}

179
admin-compliance/app/sdk/security-backlog/_hooks/useSecurityBacklog.ts Normal file
View File

@@ -0,0 +1,179 @@
'use client'
import { useState, useEffect } from 'react'
// =============================================================================
// TYPES
// =============================================================================
export interface SecurityItem {
id: string
title: string
description: string | null
type: 'vulnerability' | 'misconfiguration' | 'compliance' | 'hardening'
severity: 'critical' | 'high' | 'medium' | 'low'
status: 'open' | 'in-progress' | 'resolved' | 'accepted-risk'
source: string | null
cve: string | null
cvss: number | null
affected_asset: string | null
assigned_to: string | null
created_at: string
due_date: string | null
remediation: string | null
}
export interface Stats {
open: number
in_progress: number
critical: number
high: number
overdue: number
total: number
}
export interface NewItem {
title: string
description: string
type: string
severity: string
source: string
cve: string
cvss: string
affected_asset: string
assigned_to: string
remediation: string
}
export const EMPTY_NEW_ITEM: NewItem = {
title: '',
description: '',
type: 'vulnerability',
severity: 'medium',
source: '',
cve: '',
cvss: '',
affected_asset: '',
assigned_to: '',
remediation: '',
}
// =============================================================================
// HOOK
// =============================================================================
const API = '/api/sdk/v1/compliance/security-backlog'
export function useSecurityBacklog() {
const [items, setItems] = useState<SecurityItem[]>([])
const [stats, setStats] = useState<Stats>({ open: 0, in_progress: 0, critical: 0, high: 0, overdue: 0, total: 0 })
const [loading, setLoading] = useState(true)
useEffect(() => {
loadData()
}, [])
async function loadData() {
setLoading(true)
try {
const [itemsRes, statsRes] = await Promise.all([
fetch(`${API}?limit=200`),
fetch(`${API}/stats`),
])
if (itemsRes.ok) {
const data = await itemsRes.json()
setItems(Array.isArray(data.items) ? data.items : [])
}
if (statsRes.ok) {
const data = await statsRes.json()
setStats(data)
}
} catch (err) {
console.error('Failed to load security backlog:', err)
} finally {
setLoading(false)
}
}
async function handleCreate(form: NewItem) {
try {
const res = await fetch(API, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
...form,
cvss: form.cvss ? parseFloat(form.cvss) : null,
}),
})
if (res.ok) {
const created = await res.json()
setItems(prev => [created, ...prev])
setStats(prev => ({ ...prev, open: prev.open + 1, total: prev.total + 1 }))
return true
}
} catch (err) {
console.error('Failed to create item:', err)
}
return false
}
async function handleUpdate(editItemId: string, form: NewItem) {
try {
const res = await fetch(`${API}/${editItemId}`, {
method: 'PUT',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
...form,
cvss: form.cvss ? parseFloat(form.cvss) : null,
}),
})
if (res.ok) {
const updated = await res.json()
setItems(prev => prev.map(i => i.id === updated.id ? updated : i))
return true
}
} catch (err) {
console.error('Failed to update item:', err)
}
return false
}
async function handleDelete(id: string) {
try {
const res = await fetch(`${API}/${id}`, { method: 'DELETE' })
if (res.ok || res.status === 204) {
setItems(prev => prev.filter(i => i.id !== id))
loadData()
}
} catch (err) {
console.error('Failed to delete item:', err)
}
}
async function handleStatusChange(id: string, status: string) {
try {
const res = await fetch(`${API}/${id}`, {
method: 'PUT',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ status }),
})
if (res.ok) {
const updated = await res.json()
