Benjamin_Boenisch/breakpilot-compliance
1
0
Fork 0
Code Issues 24 Pull Requests Actions Packages Projects Releases Wiki Activity

Merge feat/dsms-stufe2-evidence-techfile: tech-file DSMS archive with audit-trail CID

Browse Source
This commit is contained in:
Benjamin Admin
2026-05-22 12:00:22 +02:00
parent 916dec87ee 2b1fe3713a
commit 85e758b250
2 changed files with 105 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ai-compliance-sdk/internal/api/handlers/iace_handler_techfile.go
+31 -7
View File
@@ -1,6 +1,7 @@
package handlers
import (
"encoding/json"
"fmt"
"net/http"
"strings"
@@ -412,7 +413,7 @@ func (h *IACEHandler) ExportTechFile(c *gin.Context) {
c.JSON(http.StatusInternalServerError, gin.H{"error": fmt.Sprintf("PDF export failed: %v", err)})
return
}
archiveTechFile(data, fmt.Sprintf("CE-Akte-%s.pdf", safeName), projectID.String())
h.archiveTechFile(c, data, fmt.Sprintf("CE-Akte-%s.pdf", safeName), projectID)
c.Header("Content-Disposition", fmt.Sprintf(`attachment; filename="CE-Akte-%s.pdf"`, safeName))
c.Data(http.StatusOK, "application/pdf", data)
@@ -422,7 +423,7 @@ func (h *IACEHandler) ExportTechFile(c *gin.Context) {
c.JSON(http.StatusInternalServerError, gin.H{"error": fmt.Sprintf("Excel export failed: %v", err)})
return
}
archiveTechFile(data, fmt.Sprintf("CE-Akte-%s.xlsx", safeName), projectID.String())
h.archiveTechFile(c, data, fmt.Sprintf("CE-Akte-%s.xlsx", safeName), projectID)
c.Header("Content-Disposition", fmt.Sprintf(`attachment; filename="CE-Akte-%s.xlsx"`, safeName))
c.Data(http.StatusOK, "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet", data)
@@ -432,7 +433,7 @@ func (h *IACEHandler) ExportTechFile(c *gin.Context) {
c.JSON(http.StatusInternalServerError, gin.H{"error": fmt.Sprintf("DOCX export failed: %v", err)})
return
}
archiveTechFile(data, fmt.Sprintf("CE-Akte-%s.docx", safeName), projectID.String())
h.archiveTechFile(c, data, fmt.Sprintf("CE-Akte-%s.docx", safeName), projectID)
c.Header("Content-Disposition", fmt.Sprintf(`attachment; filename="CE-Akte-%s.docx"`, safeName))
c.Data(http.StatusOK, "application/vnd.openxmlformats-officedocument.wordprocessingml.document", data)
@@ -442,7 +443,7 @@ func (h *IACEHandler) ExportTechFile(c *gin.Context) {
c.JSON(http.StatusInternalServerError, gin.H{"error": fmt.Sprintf("Markdown export failed: %v", err)})
return
}
archiveTechFile(data, fmt.Sprintf("CE-Akte-%s.md", safeName), projectID.String())
h.archiveTechFile(c, data, fmt.Sprintf("CE-Akte-%s.md", safeName), projectID)
c.Header("Content-Disposition", fmt.Sprintf(`attachment; filename="CE-Akte-%s.md"`, safeName))
c.Data(http.StatusOK, "text/markdown", data)
@@ -468,7 +469,30 @@ func (h *IACEHandler) ExportTechFile(c *gin.Context) {
}
}
// archiveTechFile stores a tech-file export to DSMS (best-effort, non-blocking).
func archiveTechFile(data []byte, filename, projectID string) {
dsms.Archive(data, filename, "ce_techfile", projectID, "1")
// archiveTechFile stores a tech-file export to DSMS (best-effort, non-blocking)
// AND records the resulting CID in the IACE audit trail so the export is
// traceable. The "new_values" JSON carries the CID + filename so the audit
// timeline can later resolve the CID against the DSMS gateway for verify.
func (h *IACEHandler) archiveTechFile(c *gin.Context, data []byte, filename string, projectID uuid.UUID) {
result := dsms.Archive(data, filename, "ce_techfile", projectID.String(), "1")
if result == nil || result.CID == "" {
return
}
payload := map[string]string{
"cid": result.CID,
"filename": filename,
"size": fmt.Sprintf("%d", result.Size),
}
newValues, _ := json.Marshal(payload)
userID := rbac.GetUserID(c)
_ = h.store.AddAuditEntry(
c.Request.Context(),
projectID,
"tech_file_export",
projectID,
iace.AuditActionCreate,
userID.String(),
nil,
newValues,
)
}