setItems(prev => prev.map(i => i.id === updated.id ? updated : i))
loadData()
}
} catch (err) {
console.error('Failed to update status:', err)
}
}
return {
items,
stats,
loading,
handleCreate,
handleUpdate,
handleDelete,
handleStatusChange,
}
}

462
admin-compliance/app/sdk/security-backlog/page.tsx
View File

@@ -1,452 +1,40 @@
'use client'
import React, { useState, useEffect } from 'react'
import { useSDK } from '@/lib/sdk'
// =============================================================================
// TYPES
// =============================================================================
interface SecurityItem {
id: string
title: string
description: string | null
type: 'vulnerability' | 'misconfiguration' | 'compliance' | 'hardening'
severity: 'critical' | 'high' | 'medium' | 'low'
status: 'open' | 'in-progress' | 'resolved' | 'accepted-risk'
source: string | null
cve: string | null
cvss: number | null
affected_asset: string | null
assigned_to: string | null
created_at: string
due_date: string | null
remediation: string | null
}
interface Stats {
open: number
in_progress: number
critical: number
high: number
overdue: number
total: number
}
interface NewItem {
title: string
description: string
type: string
severity: string
source: string
cve: string
cvss: string
affected_asset: string
assigned_to: string
remediation: string
}
const EMPTY_NEW_ITEM: NewItem = {
title: '',
description: '',
type: 'vulnerability',
severity: 'medium',
source: '',
cve: '',
cvss: '',
affected_asset: '',
assigned_to: '',
remediation: '',
}
// =============================================================================
// COMPONENTS
// =============================================================================
function SecurityItemCard({
item,
onEdit,
onDelete,
onStatusChange,
}: {
item: SecurityItem
onEdit: (item: SecurityItem) => void
onDelete: (id: string) => void
onStatusChange: (id: string, status: string) => void
}) {
const typeLabels = {
vulnerability: 'Schwachstelle',
misconfiguration: 'Fehlkonfiguration',
compliance: 'Compliance',
hardening: 'Haertung',
}
const typeColors = {
vulnerability: 'bg-red-100 text-red-700',
misconfiguration: 'bg-orange-100 text-orange-700',
compliance: 'bg-purple-100 text-purple-700',
hardening: 'bg-blue-100 text-blue-700',
}
const severityColors = {
critical: 'bg-red-500 text-white',
high: 'bg-orange-500 text-white',
medium: 'bg-yellow-500 text-white',
low: 'bg-green-500 text-white',
}
const statusColors = {
open: 'bg-blue-100 text-blue-700',
'in-progress': 'bg-yellow-100 text-yellow-700',
resolved: 'bg-green-100 text-green-700',
'accepted-risk': 'bg-gray-100 text-gray-600',
}
const statusLabels = {
open: 'Offen',
'in-progress': 'In Bearbeitung',
resolved: 'Behoben',
'accepted-risk': 'Akzeptiert',
}
const isOverdue = item.due_date && new Date(item.due_date) < new Date() && item.status !== 'resolved'
return (
<div className={`bg-white rounded-xl border-2 p-6 ${
item.severity === 'critical' && item.status !== 'resolved' ? 'border-red-300' :
isOverdue ? 'border-orange-300' :
item.status === 'resolved' ? 'border-green-200' : 'border-gray-200'
}`}>
<div className="flex items-start justify-between">
<div className="flex-1">
<div className="flex items-center gap-2 mb-2">
<span className={`px-2 py-1 text-xs rounded-full ${severityColors[item.severity]}`}>
{item.severity.toUpperCase()}
</span>
<span className={`px-2 py-1 text-xs rounded-full ${typeColors[item.type]}`}>
{typeLabels[item.type]}
</span>
<span className={`px-2 py-1 text-xs rounded-full ${statusColors[item.status]}`}>
{statusLabels[item.status]}
</span>
</div>
<h3 className="text-lg font-semibold text-gray-900">{item.title}</h3>
{item.description && <p className="text-sm text-gray-500 mt-1">{item.description}</p>}
</div>
</div>
<div className="mt-4 grid grid-cols-2 gap-4 text-sm">
{item.affected_asset && (
<div>
<span className="text-gray-500">Betroffenes Asset: </span>
<span className="font-medium text-gray-700">{item.affected_asset}</span>
</div>
)}
{item.source && (
<div>
<span className="text-gray-500">Quelle: </span>
<span className="font-medium text-gray-700">{item.source}</span>
</div>
)}
{item.cve && (
<div>
<span className="text-gray-500">CVE: </span>
<span className="font-mono text-gray-700">{item.cve}</span>
</div>
)}
{item.cvss !== null && (
<div>
<span className="text-gray-500">CVSS: </span>
<span className={`font-bold ${
item.cvss >= 9 ? 'text-red-600' :
item.cvss >= 7 ? 'text-orange-600' :
item.cvss >= 4 ? 'text-yellow-600' : 'text-green-600'
}`}>{item.cvss}</span>
</div>
)}
{item.assigned_to && (
<div>
<span className="text-gray-500">Zugewiesen: </span>
<span className="font-medium text-gray-700">{item.assigned_to}</span>
</div>
)}
{item.due_date && (
<div className={isOverdue ? 'text-red-600' : ''}>
<span className="text-gray-500">Frist: </span>
<span className="font-medium">
{new Date(item.due_date).toLocaleDateString('de-DE')}
{isOverdue && ' (ueberfaellig)'}
</span>
</div>
)}
</div>
{item.remediation && (
<div className="mt-4 p-3 bg-gray-50 rounded-lg">
<span className="text-sm text-gray-500">Empfohlene Massnahme: </span>
<span className="text-sm text-gray-700">{item.remediation}</span>
</div>
)}
<div className="mt-4 pt-4 border-t border-gray-100 flex items-center justify-between">
<span className="text-xs text-gray-500">
Erstellt: {new Date(item.created_at).toLocaleDateString('de-DE')}
</span>
<div className="flex items-center gap-2">
{item.status !== 'resolved' && (
<>
<button
onClick={() => onEdit(item)}
className="px-3 py-1 text-sm text-purple-600 hover:bg-purple-50 rounded-lg transition-colors"
>
Bearbeiten
</button>
<button
onClick={() => onStatusChange(item.id, 'resolved')}
className="px-3 py-1 text-sm bg-green-50 text-green-700 hover:bg-green-100 rounded-lg transition-colors"
>
Als behoben markieren
</button>
</>
)}
<button
onClick={() => {
if (window.confirm(`"${item.title}" loeschen?`)) onDelete(item.id)
}}
className="px-2 py-1 text-sm text-red-400 hover:text-red-600 hover:bg-red-50 rounded-lg transition-colors"
>
<svg className="w-4 h-4" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path strokeLinecap="round" strokeLinejoin="round" strokeWidth={2} d="M19 7l-.867 12.142A2 2 0 0116.138 21H7.862a2 2 0 01-1.995-1.858L5 7m5 4v6m4-6v6m1-10V4a1 1 0 00-1-1h-4a1 1 0 00-1 1v3M4 7h16" />
</svg>
</button>
</div>
</div>
</div>
)
}
// =============================================================================
// MODAL
// =============================================================================
function ItemModal({
item,
onClose,
onSave,
}: {
item: NewItem
onClose: () => void
onSave: (data: NewItem) => void
}) {
const [form, setForm] = useState<NewItem>(item)
return (
<div className="fixed inset-0 bg-black/50 flex items-center justify-center z-50 p-4">
<div className="bg-white rounded-xl shadow-xl max-w-2xl w-full max-h-[90vh] overflow-y-auto">
<div className="px-6 py-4 border-b border-gray-200 flex items-center justify-between">
<h3 className="font-semibold text-gray-900">Sicherheitsbefund erfassen</h3>
<button onClick={onClose} className="text-gray-400 hover:text-gray-600">
<svg className="w-5 h-5" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path strokeLinecap="round" strokeLinejoin="round" strokeWidth={2} d="M6 18L18 6M6 6l12 12" />
</svg>
</button>
</div>
<div className="p-6 space-y-4">
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">Titel *</label>
<input
type="text"
value={form.title}
onChange={e => setForm(p => ({ ...p, title: e.target.value }))}
placeholder="Kurzbeschreibung des Befunds"
className="w-full border rounded px-3 py-2 text-sm"
/>
</div>
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">Beschreibung</label>
<textarea
value={form.description}
onChange={e => setForm(p => ({ ...p, description: e.target.value }))}
rows={3}
className="w-full border rounded px-3 py-2 text-sm"
/>
</div>
<div className="grid grid-cols-2 gap-4">
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">Typ</label>
<select value={form.type} onChange={e => setForm(p => ({ ...p, type: e.target.value }))} className="w-full border rounded px-3 py-2 text-sm">
<option value="vulnerability">Schwachstelle</option>
<option value="misconfiguration">Fehlkonfiguration</option>
<option value="compliance">Compliance</option>
<option value="hardening">Haertung</option>
</select>
</div>
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">Schweregrad</label>
<select value={form.severity} onChange={e => setForm(p => ({ ...p, severity: e.target.value }))} className="w-full border rounded px-3 py-2 text-sm">
<option value="critical">Kritisch</option>
<option value="high">Hoch</option>
<option value="medium">Mittel</option>
<option value="low">Niedrig</option>
</select>
</div>
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">Quelle</label>
<input type="text" value={form.source} onChange={e => setForm(p => ({ ...p, source: e.target.value }))} placeholder="z.B. Penetrationstest" className="w-full border rounded px-3 py-2 text-sm" />
</div>
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">Betroffenes Asset</label>
<input type="text" value={form.affected_asset} onChange={e => setForm(p => ({ ...p, affected_asset: e.target.value }))} placeholder="z.B. auth-service" className="w-full border rounded px-3 py-2 text-sm" />
</div>
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">CVE</label>
<input type="text" value={form.cve} onChange={e => setForm(p => ({ ...p, cve: e.target.value }))} placeholder="CVE-2024-XXXXX" className="w-full border rounded px-3 py-2 text-sm" />
</div>
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">CVSS Score</label>
<input type="number" step="0.1" min="0" max="10" value={form.cvss} onChange={e => setForm(p => ({ ...p, cvss: e.target.value }))} placeholder="0.0 - 10.0" className="w-full border rounded px-3 py-2 text-sm" />
</div>
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">Zugewiesen an</label>
<input type="text" value={form.assigned_to} onChange={e => setForm(p => ({ ...p, assigned_to: e.target.value }))} placeholder="Team oder Person" className="w-full border rounded px-3 py-2 text-sm" />
</div>
</div>
<div>
<label className="block text-sm font-medium text-gray-700 mb-1">Massnahme</label>
<textarea value={form.remediation} onChange={e => setForm(p => ({ ...p, remediation: e.target.value }))} rows={2} placeholder="Empfohlene Abhilfemassnahme..." className="w-full border rounded px-3 py-2 text-sm" />
</div>
</div>
<div className="px-6 py-4 border-t border-gray-200 flex justify-end gap-3">
<button onClick={onClose} className="px-4 py-2 text-sm text-gray-600 hover:bg-gray-100 rounded-lg">Abbrechen</button>
<button
onClick={() => onSave(form)}
disabled={!form.title}
className="px-4 py-2 text-sm text-white bg-purple-600 hover:bg-purple-700 rounded-lg font-medium disabled:opacity-50"
>
Speichern
</button>
</div>
</div>
</div>
)
}
// =============================================================================
// MAIN PAGE
// =============================================================================
const API = '/api/sdk/v1/compliance/security-backlog'
import React, { useState } from 'react'
import { SecurityItemCard } from './_components/SecurityItemCard'
import { ItemModal } from './_components/ItemModal'
import { useSecurityBacklog, EMPTY_NEW_ITEM } from './_hooks/useSecurityBacklog'
import type { SecurityItem } from './_hooks/useSecurityBacklog'
export default function SecurityBacklogPage() {
const { state } = useSDK()
const [items, setItems] = useState<SecurityItem[]>([])
const [stats, setStats] = useState<Stats>({ open: 0, in_progress: 0, critical: 0, high: 0, overdue: 0, total: 0 })
const [filter, setFilter] = useState<string>('all')
const [loading, setLoading] = useState(true)
const [showModal, setShowModal] = useState(false)
const [editItem, setEditItem] = useState<SecurityItem | null>(null)
useEffect(() => {
loadData()
}, [])
async function loadData() {
setLoading(true)
try {
const [itemsRes, statsRes] = await Promise.all([
fetch(`${API}?limit=200`),
fetch(`${API}/stats`),
])
if (itemsRes.ok) {
const data = await itemsRes.json()
setItems(Array.isArray(data.items) ? data.items : [])
}
if (statsRes.ok) {
const data = await statsRes.json()
setStats(data)
}
} catch (err) {
console.error('Failed to load security backlog:', err)
} finally {
setLoading(false)
}
}
async function handleCreate(form: NewItem) {
try {
const res = await fetch(API, {
method: 'POST',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
...form,
cvss: form.cvss ? parseFloat(form.cvss) : null,
}),
})
if (res.ok) {
const created = await res.json()
setItems(prev => [created, ...prev])
setStats(prev => ({ ...prev, open: prev.open + 1, total: prev.total + 1 }))
setShowModal(false)
}
} catch (err) {
console.error('Failed to create item:', err)
}
}
async function handleUpdate(form: NewItem) {
if (!editItem) return
try {
const res = await fetch(`${API}/${editItem.id}`, {
method: 'PUT',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({
...form,
cvss: form.cvss ? parseFloat(form.cvss) : null,
}),
})
if (res.ok) {
const updated = await res.json()
setItems(prev => prev.map(i => i.id === updated.id ? updated : i))
setEditItem(null)
}
} catch (err) {
console.error('Failed to update item:', err)
}
}
async function handleDelete(id: string) {
try {
const res = await fetch(`${API}/${id}`, { method: 'DELETE' })
if (res.ok || res.status === 204) {
setItems(prev => prev.filter(i => i.id !== id))
loadData() // refresh stats
}
} catch (err) {
console.error('Failed to delete item:', err)
}
}
async function handleStatusChange(id: string, status: string) {
try {
const res = await fetch(`${API}/${id}`, {
method: 'PUT',
headers: { 'Content-Type': 'application/json' },
body: JSON.stringify({ status }),
})
if (res.ok) {
const updated = await res.json()
setItems(prev => prev.map(i => i.id === updated.id ? updated : i))
loadData() // refresh stats
}
} catch (err) {
console.error('Failed to update status:', err)
}
}
const {
items,
stats,
loading,
handleCreate,
handleUpdate,
handleDelete,
handleStatusChange,
} = useSecurityBacklog()
const filteredItems = filter === 'all'
? items
: items.filter(i => i.severity === filter || i.status === filter || i.type === filter)
async function onSave(form: Parameters<typeof handleCreate>[0]) {
if (editItem) {
const ok = await handleUpdate(editItem.id, form)
if (ok) setEditItem(null)
} else {
const ok = await handleCreate(form)
if (ok) setShowModal(false)
}
}
return (
<div className="space-y-6">
{/* Header */}
@@ -578,7 +166,7 @@ export default function SecurityBacklogPage() {
remediation: editItem.remediation || '',
} : EMPTY_NEW_ITEM}
onClose={() => { setShowModal(false); setEditItem(null) }}
onSave={editItem ? handleUpdate : handleCreate}
onSave={onSave}
/>
)}
</div>